Privacy Policy

This policy summarises the key points about how Make Health Human Ltd collects, uses and discloses personal data and ensures compliance with the laws and regulations throughout jurisdictions where we operate.
‍
What is personal data?
‍Personal data is information (including opinions) which relates to an individual and from which he or she can be identified either directly or indirectly through other data which the company has or is likely to have in its possession. These individuals are sometimes referred to as data subjects and include clients and employees.

Responsibilities
‍Make Health Human Ltd is responsible for ensuring its systems, processes, suppliers, and employees / subcontractors comply with relevant data protection laws and regulations in relation to information it handles. It is the responsibility of Make Health Human Ltd’s employees including subcontractors to ensure that any personal data sent or received is handled as outlined in our Data Security Policy and IT and Communications Policy. Jack Chilcott, Founder & Director of Make Health Human Ltd is the Data Protection Officer of the personal data processed by the company and is responsible for ensuring its systems, processes, suppliers and employees / subcontractors comply with data protection laws and regulations in relation to the information the company handles. The Data Protection Officer provides guidance and advice to the company as required.

All Make Health Human Ltd employees and subcontractors must abide by this policy and the policies mentioned above when handling personal data and must take part in any required security and data protection training. Any breach will be taken seriously and may result in disciplinary action.

Principles of data protection
‍The company has adopted the following principles to govern our use, collection and disclosure of personal data. These principles have been established to create a uniform standard.

‍The company’s core principles provide that personal data must:
1. be processed fairly and lawfully, and to the extent required under local law with valid and informed consent;
‍2. be obtained for specific and lawful purposes;
‍3. be kept accurate and up to date;
‍4. be adequate, relevant and not excessive in relation to the purposes for which it is used;
‍5. not be kept for longer than is necessary for the purposes for which it is used;
‍6. be processed in accordance with the rights of individuals;
‍7. be kept secure to prevent unauthorised processing and accidental loss, damage or destruction;
8. not be transferred to, or accessed from, another jurisdiction where these core principles cannot be met unless it is adequately protected.

As a company the type of data we collect and process falls into one of the following categories
1. Personal data obtained and used in relation to providing digital services during the course of an engagement.
2. Personal data relating to our employees and subcontractors obtained during any recruitment process.
3. Participants in any promotional events or activities.

Types of data
1. Personal data such as name, address, contact details, education and employment history.
2. Background checks (financial and criminal), ID and right to work status.
3. Information relating to next of kin, and dependants.
4. Financial information, including bank details and identifiers (for example, National Insurance numbers).
5. If required, there may also be a need to process data revealing potentially sensitive personal information such as health details, ethnicity, religious beliefs and information about offences and/or alleged offences.
6. Information processed for relationship management and service opening procedures such as name, business information and identification documentation.
7. We discourage the use of personal email addresses and will insist clients provide work contact information during the course of an engagement.
8. Additional personal data may be collected for a specific service delivery, but must be encrypted in transit.

Additional data may also be processed where it is provided by you. For example in correspondence, in connection with an event, or in letting us know what services you are interested in and when you wish to be contacted by us. This may include business information (e.g. email address, job title, company name), and data such as dietary requirements which may reveal information about your health or religious beliefs. The company website may also collect digital identifiers such as an IP addresses.

Data collection
Personal data may be collected from a number of sources including:
1. enquiry forms, application forms, and/or CVs;
2. third party providers of background checks and referees;
3. providers of occupational health services;
4. notes and records kept throughout employee / subcontractor employment; including absences, expenses claims, questionnaires, performance reviews and details of any grievances / disciplinary action;
5. emails or calls.

Relationship management and service opening information is collected from you directly and further information (e.g. to verify your identity) may be collected from third parties, such as publicly available sources.

