top of page

Privacy Policy

What this policy covers

As part of the services we offer, we are required to process personal data about our staff, our service users and, in some instances, the friends or relatives of our service users and staff. “Processing” can mean collecting, recording, organising, storing, sharing or destroying data.

We are committed to being transparent about why we need your personal data and what we do with it. This information is set out in this privacy notice. It also explains your rights when it comes to your data.

This policy is intended to help you understand:

This Privacy Policy covers the information we collect about you when you use our products or services, or otherwise interact with us.

 

One Voice Consulting Limited, we and us refers to OVACtech and OVAC Group and any of our corporate affiliates.  We offer cloud computing software as a service.  We refer to all our products, together with our other services and websites as "Services" in this policy.    

This policy also explains your choices surrounding how we use information about you, which include how you can object to certain uses of information about you and how you can access and update certain information about you.  If you do not agree with this policy, do not access or use our Services or interact with any other aspect of our business.  

Where we provide the Services under contract with an organisation (for example, your employer) that organisation controls the information processed by the Services. For more information, please see Notice to End Users below. This policy does not apply to the extent we process personal information in the role of a processor on behalf of such organisations.

 

What information we collect about you

 

We collect information about you when you provide it to us, when you use our Services, and when other sources provide it to us, as further described below.  

 

Information you provide to us

We collect information about you when you input it into the Services or otherwise provide it directly to us. 

  

Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Services. For example, you provide your contact information and, in some cases, billing information, when you register for the Services. You also have the option of adding a display name, profile photo, job title, and other details to your profile information to be displayed in our Services.  We keep track of your preferences when you select settings within the Services.

Content you provide through our products: The Services include our products you use, where we collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include.

Content you provide through our websites: The Services also include our websites owned or operated by us. We collect other content that you submit to these websites, which include social media or social networking websites operated by us. For example, you provide content to us when you provide feedback or when you participate in any interactive features, surveys, contests, promotions, sweepstakes, activities or events.  

Information you provide through our support channels: The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service.  Whether you designate yourself as a technical contact, open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.

Payment Information:  We collect payment and billing information when you register for certain paid Services.  For example, we ask you to designate a billing representative, including name and contact information, upon registration.  You might also provide payment information, such as payment card details, which we collect via secure payment processing services.

Information we collect automatically when you use the Services

We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services.     

    

Your use of the Services: We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the links you click on; the type, size and filenames of attachments you upload to the Services; frequently used search terms; and how you interact with others on the Services. 

Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services.

 

We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience.  How much of this information we collect depends on the type and settings of the device you use to access the Services.  Server and data centre Service administrators can disable collection of this information via the administrator settings or prevent this information from being shared with us by blocking transmission at the local network level.   

Cookies and Other Tracking Technologies: We use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices. For more information, please see our Cookie Policy, which includes information on how to control or opt out of these cookies and tracking technologies.

Information we receive from other sources

We receive information about you from other Service users, from third-party services, from our related companies, social media platforms, public databases, and from our business and channel partners. We may combine this information with information we collect through other means described above. This helps us to update and improve our records, identify new customers, create more personalised features for you. 

Third Party Providers: We may receive information about you from third party providers of business information and publicly available sources (like social media platforms), parts of the health and care system such as local hospitals, the GP, the pharmacy, social workers, clinical commissioning groups, and other health and care professionals; Local Authority; your family or friends – with your permission; organisations we have a legal obligation to share information with i.e. for safeguarding, the CQC; the police or other law enforcement agencies if we have to by law or court order. This information could include physical mail addresses, job titles, email addresses, phone numbers, intent data (or user behaviour data), IP addresses and social media profiles, for the purposes of targeted advertising of products that may interest you, delivering personalised communications, event promotion, and profiling.

Other Partners: We receive information about you and your activities on and off the Services from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with our Services and online advertisements.   

Legal bases for processing

 

We collect and process information about you only where we have legal bases for doing so under applicable EU laws.  The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:

  1. We need it to provide you the Services, including to operate the Services, provide customer support and personalised features and to protect the safety and security of the Services.

