As part of undertaking normal business activities, we (Blue Zinc) collect and process personal data relating to prospective clients, clients and former clients. As a data controller of this information, the organisation is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
The address and contact details of the data controller (Blue Zinc) are set out at the end of this privacy notice.
We also brought many other innovations to the market on the back of TM2 and TM3. The first live online patient appointment booking service in the industry. The first MSK specific touch screen electronic notes also followed. Secure, off site data hosting and a host of other features gained us recognition by some of the largest players in the market, as well as our strategic partnership with Physio First.
What information do we collect?
Blue Zinc collects a range of information about you in the course of undertaking their normal business activities. This may include:
Blue Zinc may collect this information in a variety of ways. For example data may be collected in our enquiry forms or over the phone during enquiries and sales process, support calls and calls with our client relationship team or via email. The majority of your personal data will be collected during the enquiries and contract processes by our sales and implementation teams.
We may also collect data about you from 3rd parties, such as referrers that you may work with. We will seek information from these 3rd parties as part of your contract should you opt to work with with any 3rd parties with whom we partner.
Why does Blue Zinc process personal data?
We need to process your data to respond to any enquiries and to fulfil any contracts we have with you.
We will need to process your personal data during the duration of the enquiry and sales process on a contractual legal basis, as at these stages it is deemed that you are considering entering into a contract with us. As a client, we will process your personal data in order to fulfil contractual terms and agreements.
In some cases, we need to process data to ensure that we are complying with legal obligations. For example, it is mandatory for us to hold invoice information for 7 years, from the date of invoice, in order to fulfil any potential obligations with HMRC or other government bodies. This processing will be applicable to both current and former clients.
Blue Zinc has a legitimate interest in processing your personal data throughout the duration of your contract. Processing data from our clients is in our commercial interests as it allows us to continuously evaluate the product and make various improvements to improve the client experience. It will also enable us to ensure we are constantly providing the level of support expected by our clients. We may also need to process data from clients to respond to or defend against a legal claim.
If you choose to end any contractual agreement you may have with us, we may continue to process your information for analytical purposes and legitimate interests for future identification purposes.
We store all personal data and other information regarding your clinic on our IT systems, including database and email systems. This is stored securely in off-site ISO27001 certified data centres with appropriate technical and organisational security measures in place, including redundancy and back up.
Who has access to data?
Your information will be shared internally across various teams in order to complete the enquiry process and/or to fulfil your contract. This includes members of our sales team, our support team, our client relationship team, our accounts team and our analytics team if access to the data is necessary for the performance of their roles.
We will only share information with 3rd parties at your request or where required by law. For example, if you wish to work with any of our partners, at your request, we will share your basic information with them to enable this.
How does Blue Zinc protect your data?
We take the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.
If your contract contains a hosted version of any of our software, we will act as processors only to this data. Under the obligations of data protection, we have policies and procedures in place to keep your data safe during the processing activity.
For how long does Blue Zinc keep data?
If a prospective client does not enter into a contractual agreement with Blue Zinc, we will hold your personal data for 2 years after the last contact from you. Our sales team may attempt to contact you intermittently throughout this retention period. If you give us consent for marketing you will be contacted via email throughout thias time. If you state that you no longer wish to be contacted by us within this time frame, we will retain only your clinic name, reference number and address in order to limit further future contact.
The organisation will hold personal data throughout the duration of your contract. With regards to your invoices, we will hold them for 7 years from the invoice date due to legal obligations. We will delete all invoice data when the 7 year retention period has elapsed.
If you choose to end your subscription for any of products we will delete or anonymise all unnecessary personal data. We will however continue to hold all invoice data for invoices issued less than 6 years ago. After all invoices have elapsed the 7 year retention period we will retain only clinic name, reference number and address for future identification purposes.
Once you have opted to end your contract we will return or delete all data you have input into our software. We will work with you to provide this data in a readable and appropriate format for future use.
As a data subject, you have a number of rights. You can:
What if you do not provide personal data?
You are under no statutory obligation to provide data to Blue Zinc. However, if you do not provide the required information we may be unable to complete the enquiries process or fulfil the contract with yourselves.
Address and contact details of the data controller (Blue Zinc)
Blue Zinc IT
Unit 4C Dill House
Castlereagh Business Park
478 Castlereagh Road
We may send a cookie which may be stored by your browser on your computer’s harddrive. We may use the information we obtain from the cookie in the administration and optimisation of our website to improve our website’s usability and for marketing purposes. We may also use that information to recognise your computer when you visit our website and to personalise our website for you.
Most browsers allow you to refuse to accept cookies (in the internet options settings). Selecting to block all cookies may affect the usability you experience on visiting many websites including this one.
We use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about website use by using cookies which are stored as mentioned above on the user’s computer, This information is used to create reports about use of our website. Google will store this information.