This website uses cookies in order to offer you the most relevant information. Please accept our cookie policy to continue to the website.

Arrange a Free Telephone Consultation 0191 816 0776 or Click here

Butterfly

Privacy Notice

The purpose of this notice

In this privacy notice we explain how we will process your personal information obtained when you engage us for our services and through other interactions, for example, when you use our website https://www.neurospectrum.co.uk, interact and network with us professionally, or visit our social media pages.

It is important that you read this privacy notice, together with any other privacy notice we may provide on specific occasions, so that you are fully aware of how and why we are using your data, and what data protection rights you have.

About Neurospectrum Limited

Neurospectrum is a professional practice of private clinical psychologists, neuropsychologists, nurses, occupational therapists, psychiatrists and speech and language therapists. Neurospectrum comprises of a compassionate team of specialists with lived experience of neurodiversity each committed to delivering specialist assessment and treatment for conditions of neurodevelopment to both adults and children.

Neurospectrum will collect data most of the time from you directly for example when you make first contact via phone or email or when you visit our premises. Neurospectrum can, however, also collect information and data from other sources such as your use of the website and social media pages.

What does this notice cover:

Who we are and how to contact us

When we say we, us or our in this privacy notice, we mean Neurospectrum Limited, a company registered in England and Wales under company number 13242053 with the registered office address of 26 Chishillways, Barrasford, Hexham, England, NE48 4AE.

For the purposes of the Data Protection Legislation, we are the controller of your personal data. This means that we are responsible for deciding how we hold and use personal information about you.

Our Data Protection Officer is Dr Jake Hutchinson (Director of Clinical Services). You can contact him at jake@neurospectrum.co.uk.

Data Protection Legislation

We are committed to protecting your privacy and safeguarding your personal data. Our use of your personal data is subject to the UK General Data Protection Regulation, the UK Data Protection Act 2018 and other UK privacy laws (together UK Data Protection Legislation).

Personal data we collect

Personal data means information which relates to an identified or an identifiable individual.

Types of personal data we may collect

Examples

Identity data

title; first name; last name; date of birth; gender; images and recordings of you

Contact data

email address; home address; telephone number, school name; school address; teacher name.

Usage data

how you use and navigate our website, app and social media pages; products and services purchased; services you sign up for; events you attend or show an interest in.

Professional data

job title; name of business or organisation; professional credentials; professional contact details.

Communication data

details of enquiries submitted by you through our website, app, social media pages or emailed to us; information obtained through networking; newsletter subscription preferences; referrer details such as name, address, telephone number and referral reason.

Financial and transactional data

bank account statements; bank account details; payment card details; details of orders/ services made and processed; details of payment received/made; details of invoices received/issued.

Contract data

Details of your contracts with us.

Special categories of data

We collect certain special categories of personal data about you, including information about your health. More specifically we collect the following:

Special category of personal data

Specifics

Health data

Medical records; mental health records; medical assessment records; genetic information.

Race, ethnic origin and religion data

Medical records; mental health records; medical assessment records; genetic information.

Criminal convictions and offence data

Medical records; mental health records; medical assessment records; medico-legal reports.

The aforementioned data is collected through your interactions and engagement of us, for example, your completion of forms or from notes and information you provide to us or from your direct consent for us to obtain records.

Lawful bases for processing special categories of data

Under the Data Protection Legislation, we can only use special category personal data if we have a proper reason for doing so, for example: explicit consent, vital interests, employment etc.

We rely on explicit consent, vital interests, public health and health and social care purposes to process the special categories of data set out above. Consent shall be obtained during your engagement of us. If you decide to withdraw your consent at any stage, then you may do so by emailing us at admin@neurospectrum.co.uk.

Where you provide us with your explicit consent, we may process the following sensitive personal data for the below specific purposes:

Special category of data

Specific purposes for processing special category data

Health data

  • To support diagnostic decision making and care planning.

  • To promote safety and ensure wellbeing can be maximised.

Race, ethnic origin and religion data

  • To support diagnostic decision making and care planning.

  • To allow us to provide support and care that is tailored to

your needs.

Criminal convictions and offence data

  • To support diagnostic decision making and care planning.

  • To promote safety and ensure wellbeing can be maximised.

