|MAXIMUS People Services Ltd|
|The Centre for Health and Disability Assessments Ltd|
|Health Management Ltd|
|Cheviot Recruitment Ltd|
- what information we collect
- how we use that information
- whether the information is disclosed
- how we protect your privacy
People who may use the Websites include:
- our Clients or Prospective Clients (organisations who contract us to provide services)
- our Customers (the end users of our services, for example, UK citizens or our Clients’ employees)
Information we collect from you
When you contact us about the services we provide or to get information on the Website, we only collect information which we need, including:
- any questions, queries or feedback you send us about using the Website
- your email address if you send an email to us
- details you send to us in respect of any services we provide, including, for example:
- your name, address and/or email address
- your work and education history or
- information about your health or disability which is required as part of any relevant process
- information on how you use the Website or online services automatically using cookies, including the internet browser you use, the site you have come to our site from and your IP address(please see our Cookies Policy for more information).
How we use the information we collect
We use the information we collect or receive for different purposes, including to:
- improve the site by monitoring how you use it (we might also use aggregated or non-identifiable information to help with this)
- respond to any feedback or questions you send us, if you’ve asked us to
- give you information about other services if you want it
- provide services to you if you are a Customer
Sending us information about your health or disability
If you send us any sensitive personal data, including information about your health (for example, about a medical condition that you have) or your disability, we may use that information to provide the Services to our Client/s. We will do this in line with any notices provided or consent obtained from you by our Client or MAXIMUS UK and otherwise in compliance with relevant legislation (including Data Protection and Equality laws) and, where appropriate, ethical guidelines – for example those issued by the General Medical Council and Faculty of Occupational Medicine. We may also confirm the veracity of the information you send us by contacting the author of that information.
Keeping your information secure
All Customer information we hold is stored on secure servers in the EEA in line with our data retention policies and Client requirements. We have taken extensive technical and operational precautions to protect the data retained by us against unauthorised access, unlawful processing, accidental loss or destruction, damage or misuse.
Although we will do our best to protect the information we collect and store about you, we cannot guarantee the security of any information transmitted to us via the Internet.
MAXIMUS UK companies align to the international information security standard ISO27001 and maintain this certification in some of our companies.
Disclosing your information
We will not share your information with any other organisations for their own marketing, market research or commercial purposes. We may pass on the information we collect about you:
- in an anonymised way to our Client
- if we need to disclose your personal information to any law enforcement agency, court, regulator, government authority or other third party where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party
- to other parties where we identify serious concerns about your wellbeing
- to any third party or supplier for the purposes of providing the services, where you have provided consent (where appropriate)
Under Data Protection legislation you have a number of rights, for example, you can ask us:
- for a copy of the information we hold about you
- to delete information or correct any inaccuracies
- to update any out-of-date information
If we hold your information for the purposes of the services we provide on behalf of another organisation, any request you make may be more relevant to them. If you do send your request to us and we pass it to another organisation, we will let you know.
You should submit your request in writing with enough information for us to confirm your identity. If someone else makes the request on your behalf they must specifically request copies of information held by ‘MAXIMUS UK’. We may ask for more information or for you to sign a specific authority to disclose information if the request does not meet these requirements.
Please note, if you ask us to delete all data we hold about you this will result in you terminating use of our services.
You should contact us if you wish to receive information about who the data controller is for one of the services we offer.
How to contact us
You can contact our Data Protection Officer by:
Post: Data Protection Officer
c/o 202-206 Union Street, London, SE1 0LX
Links to other websites
Changes to this policy
Last updated: 16/10/2017.