Great Bear Healthcare are an experienced healthcare organisation and among the UK’s leading providers of medical devices. We are committed to making a real difference to our customers’ lives with our range of high-quality products and services.
The Nightingale website is operated by Great Bear Healthcare Limited (Referred as “Nightingale” “Great Bear Healthcare”, “we”, “our”, “us” in this, Privacy Policy)
Nightingale is a specialist delivery company for all Intermittent Self Catheter (ISC) and Urology/Continence products. Great Bear Healthcare manufacture Urology products and distribute these in the UK & Ireland
Great Bear Healthcare is a private limited company registered in England and Wales under company number 2503030 and we have our registered office at 3C Robins Drive, Bridgwater, Somerset, TA6 4DL.
We have developed this privacy notice to inform you of the data we collect, what we do with your data, what we do to keep it secure as well as the rights and choices you have over your personal data.
Your personal data may be collected and received by us through several different ways.
Online or by Phone
Whatever your preferred way to contact us we will need to collect the following details:
Title, First Name, Last Name
Telephone, Mobile
Contact preferences for delivery and service updates (Phone, Email, SMS)
GP Surgery (Name and Address)
Date of Birth
Prescription Status (exemptions)
Country of Residence (if living in Scotland)
NHS Number
Electronic Prescription Service Consent
NHS Prescription Prepayment Certificate Number & Expiry Date (PPCs)
Home/Delivery Address
Contact preferences for news and surveys
Online or by Phone
We will need to collect some personal information and work information to register you as a healthcare professional:
Title, First Name, Last Name
Work Telephone, Mobile
Hospital/DN Base Details
Ward (optional)
Patient Consent to become a Dispensing Appliance Contractor
Contact preferences for news and surveys
Online or by Phone
We will need to collect some personal information and work information to register the Care Home:
Title, First Name, Last Name
Work Telephone, Mobile
Care Home Details (Name and Address)
Patient/Care Home Consent to become a Dispensing Appliance Contractor
Contact preferences for news and surveys
In addition to your registration information, we may also collect the following:
Financial Data includes bank name, sort code and account number, payment card details, VAT number.
Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this site.
Profile Data includes any purchases or orders made by you, preferences, condition type, feedback, and survey responses.
Usage Data includes information about how you use our site, products, and services.
Marketing Data includes your preferences in receiving marketing from us and your communication preferences.
Communications data including emails, telephone calls and post which you receive from us or send to us, and your preferences in receiving information and being contacted by us.
Nightingale works as a trusted partner with GPs and nurses nationwide. We are a registered provider to the NHS which means we cover all delivery charges.
Your prescription. Your way. Here’s how it works:
We will use the information you provide to tell you if:
In cases where individuals haven't provided their medical exemption status during registration, Nightingale kindly asks that they provide this information later. This contact may occur through various means, including email, SMS (text messages), or phone calls. The purpose of this contact is to obtain the necessary medical exemption information to ensure compliance with The National Health Service (Charges for Drugs and Appliances) Regulations 2015. You can also check if you're entitled to free NHS prescriptions here.
For processing to be lawful under the UK GDPR and Data Protection Act 2018, Great Bear Healthcare is obliged to identify a lawful basis before it can process personal data. The obligation requires Great Bear Healthcare to satisfy a condition under Article 6 and, where special category data (health information) is being processed, also under Article 9.
For Great Bear Healthcare purposes, the following conditions, under Article 6, for lawful processing will apply: 6(1)(b) ‘processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract’. There may be occasions when the data subject’s consent will provide the legal basis for the processing of their personal data: 6(1)(a) – Consent of the data subject.
For necessary processing of special categories, e.g., health information, the following condition, under Article 9, will apply: 9(2)(h) ‘Processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or a contract with a health professional’.
Great Bear Healthcare works with the NHS and other health and social care organisations to share information that will form part of your Integrated Care Record. The Integrated Care Record allows health and care professionals involved in your care to view your records to help them understand your needs and make the best decisions with you, and for you.
Our Nurses work together with NHS professionals to deliver drop-in clinics and home visits, advice and guidance on products, clinical education, and training. Following a visit by the Nurse, feedback will be provided to your GP and your referring Nurse.
Our Nurse can provide everything from hands on training to advice and support on a range of day to day issues you need to consider when managing your products.
The Clinical Nursing Service works in conjunction with your referring NHS or independent sector nurse to ensure you get access to the best ongoing care, advice and support with your bladder and bowel management.
OurNurses will undertake an assessment and review for all people referred to the service and then suggest an appropriate plan of care. The care package will be discussed and agreed with you and your referring Nurse.
The Nursing Service will ensure all individuals, their families and carers receive appropriate information and support, so that they are competent and confident in managing their bladder and/or bowel care.
Nightingale makes use of surveys for a variety of functions, including improvement of service provision and regulatory requirements.
Responding to surveys is entirely voluntary.
In the case of customer satisfaction surveys and research, we will primarily use the data for internal purposes. In some cases, we may publish a summary report, but this will not contain any personal data.
In the case of consultations, we will publish a summary of the consultation responses and, in some cases, the responses themselves but these will not contain any personal data.
Please note that if you choose to provide contact details, your survey response will no longer be anonymous. However, your contact details will not be disclosed, and therefore your responses will be reported anonymously, and you will not be identifiable.
We process the information internally for the above stated purpose. We don't intend to share your personal data with any third party. Any specific requests from a third party for us to share your personal data with them will be dealt with in accordance with the provisions of the data protection laws.
We will retain consultation and survey response information until our work on the subject matter of the consultation is complete.