Data use
Where relevant, personal data will be used:
1. for Human Resources administration;
2. in assessing suitability, eligibility and / or fitness to work;
3. for learning and development;
4. to ensure the firm’s information and offices are secure;
5. for management purposes (including, where necessary, for disciplinary purposes);
6. in company marketing and promotional materials, including the company website (e.g. employee / subcontractor photographs, education and career information).
7. to complete any request made for information around services, communications events or marketing updates in line with your preferences.

Relationship and finanicial management data is used for: providing services administration, commercial purposes (e.g. creditworthiness), and as required by law (e.g. anti-money laundering). All other personal data will be used for the purposes of providing services and to comply with our statutory/ regulatory obligations.

Disclosure
Your personal data:
1. may be stored within the Make Health Human Ltd information systems and within third party software applications and services which have been procured to support the operation of any Human Resources function;
2. may be transferred to other third parties such as insurers, legal and other professional advisors, regulators, administrators and government departments, who may be acting as data controllers.
3. will not be transferred to our partners, or to service providers who support the operation of the business, unless required for provision of services. In such instances, the data transferred to any service provider supporting the operation of the business will be limited to that which is required to provide such services and will be adequately protected. In such cases, any data that is transferred between Make Health Human Ltd, its clients and any third party suppliers will be encrypted and deleted after use;
4. will not be given to other third parties, apart from in limited circumstances such as, where a joint event is being run you have signed up for.

Data retention
Personal data for will be stored for the following time periods:
1. Data gathered prior to employment for recruitment purposes: 2 years from original application;
‍2. Data gathered from employment commencement date: continuous whilst employed;
‍3. Data stored once employment has terminated: 2 years from date of termination;
4. Participants in our events and other promotional activities: 2 years from receipt.
5. Personal data obtained and used in relation to providing services during the course of an engagement: 2 years from receipt.

If you require data to be deleted from our systems before these time periods have lapsed, then you must request this in writing by email or letter using the contact information provided below. You may request the removal of your information at anytime.‍

Individuals’ rights
Personal data must be processed in line with individuals’ rights, including the right to:
1. request a copy of their personal data;
2. request that their inaccurate personal data is corrected;
3. request that their personal data is deleted and destroyed if causing damage or distress;
4. opt out of receiving electronic communications from the company.

Should you wish to make a request in line with your rights as an individual, please do so in writing by email or letter using the contact information provided below. Employees / subcontractors must notify or inform the Data Protection Officer immediately if they receive a request in relation to personal data which the company processes.

How to make a complaint
Any complaints relating to how the firm has processed your personal data should be directed to the Data Protection Officer. Employees / subcontractors must inform the Data Protection Officer immediately if they receive a complaint relating to how the company has processed personal data so that the company complaints procedure can be followed.

Security
Information security is a key element of data protection. The company takes appropriate measures to secure personal data and protect it from loss or unauthorised disclosure or damage.

Third party processors
Make Health Human Ltd does not currently work with any third party processors.‍

Contact details
Data Protection Officer
Make Health Human Ltd
35 Chiltern Road, Aylesbury,
Buckinghamshire, HP22 6DA,
United Kingdom

email: info@makehealthhuman.com

Cookies Policy

For Make Health Human Ltd’s website to properly function, we sometimes place small data files called ‘cookies’ on your device. Most websites also do this.

What are cookies?
‍A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
‍
How do we use cookies?
‍Make Health Human Ltd uses the Squarespace platform and the following cookies on its website for the following purposes:
‍1. if you have agreed (or not) to use of cookies on this website (this information will also be stored in cookie, so you are not asked every time you visit the website);
‍2. built-in Squarespace platform analytics services which generate statistical and other information about website use by means of cookies, which are stored on users’ devices and can be used to create reports about the use of the website;
4. Squarespace will store and use this information. For more information on how Squarespace use cookies visit this site.

How to control cookies?
‍You can control and / or delete cookies as you wish. For details, see how to control cookies. You can delete all cookies that are already on your device and can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a website and some services and functionalities may not work as intended.