Client Data
(i) We hold and process Client Contact Data as a Controller, which means we must have a ‘lawful basis’ for doing so. We have set out how we use Client Contact Data along with our lawful basis in the table below.
(ii) Anywhere we are relying on legitimate interest we believe that such processing is necessary for the purposes of our legitimate interest , which in this case is to function as a business. We consider such use goes no further than a Client would reasonable expect; is likely to align with the Client’s interests (by enabling us to provide a sustainable business model) and is unlikely to be detrimental to the fundamental rights and freedoms of our Client.
To provide our services
Agreeing the parameters of the Social Prescription Programme and facilitating the set-up and managing payment
Identity Data, Contact Data, Transaction Data
Necessary for the performance of the contract for the provision of our services or taking steps necessary to enter into a contract.
To manage our relationship with you
To notify you of updates to our (or our Licensor’s) services or software or updates to our privacy notice
Identity Data, Contact Data
Necessary for the performance of the contract for the provision of our services or taking steps necessary to enter into a contract.
Administration and Dispute Resolution
We may also need to process Personal Data about you to meet our internal administration requirements and for matters such as dispute resolution.
Identity Data, Contact Data, Transaction Data
Legitimate Interest
Marketing
From time to time we might contact you by telephone or email about updates to our services, new features or functions or new products we are bringing out. Our marketing may be tailored on the basis of what we think your interests are (from looking at data collected using cookies and other similar technologies as well as past transactions and interactions). We will always include the right to opt out in any such correspondence.
Identity Data, Contact Data, Transaction Data, Profile Data, Traffic Data
Legitimate Interest
Prospective Client Data
We hold and process Prospective Client Data as a Controller, which means we must have a ‘lawful basis’ for doing so. We have set out how we use Prospective Client Data along with our lawful basis in the table below.
Responding to your requests for information (solicited marketing)
This may involve sending you information about our services if you have asked us to do so or contacting you whether by telephone or email to discuss proposals for a Social Prescription Programme.
Identity Data, Contact Data
Necessary steps to enter into a contract
Profiling and Marketing
We may carry out research online (including by looking at traffic data collected by cookies and other similar technology) and through word of mouth in order to find businesses we think might be interested in hearing about Elemental. We may use such information to make marketing calls or send an email.
We are relying on legitimate interest as our legal basis for profiling and marketing. The legitimate interest being the promotion of our business. We believe that marketing of this kind is integral to getting our product known in the correct circles, and, since the marketing communication is targeted to individuals working in the field of Social Prescription, and we will only use contact details published on business websites, we believe that this will this will not be considered invasive by the Data Subject and in this case our interests and the Data Subject’s may be aligned.
Professional User Data
(i) Any Professional User Data which we have been given by our Client (Administrative Users or Referral Agents) or which we collect on behalf of our Client to enable us to provide our Services, we hold as a Processor. Provided we are acting in accordance with our Client’s instructions, we are not required to have a lawful basis for our processing. If you would like more information about who our Client is and their lawful basis, please contact us at dpo@elementalsoftware.co and we will pass your query to our Client.
(ii) Any Professional User Data which we collect directly from a Professional User but which falls outside the scope of our services to our client, we hold as a Controller which means we must have a ‘lawful basis’ for doing so. We have set out how we use Professional User Data along with our lawful basis in the table below.
(iii) Anywhere we are relying on legitimate interest we believe that such processing is necessary for the purposes of our legitimate interest, which is in this case is to function as a business. We consider such use will go no further than a Professional User would reasonable expect; is likely to align with the Professional User’s interests (by enabling us to provide a sustainable business model) and is unlikely to be detrimental to the fundamental rights and freedoms of a Professional User.
(iv) We may also collect aggregate data about how a Professional User uses our software. This data will be anonymised and will not identify a Professional User.
Monitoring account usage
We may record usage patterns or other data we collect from your use of Elemental in order to make sure such use is in accordance with our terms of use.
Administration And Dispute Resolution
We may also need to process Personal Data about you to meet our internal administration requirements and for matters such as dispute resolution.
Marketing (profiling and direct mail)
If you have agreed that we may do so, we may contact you by email from time to time with information about our goods and services or similar goods and services which we think may be of interest to you. We may tailor these communications on the basis of information we have collected about your usage of Elemental and traffic data we’ve collected.
Patient Data
(i) Any Patient Data which we have been given by our Client (or Professional Users) or which we collect on behalf of our Client (including Professional Users) to enable us to provide our Services, we hold as a Processor. Given the nature of the services we facilitate, it is likely that this will include Special Categories of Personal Data. Provided we are acting in accordance with our Client’s instructions, we are not required to have a lawful basis for our processing. If you would like more information about who our Client is and their lawful basis, please contact us at dpo@elementalsoftware.co and we will pass your query to our Client.
(ii) Any Patient Data which we collect directly from a Patient but which falls outside the scope of our services to our Client, we hold as a Controller which means we must have a ‘lawful basis’ for doing so. We have set out how we use Patient Data along with our lawful basis in the table below. We do not envisage that any of the Patient Data which we hold as a Controller will include Special Categories of Personal Data.
(iii) Anywhere we are relying on legitimate interest we believe that such processing is necessary for the purposes of our legitimate interest, which is in this case is to function as a business. We consider such use will go no further than a Patient would reasonable expect; is likely to align with the Patient’s interests (by enabling us to provide a sustainable business model) and is unlikely to be detrimental to the fundamental rights and freedoms of a Patient.
(iv) We may also collect aggregate data about a Patient’s use of Elemental and participation in the Social Prescription Programme. This data will be anonymised and will not identify any Patient.
Monitoring account usage
We may record usage patterns or other data we collect from your use of Elemental in order to make sure such use is in accordance with our terms of use.
Administration and Dispute Resolution
We may also need to process Personal Data about you to meet our internal administration requirements and for matters such as dispute resolution.
Marketing (profiling and direct mail)
If you have agreed that we may do so, we may contact you by email from time to time with information about our goods and services or similar goods and services which we think may be of interest to you. We may tailor these communications on the basis of information we have collected about your usage of Elemental and traffic data we’ve collected.