We may also use a third-party processor, to administer surveys on our behalf, and carry out statistical analyses of the survey results in accordance with our instructions. We will always ensure that we have a contract in place with these third-party processors. This means that they cannot do anything with your personal data unless we have instructed them to do it. The third-party processors will not share your personal data with any organisation, except where we authorise them to do so. Third party processors will always have their own privacy policy which they will share with you on request.
Condition TypeTo help us offer a more personalised streamlined service, we’re asking our consumers for the medical reason leading them to use the products being supplied by Nightingale.
It’s completely optional whether you provide this information, and we will treat it confidentially; we don’t share this information with 3rd parties and it’s OK if you don’t want to provide this information. It will not affect the service you get from us if you don’t share this information. You can withdraw your Consent at any time.
We may record telephone calls you make to our customer contact centre to:
We do this in the interests of offering a good service to our customers.
If you object to this, you will need to end the call when you are told that calls may be recorded. Alternative methods of communication are available.
We will delete call recordings up to 6 months after the call was made. This ensures that any subsequent investigations can be completed.
Omni channel call managementWe us various functions to allow our customer to interact with us in the best possible way. We do this by using automation and virtual assistance to:
If you object to this, you can ask to speak to staff or use an alternative means of contacting us.
As part of our dedication to providing exceptional customer service, we utilise a live chat feature on our website. This feature allows us to offer real-time assistance and support to our customers.
How We Use Live Chat
When you consent, we will send you marketing communications and news concerning Great Bear Healthcare products, services, events, and other promotions. You can opt-out at any time after you have given your consent.
If you are an existing customer of Nightingale (for example, if you are a service user), we may use the contact details you provided to send you marketing communications about similar Nightingale products or services, where permitted by applicable law (unless you have opted out).
We use various communication channels, including email, SMS text messages, phone calls, and postal mail, to contact you. You have the right to object at any time, and we will always provide a simple way for you to inform us if you prefer not to be contacted.
You have the right to be informed about the collection and use of your personal data. We ensure we do this with our internal data protection policies and through our external website privacy notice. These are regularly reviewed and updated to ensure these are accurate and reflect our data processing activities.
You have the right to access the personal information that we hold about you in many circumstances, by making a request. This is sometimes termed ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge and aim to do so within 1 month from when your identity has been confirmed.
We would ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information.
If you would like to exercise this right, please contact us as set out below.
If any of the personal information we hold about you is inaccurate, incomplete, or out of date, you may ask us to correct it.
If you would like to exercise this right, please contact us as set out below.
You have the right to object to us processing your personal information for particular purposes, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.
You can ask us to restrict processing your data, for example where:
If you would like to exercise this right, please contact us as set out below.
You have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances. Where the right doesn’t apply, we’ll let you know why we can’t action your request.
This right may be applied where:
If you would like to exercise this right, please contact us as set out below.
The right to portability gives you the right to receive personal data you have provided to a controller in a structured, commonly used, and machine-readable format. It also gives them you the right to request that a controller transmits this data directly to another controller.
If you would like to exercise this right, please contact us as set out below.
We use plugins on our website from social media networks such as Facebook, LinkedIn, and Twitter. You can recognise these plugins by their logos. Our plugins will not collect personal data about you unless you click on these logos. If you click on them, these plugins are activated and automatically transmit data to the plugin provider.
We do not have any influence over which data these providers collect from you. If you would like more information about their data processing, this can be found in the respective privacy policies on the websites of these providers.
The personal data that we hold about you will be stored in the UK. In limited circumstances may also be transferred to or stored at a destination outside the UK or European Economic Area (EEA).
If we transfer your data to third party service providers based outside the UK or EEA, we ensure a similar degree of protection is provided to the transfer by ensuring at least one of the following safeguards is implemented:
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK or EEA.
We protect your information in the following ways:
TrainingStaff are trained to understand their duty of confidentiality and their responsibilities regarding the security of patient information both on our premises and when out in the community. Staff must undertake annual mandatory training in information governance and data security awareness.
DSP ToolkitWe are required to complete an annual assessment of compliance with Data Protection and Security. Details of the assessments can be found here. https://www.dsptoolkit.nhs.uk/organisationsearch
Access controlsAny member of staff being given access to national systems holding patient information will need a special access card called a smartcard, along with a username and password. Many of our local systems also require smartcard access.
Audit trailsWe keep an audit trail in our electronic record systems of anyone who has accessed a health record or added notes to it.
Records ManagementAll healthcare records are stored confidentially in a secure location.
Caldicott GuardianThere is a designated person named the ‘Caldicott Guardian’ whose responsibility it is to ensure that these laws are upheld.
Our Data Protection Officer is:
The DPO Centre Ltd
50 Liverpool Street
London
EC2M 7PY
Email: DPO@clinisupplies.co.uk
Phone: 0203 797 1289
Website: www.dpocentre.com
ICOThe Information Commissioner's Office (ICO) regulates data protection and privacy matters in the UK. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers such as {{ Config::get('app.name', 'Nightingale') }} are available publicly.
You can make a complaint to the ICO at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first. Your satisfaction is extremely important to us, and we will always do our very best to solve any problems you may have.
We welcome questions, comments and requests regarding this privacy policy and our processing of personal information. Please send them to the Compliance Manager, Clinisupplies Ltd, 3C Robins Drive, Bridgwater, Somerset, TA6 4DL or email us on privacy@clinisupplies.co.uk.
You can also contact our Data Protection Officer by email: DPO@clinisupplies.co.uk