  2. It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests;

  3. You give us consent to do so for a specific purpose; or

  4. We need to process your data to comply with a legal obligation.

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.  Where we are using your information because we or a third party (e.g., your employer, service provider or health and care provider) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.

How we use information we collect

 

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us.  Below are the specific purposes for which we use the information we collect about you.

To provide the Services and personalise your experience: We use information about you to provide the Services to you, including to process transactions with you, authenticate you when you log in, provide customer support, and operate, maintain, and improve the Services.  For example, we use the name and picture you provide in your account to identify you to other Service users. Our Services also include tailored features that personalize your experience, enhance your productivity, and improve your ability to collaborate effectively with others by automatically analysing the activities of your team to provide search results, activity feeds, notifications, connections and recommendations that are most relevant for you and your team.  Where you use multiple Services, we combine information about you and your activities to provide an integrated experience, such as to allow you to find information from one Service while searching from another or to present relevant product information as you travel across our websites. To opt out of this personalisation, please contact dataprotection@ovacgroup.com   

For research and development:  We are always looking for ways to make our Services smarter, faster, secure, integrated, and useful.  We use information and collective learnings (including feedback) about how people use our Services to troubleshoot, to identify trends, usage, activity patterns, and areas for integration and to improve our Services and to develop new products, features and technologies that benefit our users and the public. We automatically analyse and aggregate frequently used search terms to improve the accuracy and relevance of suggested topics that auto-populate when you use the search feature. In some cases, we apply these learnings across our Services to improve and develop similar features, to better integrate the Services you use, or to provide you with insights based on how others use our Services. We also test and analyse certain new features with some users before rolling the feature out to all users. 

To communicate with you about the Services: We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. 

To market, promote and drive engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you. We also communicate with you about services downtime, enhancement and upgrades. 

Customer support: We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyse crash information, and to repair and improve the Services. Where you give us express permission to do so, we share information with a third-party expert for the purpose of responding to support-related requests.

For safety and security: We use information about you and your Service use to verify accounts and activity, to detect, prevent, and respond to potential or actual security incidents and to monitor and protect against other malicious, deceptive, fraudulent or illegal activity, including violations of Service policies.

To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business. 

 

With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above.  For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.   

How we share information we collect

 

Our services promote collaboration, so this means sharing information through the Services and with certain third parties.  We share information we collect about you in the ways discussed below, including in connection with possible business transfers. We DO NOT sell your information advertisers or other third parties.

If you are receiving care from a health or care organisation, that organisation may share your NHS number with other organisations providing your care. This is so that the health and care organisations are using the same number to identify you whilst providing your care. By using the same number, the health and care organisations can work together more closely to improve your care and support.

Your NHS number is accessed through an NHS Digital service called the Personal Demographic Service (PDS). A health or care organisation sends basic information such as your name, address and date of birth to the PDS in order to find your NHS number. Once retrieved from the PDS, the NHS number is stored in our case management system. These data are retained in line with our record retention policies and in accordance with the Data Protection Act 1998, Government record retention regulations and best practice.

We will share information only to provide health and care professionals directly involved in your care access to the most up-to-date information about you. Access to information is strictly controlled, based on the role of the professional, and where the user has a direct care relationship with you.

The use of joined up information across health and social care brings many benefits. One specific example where this will be the case is the discharge of patients into social care. Delays in discharge (commonly known as bed blocking) can occur because details of social care involvement are not readily available to the staff on the hospital ward. The hospital does not know who to contact to discuss the ongoing care of a patient. The linking of social care and health information via the NHS number will help hospital staff quickly identify if social care support is already in place and who the most appropriate contact is. Ongoing care can be planned earlier in the process, because hospital staff will know who to talk to.

You have the right to object to the processing of your NHS number in this way. This will not stop you from receiving care but will result in the benefits outlined above not being realised. To help you decide, we will discuss with you how this may affect our ability to provide you with care, and any other options that you have.

If you wish to opt-out from the use of your NHS number in this way, you can contact us by phoning 01182 146 940 or by emailing dataprotection@ovacgroup.com.

How we store and secure information we collect

 

We use industry standard technical and organisational measures to secure the information we store.

While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others.

