Privacy policy

We are committed to protecting and respecting your privacy when dealing with your personal
information.

This privacy policy sets out the basis on which any personal data we collect from you, or that you
provide to us, is used, stored, disclosed and processed by us.
Please note that where you are referred to us by the NHS or another healthcare organisation to
provide diagnostic imaging services then the NHS or other healthcare organisation will also have a
privacy policy in relation to the use of your personal data. Please read the following carefully to
understand our practices regarding your personal data, how we will treat it and your rights in relation to
that data. By providing your personal data to us or by using our services, website or other online or
digital platform(s) you are accepting or consenting to the practices as described or referred to in this
privacy policy.
Alliance Medical Limited is part of the Life Healthcare Group that operates in a number of countries
including the UK.
When we refer to ‘we’, ‘us’ and ‘our’, we mean Alliance Medical Limited and its subsidiary companies
Alliance Diagnostic Services Limited, Alliance Radiopharmacy Limited and the European Scanning
Centre (Harley Street) Limited operating in the UK and parts of the wider Life Healthcare Group where
appropriate. We are registered in England and Wales under company numbers 02128897, 04026369,
04932642 respectively.
When we refer to ‘we’, ‘us’ and ‘our’, we mean Alliance Medical Limited and its subsidiary companies
Alliance Diagnostic Services Limited, Alliance Radiopharmacy Limited and the European Scanning
Centre (Harley Street) Limited operating in the UK and parts of the wider Life Healthcare Group where
appropriate. We are registered in England and Wales under company numbers 02128897, 04026369,
04932642 respectively.

Your Personal Data

When we refer to personal data in this policy, we mean information that can or has the potential to
identify you as an individual. We may hold and use personal data about you as a customer, employee,
a patient, independent contractor, supplier of services or in any other capacity. Depending on what
services you receive from us this may include sensitive personal data such as information relating to
your health.

When do we collect personal data about you?

We may collect personal data about you if you:
  • register to be a patient or customer with us or book to receive any of our diagnostic services
  • are referred by a clinician, the NHS or any other healthcare organisation when you attend for a scan
  • you are engaged by us as an independent contractor/consultant to provide services
  • visit one of our websites
  • apply for a job with us and as part of the recruitment process
  • enquire about any of our services
  • use or request to use any of our online services
  • fill in a form or survey for us
  • carry out a transaction on our website
  • participate in a competition or promotion or marketing activity
  • make online payments
  • contact us, for example by email, telephone or social media
  • participate in interactive features on any of our websites
Please note in the interests of training and continually improving our services, calls to Alliance
Medical may be monitored or recorded.

Lawful Basis

To process your information in accordance with the data protection laws, we must establish a lawful
basis for doing so which must be at least one of the following:
  • performance of a contract
  • legal obligation
  • for the protection of our and your vital interests
  • legitimate interest and/or
  • with your consent

We process your personal information for a number of legitimate interests as set out within this
privacy policy having assessed and taken into account your interests, rights and freedoms.

The security and storage of your personal data:

Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be
used for the purpose(s) for which it was collected and in accordance with this Privacy Policy,
.applicable data protection laws, clinical records retention periods and clinical confidentiality
guidelines
Sensitive personal data related to your health will only be disclosed to those involved with your
treatment or care, or in accordance with data protection laws and guidelines of professional bodies
or for the purpose of clinical audits and research (unless you object). We will only use your sensitive
personal data for the purposes for which you have givenit to us and where we have a lawful basis
under the data protection laws to do so.

Organisational and Technical Security Measures

We have appropriate organisational and technical security measures in place to prevent unauthorised
access or unlawful processing of personal data and to prevent personal data being lost, destroyed or
damaged. We continually audit our information systems to make sure that the ongoing security is robust.
Any personal data you provide will be held for as long as is necessary having regard to the purpose
for which it was collected and in accordance with all applicable data protection laws and/or
appropriate guidance.

