How we keep your personal information safe
Max Hearing Ltd t/a Hearing Wales (incorporating B&E Morgan) (47-48 the Grove, Uplands, Swansea, SA2 0QR) is registered as a company in England and Wales (no 08124185). This Privacy Notice replaces earlier versions and is prepared in line with General Data Protection Regulation (GDPR) guidance that will apply from 25 May 2018.
What information do we collect?
We collect data on the basis of “legitimate interest” and “special category – provision of health care”. We collect personal information. Personal information is any information that can be used to identify you. This information may include your name, postal address, email address, telephone or mobile number or date of birth. We also collect your audiology data. We use this to provide you with the information, treatment, products or services in which you are interested.
As a client of Hearing Wales the data comes from you.
Keeping your information up to date
To make sure we always have the most up-to-date information about how to contact you, we may also, from time to time, update your records to reflect any changes to your personal information.
This information may come directly from you, or it may come from a third party that we consider is legitimate and trustworthy and in circumstances where it is appropriate and where you will have had a clear expectation that your details would be passed on for this purpose.
How long will we keep your information?
We will retain your data for only as long as it is reasonably necessary. Unless we explain otherwise to you, we will retain your personal data on the basis of the following guidelines:
for as long as we have a reasonable business need, such as managing our relationship with you and managing our business
for as long as we provide services and/or treatment to you and then for as long as someone could bring a claim against us (in general this is a period of 10 years); and/or
in line with professional, legal, and regulatory requirements or guidance.
We are required to hold certain data for legal and statutory reasons such as for VAT purposes.
The law allows you to withdraw your consent to any particular usage of your data at any time without needing to specify a reason. You can withdraw your consent by emailing our customer care team on firstname.lastname@example.org or by calling 0800 313 4304.
How we store your information
Your information is stored securely on our servers and within the UK and European Economic Area (EEA) only. It is not stored outside these areas. It is kept in line with the GDPRs security principle We ensure that:
the data can be accessed, altered, disclosed or deleted only by those we have authorised to do so (and that those people only act within the scope of the authority given to them);
the data we hold is accurate and complete in relation to why we are processing it; and
the data remains accessible and usable.
How we use your information
To obtain pricing for replacement hearing aids
This may include using your personal information to help gather a quote for replacement hearing aids.
2. To arrange for an audiologist to test your hearing or fit new hearing aids and provide aftercare
This may include using your personal information to identify an appropriate audiologist to assist you for the term of your new hearing aids.
We will not rent or sell your personal information to other organisations for use by them in any way, including in their own direct marketing activities.
However, where you have given us permission to contact you, we may pass on your information to external service providers to contact you on our behalf. This would be audiologists for example or occasionally manufacturers.
To let you know about products or services that we believe would be of interest to you
How will we contact you?
We will contact you regarding your quote or purchase. We will also contact you with information on advancements in hearing aid technology or related developments. We may contact you by phone/email or post. If you wish us to stop contacting you completely you can request this by contacting our customer care team on email@example.com or calling 0800 313 4304.
How we use your debit or credit card information
We take payments in person or over the phone. We do not collect this data over the internet or email. We are PCI compliant and use Payment Card Industry compliant providers to handle the transactions. We do not store any payment data, once the payment has gone through all information is immediately destroyed.
The GDPR provides the following rights for individuals:
The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling.