The Dementia Care Coordinator (DCC) Service Evaluation: Executive summary and recommendations privacy notice
By registering to access the DCC service evaluation executive summary and recommendations, with your permission, we will be collecting the following personal data:
- Your email address
- Your role
- The location where you work.
We have collected the data about work roles and locations to give us information about who is interested in our work. We have collected email addresses for the sole purpose of contacting you – with your permission – to ask if you have used our recommendations and have any feedback for us. It is very important for us to know the impact (if any) that our study has had on dementia care and the workforce.
We take our obligations for data handling very seriously and it is therefore important for you to know that the lawful basis for us processing your information is that consent has been provided by the data subject and they have given their consent for the processing of their personal data for one or more specific purposes. If at any point after you have provided us with your personal data you decide you do not wish to be contacted or would like to update your details, please contact Dr Ruth Abrams at r.abrams@surrey.ac.uk.
We do not use the data we collect to make decisions about individuals or to analyse information on an individual level.
We collect the data about you from the form that you complete prior to downloading the recommendations based on our evaluation of the DCC service. The data is then kept in a database and used to achieve the purposes stated above.
The University processes personal data and special category data in accordance with data protection legislation and Our Data Policy Statement (PDF) (incorporating Information Security Policy).
We keep your personal data in accordance with the University’s retention schedules. This means that your data is kept for 5 years and then destroyed.
We take the security of the personal data we hold seriously. Details on university wide measures surrounding IT security can be found in the principal IT Security Policy which sets out the definition of, commitment to and requirements of Information Technology and Security.
We have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the performance of their duties.
We will not share your information with anyone outside of the DCC service evaluation team.
As an individual whose data we process (a data subject), you have certain rights in relation to the processing. Find detailed information about your rights as a data subject.
You have the right to:
- Withdraw your consent for us to process your personal data where we have relied on that consent as our basis for processing your data.
- Ask us to confirm that your personal data is being processed, gain access (i.e. have a copy) of that data, and be provided with supplemental information about the processing.
- Request that we rectify any inaccuracies where the data we hold on you is inaccurate or incomplete.
- Have your data erased by us, although in certain circumstances we may not be able to do this. The circumstances where this applies can be found in the guide to data subject rights information.
- Restrict the processing of your personal data in certain ways.
- Obtain your personal data for reuse.
- Object to certain processing of your personal data.
If you would like to exercise any of your rights please visit the University’s make a privacy request page.
Make a complaint
If you have any concerns about the way that we have handled your personal data please email the Data Protection team as we would like to have the opportunity to resolve your concerns.
If you’re still unhappy, you have the right to complain to the Information Commissioner’s Office (an independent body set up to advise on information rights for the UK) about the way in which we process your personal data.