Transfers of Personal Data outside the European Economic Area (“EEA”)

Personal data that we collect from you may be transferred to, and stored at, a destination outside the
EEA. It may also be processed by staff operating outside the EEA who work for us or for one of our
suppliers. Where we transfer your personal data outside the EEA, we will ensure that there are
adequate protections in place for your rights, in accordance with data protection laws. By submitting
your personal data, and in providing any personal data to us, you agree to this transfer, storing or
processing. We will take all steps reasonably necessary to ensure that your information is treated
securely and in accordance with this Privacy Policy.
All personal data you provide to us is stored securely. Any payment transactions on our website will
be processed securely by third party payment processors. Where we have given you (or where you
have chosen) a password that enables you to access certain parts of our website and information
systems, you are responsible for keeping that password confidential. We ask you not to share a
password with anyone.
The transmission of information via the internet cannot be guaranteed as completely secure.
However, we ensure that any information transferred to our websites is via an encrypted connection.
Once we have received your information, we will use strict procedures and security features for
prevention of unauthorised access.
At your request, we may occasionally transfer personal information to you via email, or you may
choose to transfer information to us via email. Email is not a secure method of information
transmission; if you choose to send or receive such information via email, you do so at your own risk.

Disclosure of your personal data

We may disclose your personal data (to the extent necessary) to certain third party organisations
used to support the delivery of our services during our usual course of business. These may include
the following:
  • business partners, suppliers and sub-contractors for the performance of services we provide to
    you and in connection with the development of services and products
  • organisations providing IT systems support and hosting in relation to the IT systems on which your
    information is stored
  • third party debt collectors for the purposes of debt collection
  • delivery companies for the purposes of transportation
  • third party service providers for the purposes of storage of information and confidential
    destruction, third party marketing companies for the purpose of sending marketing emails, subject
    to obtaining appropriate consent from you.
Where a third party data processor is used, we make sure that they operate under contractual
restrictions with regard to confidentiality and security, in addition to their obligations under data
protection laws.
We may also disclose your personal data to third parties in the event that we sell or buy any business
or assets or where we are required by law to do so.

Health information collected during provision of treatment or services

Sensitive personal data (including information relating to your health) will only be disclosed to third
parties in accordance with this Privacy Policy. That includes third parties involved with your care, or
in accordance with data protection laws and guidelines of appropriate professional bodies. Where
applicable, it may be disclosed to any person or organisation who may be responsible for meeting
your expenses or their agents. It may also be provided to external service providers and regulatory
bodies (unless you object) for the purpose of clinical audit to ensure the highest standards of care
and record keeping are maintained.
Clinical professionals working with us: We share clinical information about you with our clinical
professionals as we think necessary for your care.  Clinical professionals working with us might be
our employees, or they might be independent consultants in the NHS or in private practice. In the
case of independent consultants, the consultant is the data controller of your personal data, either
alone or jointly with us and will be required to maintain their own records in accordance with data
protection laws and applicable clinical confidential guidelines and retention periods. In all
circumstances, those individual consultants will only process your personal data for the purposes set
out in this Privacy Policy or as otherwise notified to you.
Your GP: If the clinician providing your care believes it to be clinically advisable, we may also share
information about your care with your GP. If your GP requests information regarding your care or
copies of any relevant records then we may also share this information with them. You can ask us not
to do this, in which case we will respect that request if we are legally permitted to do so, but you
should be aware that it can be potentially harmful and/or detrimental to your health to deny your GP
full information about your medical history, and we strongly advise against this.
Your Insurer: We share with your medical insurer information about your treatment, its clinical
necessity and its cost, only if they are paying for all or part of your treatment with us. We provide only
the information to which they are entitled. If you raise a complaint or a claim we may be required to
share personal data with your medical insurer for the purposes of investigating any complaint/claim.
The NHS: If you are referred to us for care by the NHS, we will share the details of your treatment with
the part of the NHS that referred you to us, as necessary to perform, process and report back on that care.
Healthcare and Clinical regulators: We may be requested – and in some cases can be required – to
share certain information (including personal data and sensitive personal data) about you and your
care with healthcare and clinical regulators such as the General Medical Council, the Health and Care
Professions Council or the Care Quality Commission. For example if you make a complaint, or the
conduct of a clinician involved in your treatment is alleged to have fallen below the appropriate
standards andthe regulator wishes to conduct an investigation.

We will ensure that we do so within the framework of the law and with due respect for your privacy.

