Date of Statement: 20th March 2018

PROTON PARTNERS INTERNATIONAL LIMITED is a company incorporated and registered in England and Wales with company number 09420705 whose registered office is at Life Sciences Hub Wales, 3 Assembly Square, Cardiff, CF10 4PL. Proton Partners International Ltd are committed to protecting and respecting your privacy, and ensuring full compliance to the Data Protection Act 1998, therefore this privacy statement informs you how we process any personal data that you provide to us.

Cancer services provided by Proton Partners International Ltd are provided by its subsidiary Company The Rutherford Cancer Centres Limited, a company incorporated and registered in England and Wales with company number 10680302 whose registered office is at Life Sciences Hub Wales, 3 Assembly Square, Cardiff, CF10 4PL. Therefore, where. the term ‘we’ or ‘us’ is used, this relates to Proton Partners International Ltd and The Rutherford Cancer Centres Limited.

In relation to personal data processed within The Rutherford Cancer Centres Limited, for the purposes of the Data Protection Act 1998, the data controller is The Rutherford Cancer Centres Limited, registration number ZA269484 of Life Sciences Hub Wales, 3 Assembly Square, Cardiff, CF10 4PL.

Our nominated representative for the purpose of the Data Protection Act is our Data Protection Officer, whose contract details can be found at the end of this statement.

The confidentiality of patient information is of paramount importance to us. This privacy statement (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting (the ‘website’) you are accepting and consenting to the practices described in this policy.

Personal Data

The term ‘personal data’ relates to any information that can, or has the potential to, identify you as an individual such as your name, address, e-mail address and phone number. Information that you may provide to us that relates to a health condition, also falls under the category of ‘sensitive personal data’ under the Data Protection Act 1998. The Rutherford Cancer Centres Limited are registered with the Information Commissioner’s Office as Data Controllers and are bound to comply with the principles of the Data Protection Act 1998.

How we collect information when you contact us

Information is collected by us when you:

  • enter your information into an enquiry form on the website;
  • email enquiries to our enquiry email address;
  • telephone to enquire about our services;
  • when you are referred for consultation or treatment at our Centres; or
  • when you report a problem with the website.

When you contact us to enquire about our services, information is kept confidential and only processed for the purposes of providing you with the information you have requested.

With regard to each of your visits to our site we will automatically collect the following information:

  • technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  • ¥ information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

Information we receive from other sources. This is information we receive about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data if we intend to share those data internally and combine it with data collected on this site. We will also have told you for what purpose we will share and combine your data.

Security of information collected through the website and by email

Please note, the security of information transmitted over the internet cannot always be guaranteed therefore information entered into web forms and transmitted over the internet is not completely secure and we therefore cannot guarantee the security of personal data transmitted in this way and any transmission is at your own risk. When submitting an enquiry through a web form or by email we advise that you restrict the amount of confidential health information entered and encourage you to request us to contact you to discuss your query in more detail.

Once your personal data has been received we ensure that both technically, and operationally, we endeavour to protect your personal data to maintain the confidentiality and security of data at all times.

Information collected is held securely and only shared with those individuals who are responsible for responding to your enquiry. The Rutherford Cancer Centres Limited does not sell or transfer any personal data to commercial companies and we ask for your explicit consent before sharing information with you, about our services, that may be of interest to you.

Tracking Performance of our Website – Use of Cookies

The website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.

We use Google Analytics cookies to collect information about how visitors use our site. Cookies are small files which are stored on a user’s computer, designed to hold a small amount of data specific to a particular user and website. Using cookies allows us to collect information about how visitors use our website.

Google Analytics sets four types of first-party cookies automatically:

  • _utma
  • _utmb
  • _utmc
  • _utmz

These cookies track the number of visitors to our website, how long the website sessions last, and note where the website visitor arrived from. The information collected by these cookies is anonymised and visitors cannot be identified. We will use this information to write reports and make improvements to the website.

You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

Information collected when you access our services at our Rutherford Cancer Centres

Personal data and health information is collected and recorded electronically, and in paper form, as part of the booking and treatment process at our Rutherford Cancer Centres.

Health records are created to record care and treatment received as a patient. The type of information collected and recorded will include:

  • Personal data in relation to; your name, address, date of birth, ethnicity and contact details
  • Health information that will form part of your health record; information on your appointments, referral, diagnosis and treatment given.

Health records are created and stored under strict security and confidentiality controls which include unique system access to electronic records and physical security of hardcopy information.