  • To allow us to provide support and care that is tailored to

your needs.

You have the right to withdraw consent at any time by emailing us at admin@neurospectrum.co.uk.

Anonymised data

We may also collect, use and share anonymised, aggregated data (including anonymised health and wellbeing data) for any purpose including marketing, scientific research and statistical learning purposes.

Anonymised data may be derived from your personal data but is not considered personal information in law as this information does not directly or indirectly reveal your identity. For example, we may aggregate information on how you use our Website to calculate the percentage of users accessing a specific service via the Website.

Children’s data

We provide our services to children and in the course of doing so will collect their personal data in accordance with a privacy notice suitable for the age and understanding of the relevant child.

How we collect personal data

We collect most of this information from you direct. However, we may also collect information from other sources.

Type of source

Examples

Direct interactions with you

when you contact us (e.g. by phone, email, visiting our premises); when you register your interest in our services; when you use our services; when you undergo a clinical assessment; when you participate in our user research activities (e.g. provide us with feedback or respond to our questionnaires and surveys); when you network with us (e.g. provide us with your business card or contact us via our social media); when you attend webinars we organise.

Your use of our Website, and mobile app

when you use our website, app services and interact with us on social media; when you submit an enquiry or feedback to us or complete our survey; when you sign up to our mailing list, when you post any information or materials on our app.

Automated technologies or interactions

as you interact with our website and app, we may automatically collect technical data. We collect this personal data by using cookies, server logs and other similar technologies.

Your use of our social media pages

when you follow, post on, or interact with us on our social media accounts.

From publicly accessible sources

your website; your profiles on social media platforms (e.g., LinkedIn, Facebook, Twitter); professional networking groups and databases.

Third parties

from another organisation or professional who may have made an onward referral; doctors; clinicians; health-care professionals; hospitals; clinics; schools; universities.

How and why, we use personal data

Under the Data Protection Legislation, we can only use your personal data if we have a proper reason for doing so, for example: consent, contact, legitimate interests, or legal obligation.

  1. Contract. We will use your personal data if we need to do it to perform our obligations under a contract with you, or if it is necessary for a contract which we are about to enter with you. For example, if we need to:
    • determine whether you are suitable for our services.
    • register and set you up as a new client.
    • provide our products/services to you.
    • manage our relationship with you.
    • provide ongoing care and support; and
    • make referrals to other organisations.
  2. Consent. We rely on consent as a legal basis for processing your personal data to:
    • register and set you up as a new client.
    • make a video recording of you undergoing a clinical assessment.
    • provide our products/services to you including processing your health data, race, ethnic origin and religion data and criminal convictions and offence data.
    • make referrals to other organisations.
    • send you information, newsletters or other electronic marketing communication in relation to webinars, support offerings, services and news if you are not our existing customer or if you request or
    • expressly agree to receive such communication; and
    • place cookies and similar tracking technologies on your device including third-party cookies.
    • Where your permission is required, we will clearly ask you for such consent separately from the body of this privacy notice. You have the right to withdraw consent by:
      • emailing us at admin@neurospectrum.co.uk; or
      • in case of marketing emails, by using the ‘unsubscribe’ link in our marketing emails.
        Even if we are not required to obtain your consent for marketing purposes, you can still opt-out of receiving marketing communications at any time, so you are still in control.
        From time to time, we may ask you to confirm or update your marketing preferences.
  3. Legitimate interests. We may process your personal data when we (or a third party) have a legitimate reason to use it, so long as this is not overridden by your own rights and interests. For example:
    • to manage you as a client and our relationship with you.
    • to deal with your enquiry unrelated to a contract which we may have with you.
    • to ask you to leave a review or complete a survey.
    • to send you our email updates or other electronic marketing communications if you are our existing client.
    • to measure or understand the effectiveness of services we provide to you.
    • to improve our products, services, marketing, and customer relationships.
    • for the prevention and detection of fraud and spam; and
    • for the establishment, exercise or defence of our rights under our contract with you and/or legal claims.
  4. Legal obligation. We may process your personal data to comply with our legal obligation. For example, to:
    • notify you about changes to our terms or privacy notice.
    • address your complaint.
    • comply with a request from a competent authority.
    • to cooperate with our regulators; and
    • to deal with a dispute or complaint you may have against us.
  5. Vital interests. We may process your personal data to comply with our vital interests. For example, to:
    • report where there is a risk to someone’s life.
    • report any safeguarding concerns.
  6. Public task. We may process your personal data to comply with our public task interests. For example, to:
    • provide you with our services.
    • comply with a request from a competent authority.
    • cooperate with our regulators.
    • undertake any medico-legal work; and
    • deal with any risks to public health.