In an emergency and if you are incapacitated, we may also process your personal data (including
sensitive personal data) or make personal data available to third parties on the basis of protecting
your ‘vital interest’ (i.e. your life or your health).
We participate in national audits and initiatives to help ensure that patients are getting the best
possible outcomes from their treatment and care. The highest standards of confidentiality will be
applied to your personal data in accordance with data protection laws and confidentiality. Publishing
of this data will be in a pseudonymised, statistical format. Anonymous, pseudonymous or aggregated
data may be used by us, or disclosed to others, for research or statistical purposes.
We participate in national audits and initiatives to help ensure that patients are getting the best
possible outcomes from their treatment and care. The highest standards of confidentiality will be
applied to your personal data in accordance with data protection laws and confidentiality. Publishing
of this data will be in a pseudonymised, statistical format. Anonymous, pseudonymous or aggregated
data may be used by us, or disclosed to others, for research or statistical purposes.

Development of Patient and Customer Products and Services

As a leading diagnostic imaging provider, Alliance Medical is committed to the professional
development and training of its staff and to the development of its diagnostic imaging services to
improve the services it provides to both its customers and its patients.
To assist Alliance Medical with the above, we may use your pseudonymised/anonymised data and
share with third parties in connection with the development of new products and services including
the development of artificial intelligence tools. This pseudonymised/anonymised data may be used
for both commercial and non – commercial purposes.
We will only use this pseudonymised/anonymised data in accordance with legal agreements entered
into with third parties which set out an agreed limited purpose and where we have a lawful basis
under the data protection laws to do so.

Diagnostic Imaging Dataset (DIDs)

Information from your diagnostic test will contribute to the Diagnostic Imaging Dataset (DID).

The DID is a database that holds information on the imaging tests and scans carried out on NHS
patients. This will allow NHS Digital, as England’s national source of health and social care
information, to see how different tests are used across the country.
Nothing will ever be reported that identifies you. All information is stored securely. It is only made
available to appropriate staff, and is kept strictly confidential. However, if you do not want your
information to be stored in the DID, please tell the people who are treating you. They will make sure
your information is not copied into the DID. You may, at a later date, still decide to opt out by
contacting NHS Digital directly.

CCTV

Many of our premises are surveyed by CCTV for the purposes of security and the safe provision of
care. Images and videos may be retained for a limited period and purpose.

Your Rights

You have the following rights in relation to your personal data
  • Right of access: the right to make a written request for details of your personal information and a
    copy of that personal information
  • Right to rectification: the right to have inaccurate information about you corrected or removed
  • Right to erasure (‘right to be forgotten’): the right to have certain personal information about
    you erased
  • Right to restriction of processing: the right to request that your personal information is only used
    for restricted purposes
  • Right to object: the right to object to processing of your personal information in cases where our
    processing is based on the performance of a task carried out in the public interest or we have let
    you know the processing is necessary for ours or a third party’s legitimate interests
  • Right to data portability: the right to ask for the personal information you have made available to
    us to be transferred to you or a third party in machine- readable format
  • Right to withdraw consent: the right to withdraw any consent you have previously given us to
    handle your personal information. If you withdraw your consent, this will not affect the lawfulness
    of Alliance’s use of your personal information prior to the withdrawal of your consent and we will
    let you know if we will no longer be able to provide you your chosen product or service
  • Right in relation to automated decisions: you have the right not to be subject to a decision based
    < solely on automated processing which produces legal effects concerning you or similarly
    significantly affects you, unless it is necessary for entering into a contract with you, it is
    authorised by law or you have given your explicit consent. We will let you know when such
    decisions are made, the lawful grounds we rely on and the rights you have
Please note: Your rights are not absolute: they do not always apply in all cases and we will let you
know in our correspondence with you how and whether we will be able to comply with your request
If you want to exercise your rights in respect of your personal data, the best way to do so is to
contact us by email at dataprotectionofficer@alliance.co.uk or to write to us for the attention of the
data protection officer at the address below. In order to protect your privacy, we may ask you to prove
your identity before we take any steps in response to such a request.

The Data Protection Officer
Alliance Medical Limited
Iceni Centre
Warwick Technology Park
Warwick CV34 6DA

If you are not satisfied with how we handle your request, you can contact the Information
Commissioner’s Office on 0303 123 1113 or visit their website (http://www.ico.org.uk).

Changes to our Privacy Policy

We keep our Privacy Policy under regular review and as a result it may be amended from time to time
without notice. As a result we encourage you to review this Privacy Policy regularly. ‍
Our services
Mobile Solutions
About us
Contact us
Linkedin Facebook Instagram Youtube

© Copyright 2024 Alliance Medical Limited & Northern Europe

Home
Our services
Mobile Solutions
About us
News
Community diagnostic centres
Join us
Contact