At KIMS Hospital, your privacy is of the utmost importance to us. Our aim is to give full transparency on how we collect, use and share your personal information as it relates to the use of our website. We are also committed to being thoughtful about the personal information we ask you to provide and therefore only collect what we need to enable us to provide you with the care and service you deserve.
To find out more about how we process data in relation to healthcare and patient care, you can read our Fair Processing Privacy Notice.
www.kims.org.uk (our site) is a site operated by KIMS Hospital Ltd (“KIMS”; we are a company registered in England and Wales under registration number 07525422. Our registered office is the KIMS Hospital address: Newnham Court Way, Weavering, Maidstone, Kent, ME14 5FT.
What information do we collect from you?
Personal data refers to data which relates to a living individual who can be identified from the data held. We take the protection and respect of this data seriously.
We collect information that you freely choose to share with us during phone calls or through our online forms, recruitment application and enquiry forms so that we can put you in touch with the right person, whether that’s regarding a treatment or service you’re interested in or for recruitment purposes. We only ask for information that we need to provide you with our services and we will only use this information for the reason it was collected (which will have been stated at the point you submit your personal data to us) and we will only share your data with third parties if required as part of our service to you or if you’ve signed up to our marketing.
We might collect:
- First name
- Last name
- Contact number
- Email address
- Consultant details
- Information for recruitment purposes
- Visits to our website
- Enquiry information
- Information from enquiry forms or booking forms
- Information you provide in online surveys or in feedback
We use a third-party plugin called Gravity Forms to build the forms that collect the data stated above. The data captured by Gravity Forms feeds into our CRM platform, Microsoft Dynamics. The data held within Microsoft Dynamics is only ever used for the purpose of your enquiry and subsequent medical care. We will never use your data for any other purpose without your explicit consent.
Any health data you share with us during phone calls, online forms or otherwise through our website will be processed in accordance with our Fair Processing Privacy Notice.
How do we use your personal data?
The processing of your personal data is either based on your explicit consent, is necessary for us to enter into or perform a contract to which you are a party, or it is necessary to pursue our legitimate interests (such as improving our website).
We may use your personal data to:
- communicate with you
- improve our customer experience and user journey
- enter into and carry out a contract with you
- provide you with relevant information as requested by you via email or telephone
- notify you about relevant changes or important information
- check the accuracy of information you have provided to us
- support your healthcare professional, doctor or nurse
- assess and improve your experience when using our website
- conduct or analyse market research to help improve future experiences with us
- assess and improve the performance of our site and content
If you sign up to receive emails from our website, we will use the information you give us to provide the service(s) you have requested. We may occasionally contact subscribers to help us evaluate and improve the service that we offer. We will never automatically sign you up for email newsletters. You have the right to withdraw consent at any time and all of our email communication will give you the opportunity to unsubscribe after you have signed up.
If you inform us that you wish to cancel an email subscription, we will remove you from our mailing list immediately and your details will be deleted from our records. We will only keep a record of your email address for suppression purposes.
We want to make your experience with us as personal as possible. In order to do this, we may analyse your personal information to create a profile of your interests and preferences so that we can contact you (if consent has been obtained) with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. You can object to this type of profiling at any time (for more information on how to do this, see “Your rights in relation to personal data” below).
Log files allow us to record visitors’ use of the site. This site’s administrative team puts together log file information from all our visitors, which we use to make improvements to the layout of the site and to the information in it, based on the way that visitors move around it. Log files do not contain any personal information about you.
Confidentiality and security
The confidentiality of your information is of paramount concern to us. To this end, we fully comply with Data Protection Legislation and Medical Confidentiality Guidelines. To find out more about how we process data in relation to healthcare and patient care, you can read our Fair Processing Privacy Notice.
Any information you provide will be held securely and in accordance with the Data Protection Laws. Whilst we will use industry standard technology designed to keep your personal data safe, please bear in mind though that it is impossible for us to guarantee that impenetrable security measures are in place. Consequently, you acknowledge that there may be circumstances (albeit highly unlikely) in which unauthorised persons may access your personal data.
Your personal details will not normally be disclosed to third parties. In some circumstances however, we may need to disclose your personal details to a third party, for example as part of services you requested, to fulfil a request for information, or for other legitimate business reasons. Any information about you that we pass to a third party will be shared and held by that party, in accordance with the Data Protection Laws and used only to provide the services or information you have requested.
We may also disclose your personal data if we reasonably believe we are required to do so by law, regulation or other government authority or to protect the rights and property of KIMS, its affiliates or the public. We may also co-operate with law enforcement agencies in any official investigation and we may disclose your personal data to the relevant agency or authority in doing so.
You have the right to lodge a complaint with a supervisory authority at any time.
Sharing your information
- marketing service providers
- cloud-hosting and IT service providers
- government authorities and agencies, including the Health Protection Agency
- the police and other law enforcement agencies if required
- other third parties working for us, such as our solicitors, agents, auditors, and insurers
If we share your personal data, we ensure appropriate protections are in place to protect your personal data.
Your rights in relation to personal data
Here at KIMS Hospital, we try to be as open as possible on what information we hold and your related privacy rights.
Access: You can request details of your personal data we hold. We will confirm whether we are processing your personal data and provide additional details including what kind of data we have about you, where we collected it from, how we use it (including the legal basis for our processing), how long we expect to keep it, and details of any automated decision making or profiling. If you ask us, we will provide you with a copy of your personal data free of charge. We may charge you a fee to cover our administrative costs if you request multiple copies of the same data or if the requests are manifestly unfounded or excessive.
Rectification: At your request, we will correct incomplete or inaccurate parts of your personal data, although we may need to verify the accuracy of the new information you provide us.
Deletion: At your request, we will delete your personal data if:
- it’s no longer necessary to retain your personal data;
- you withdraw the consent which formed the basis of your personal data processing;
- you have successfully objected to the processing of your personal data (see below);
- your personal data was processed unlawfully; or
- we are required to delete your personal data to comply with our legal obligations.
We will review requests on a case by case basis in accordance with Data Protection Legislation.
Restriction of processing: Where we process your personal data based upon our legitimate interest (or that of a third party), you have the right to object to this processing on grounds relating to your particular situation if you feel it impacts on your fundamental rights and freedoms. You can also object to profiling for marketing purposes.
Consent: To the extent we rely on your consent to process your personal data, you have the right to withdraw any consent you may have given us at any time. We will comply with your request promptly.
To exercise your rights, please contact us at
FAO Medical Records
Newnham Ct Way
We will try to resolve any complaints you may have regarding our processing of personal data, but if you are not satisfied with our response, you also have the right to lodge a complaint with a supervisory authority at any time.
Links to other websites
Data Controller and Data Protection Officer
KIMS Hospital is a registered Data Controller with the Information Commissioner’s Office and has a Data Protection Officer, responsible ensuring your confidential information is kept safe and secure. The Data Protection Officer may be contacted at:
FAO Paul Couldrey, PCIG Consulting Ltd
c/o Quality & Governance Office, KIMS Hospital
Newnham Court Way
Kent ME14 5FT
Telephone: 01622 237 500