Only information necessary for the arrangement and provision of treatment is collected. Information received and created is stored securely and is only accessed and shared by those involved in your treatment and care.

Roles involved in your treatment and care may include medical and administrative staff, multi-disciplinary care teams, clinical audit leads, consultants and private secretaries who are responsible for the administration of appointments.

Only the amount of personal data necessary for the administration of patient services is made available to those roles responsible for processing such data.

All consultants are self-employed independent practitioners and therefore remain responsible for the processing of data within their private practice. However, under the licence we grant to provide services within our Centres, consultants must comply with our policies and procedures and ensure the safe processing of information. They must also register as data controllers with the information commissioner’s office and therefore comply with the Data Protection Act 1998. For insured patients, certain personal and health information is shared with your insurance company in order to process payments and to comply with quality assurance.

Emailing of Patient Information

Where patients opt to receive information on their appointments and treatment by email, it is the responsibility of the patient to provide accurate and correct email addresses. We cannot safeguard information sent over the internet however information that can identify an individual will be sent as a password protected attachment. Arrangements for the sending of information by password protection will be discussed with each patient during the booking process.

How we keep information confidential

All employees are bound by contractual confidentiality clauses in employment contracts, receive mandatory training in data protection and confidentiality and process information under the direction of mandatory policies and procedures. Audits are carried out to ensure information recorded and created is accurate, up to date and kept securely.

Access to your personal information

You may request details of personal information which we hold about you under the Data Protection Act 1998. This is known as a Subject Access Request. A small fee will be payable. Requests must be submitted in writing to either the Centre Manager at the Rutherford Cancer Centre where you have accessed services, or directly to The Data Protection Officer at the address shown below.

Use of Third Parties

Within the day to day running of our organisation and provision of services, we may use third party organisations to support the essential delivery of services. These may be; IT service providers, storage & shredding companies, debt management companies. Where third party organisations are used, who may have access to personal data, we ensure that a contract is in place and security checks are undertaken. Where we or third party companies we engage with ‘process’ data (transfer, store) outside of the European Economic Area ("EEA") we ensure that appropriate security checks are undertaken and that processing is in line with the Data Protection Act 1998. Where data is processed outside of the EEA, it will be processed by staff operating outside the EEA who work for us or for third party companies engaged by us. This includes staff engaged in, among other things, the fulfilment of the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy statement.

Please note the website may, from time to time, contain links to and from the websites of third party organisations such as the NHS. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Sharing of personal data

No information will be shared with, or sent to, third parties for marketing purposes. You agree that we have the right to share your personal information as set out below.

For your benefit, we may need to share your personal data as part of your treatment and care with other healthcare organisations e.g your GP, NHS, ambulance services, and organisations who provide support services to us (diagnostic services, wellbeing services etc.). Any sharing of personal data will only be undertaken where it is deemed ‘necessary’ in relation to your care and treatment and, where such data sharing is undertaken, contracts and data sharing agreements will be in place with the 3rd party which stipulate the confidentiality and security and use of data shared. However, we will not disclose any health information without your explicit consent, unless there are exceptional circumstances, such as when there is a risk to the health or safety of you or others or where the law requires us to do so.

The right to object to the sharing of information

You have the right to object to us sharing your personal data (unless the sharing of such data is required by law). Concerns and objections to sharing of your personal data can be raised at the point of access to our services. However at any point during your care or treatment, if you have concerns over the confidentiality of your personal data you can speak to a member of the team, or write to us directly at the contact details shown below.

Use of data for Monitoring, Audit and Research

We support and participate in audit and research programmes to enable the analysis and measurement of the effectiveness of treatment. Therefore, information gathered as part of the provision of treatments may be reviewed by those responsible for internal audit programmes and, also reviewed by external regulating bodies such as Healthcare Inspectorate Wales and Care Quality Commission, during site inspections, and who are bound by confidentiality requirements. We may also share anonymised and aggregated patient information with organisations such as the National Institute for Clinical Excellence and the Cancer Registry for research or statistical purposes. Any information shared for these purposes will be fully anonymised. Where any data in connection to these purposes is ‘identifiable’, only where explicit consent has been given, will data be shared.

Our Contact Details

Our privacy statement is regularly reviewed to ensure it accurately reflects the processing of your personal data. Any changes we make to our privacy statement in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy statement.

Please address any questions, comments or requests in relation to the collection and use of personal data to:

The Data Protection Officer
Proton Partners International Ltd
Celtic Springs Business Park
Spooner Close
NP10 8FZ