Marketing

Our marketing emails

We may send you emails about our products and services if you are our existing client (on the basis of our legitimate interests) or, if you are our prospective client, when you expressly consent to receive such marketing emails.

Cookies and similar technologies

We may also use cookies and similar tracking technologies (for example tracking pixels in our marketing emails) and analytics services (such as Google Analytics) to collect information about your use of our services and your interactions with our marketing emails.

We will ask for your consent to the use of non-essential cookies, including third party cookies.

Right to withdraw consent or to object to processing

You can always ask us to stop using your personal information for marketing purposes by:

From time to time, we may ask you to confirm or update your marketing preferences.

Who we share personal data with

We may share your information with third parties for the purposes set out in this notice.

Service provision

If you are our registered user of our services, we may share your personal data with associates and other affiliated businesses who may deliver services on our behalf.

We use Anna Money as our banking provider in connection with the provision of our services. When you pay us, you will be providing your personal data (for example, bank account details) to Anna Money.

Please see their Privacy Policy.

We use Royal Mail as our delivery service provider in connection with the provision of our services. When you use our services, us you will be providing your personal data (for example, home address) to Royal Mail. Please see their Privacy Policy.

We may also use Stripea payment gateway, to process payments in connection with our services. If you pay us using Stripe or if you receive payments from us through Stripe, you will be providing your personal data (for example, details of your payment card and billing address) to Stripe. Please see their Privacy Policy.

IT and technology

We also share data with providers and developers of other IT, digital, and technology products and services, which we use to operate our business. For example, providers of the Q Interactive Neuropsychological Assessment system. We impose contractual obligations on such providers to ensure that your personal data is protected.

Other sharing

We may also:

Such data recipients will be bound by confidentiality obligations.

How long we keep personal data

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

For example:

We may also anonymise your personal data (so that it can no longer be associated with you) for analytics, research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Your rights

You have a number of rights in relation to your personal data, which allow you to access and control your information in certain circumstances. You can exercise these rights free of charge, unless your request is manifestly unfounded or excessive (in which case we may charge a reasonable administrative fee or refuse to respond to such request).

Your right

Explanation

Access

This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Rectification

The right to require us to correct any inaccuracies in your personal data.

Erasure (to be forgotten)

The right to require us to delete your personal data in certain situations.

Restriction of processing

The right to require us to restrict processing of your personal data in certain circumstances (e.g., if you contest the accuracy of the data we hold).

Data portability

The right to receive, in certain situations, the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party.

To withdraw consent

The right to withdraw your consent, if we rely on your consent to use your information.

To object

The right to object at any time to your personal data being processed for direct marketing (including profiling) or, in certain other situations, to our continued processing of your personal data (e.g., processing carried out for the purpose of our legitimate interests).

Not to be subject to automated individual decision-making

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you, or similarly significantly affects you.

If you would like to exercise any of those rights, please contact us at admin@neurospectrum.co.uk. Please let us know what right you want to exercise and the information to which your request relates.

Information security

We have appropriate security measures to prevent personal data from being accidentally lost or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Complaints

We hope that our Data Protection Officer can resolve any query or concern you may raise about our use of your information. You may contact our Data Protection Officer by using the contact methods set out in the How to contact us section of this privacy notice.

The Data Protection Legislation also gives you a right to lodge a complaint with a supervisory authority, in the country where you work, normally live or where any alleged infringement of data protection laws has occurred. The supervisory authority in the United Kingdom is the Information Commissioner, who may be contacted at https://ico.org.uk/make-a-complaint/, telephone on 0303 123 1113, or by post to: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us in the first instance.

Changes to this privacy notice

This privacy notice was last updated on 19th August 2022.

We may change this privacy notice from time to time; when we do, we will publish the new version of the privacy notice on our website. If you are our customer, we may also inform you via email or post.

Skip to content