 

How long we keep information

 

The length of time information is stored depends on the type of information, as described in further detail below.  After such time, we will either delete or de-identify your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

 

Account information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services.  We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyse personal characteristics about you. 

Information you share on the Services: If your account is deactivated or disabled, some of your information and the content you have provided will remain in order to allow your team members or other users to make full use of the Services.  For example, we continue to display messages you sent to the users that received them and continue to display content you provided, but when requested details that can identify you will be removed.

Tenant accounts: If the Services are made available to you through an organisation (e.g., your care provider), we retain your information as long as required by the administrator of your account. 

Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your account.  We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.   

How to access and control your information

 

You have the right to request a copy of your information, to object to our use of your information (including for marketing purposes), to request the deletion or restriction of your information, or to request your information in a structured, electronic format.  Below, we describe the tools and processes for making these requests.  You can exercise some of the choices by logging into the Services and using settings available within the Services or your account. Where the Services are administered for you by an administrator (see "Notice to End Users" below), you may need to contact your administrator to assist with your requests first.  For all other requests, you may contact us as provided in the Contact Us section below to request assistance.

Your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep.  Where you have asked us to share data with third parties, for example, by installing third-party apps, you will need to contact those third-party service providers directly to have your information deleted or otherwise restricted.  If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.

In some cases, you may ask us to stop accessing, storing, using and otherwise processing your information where you believe we don't have the appropriate rights to do so.  For example, if you believe a Services account was created for you without your permission or you are no longer an active user, you can request that we delete your account as provided in this policy.  Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt-out of our use of your information for marketing purposes by contacting us, as provided below. 

If you no longer wish to use our Services, you or your administrator may be able to deactivate your Services account. If you can deactivate your own account, that setting is available to you in your account settings.

Cookie Policy

 

Our Services uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.

We use the following cookies

Strictly necessary cookies. These cookies and other technologies are essential in order to enable the Services to provide the feature you have requested, such as remembering you have logged in. They include, for example, cookies that enable you to log into secure areas.

Analytical/performance cookies. These cookies and similar technologies collect information on how users interact with the Services and enable us to improve how the Services operate. For example, we use Google Analytics cookies to help us understand how visitors arrive at and browse our products and website to identify areas for improvement such as navigation, user experience, and marketing campaigns.

Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

Targeting cookies.  These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

To opt-out of our use of cookies, you can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of our Services. You will not be able to opt-out of any cookies or other technologies that are “strictly necessary” for the Services.

List of cookies

 

[to follow]

 

Notice to End Users

 

Where our Services are made available to you through an organisation (e.g., your employer), that organisation is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organisation's policies. We are not responsible for the privacy or security practices of an administrator's organisation, which may be different than this policy. 

Administrators are able to:

  • require you to reset your account password;

  • restrict, suspend or terminate your access to the Services;

  • access information in and about your account;

  • access or retain information stored as part of your account;

  • install or uninstall third-party apps or other integrations 

In some cases, administrators can also:

  • restrict, suspend or terminate your account access;

  • change the email address associated with your account;

  • change your information, including profile information;

  • restrict your ability to edit, restrict, modify or delete information

Even if the Services are not currently administered to you by an organisation, if you use an email address provided by an organisation (such as your work email address) to access the Services, then the owner of the domain associated with your email address (e.g., your employer) may assert administrative control over your account and use of the Services at a later date.  You will be notified if this happens. 

If an administrator has not already asserted control over your account or access to the Services, you can update the email address associated with your account through your account settings in your profile.  Once an administrator asserts control over your account or use of the Services, you will no longer be able to change the email address associated with your account without administrator approval.

Please contact your organisation or refer to your administrator’s organisational policies for more information.

 

Contact us

Your information is controlled by One Voice Consulting Limited and OVACtech Limited.  If you have questions or concerns about how your information is handled, please direct your inquiry to dataprotection@ovacgroup.com.

 

Changes to this Privacy Policy  

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.

Info we collect about you
Legal bases for processing
How we use info we collect
How we store and secure
How long we keep info
How to access and control
Privacy Policy
How we share info we collect
Cookie Policy
Notice to end users
bottom of page