How we use information you give to us
This policy explains how Health Education England (referred to as 'we', ‘our’ or ‘us’ below) uses any personal data we collect from you or which you give to us and the ways we protect your privacy. Protecting the privacy and personal data of the visitors to our website www.healthcareers.nhs.uk (‘this site’) is of the utmost importance to us.
By visiting this site you are accepting and consenting to the practices described in this policy.
The Data Protection Act 1998
We are committed to meeting our obligations under the Data Protection Act 1998 (“the Act”) and protecting the rights of and freedoms of individuals protected under the Act. For the purpose of the Act, the data controller is Health Education England of 1st Floor Blenheim House, Duncombe Street, Leeds, LS1 4PL.
Information we may collect from you
We may collect and process the following data about you:
Information you give us. You may give us information about you by filling in forms on this site or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use this site, upload information to this site, or other social media functions on this site, enter a competition, promotion or survey, provide feedback on this site and when you report a problem with this site. The information you give us may include your name, address, e-mail address, phone number and date of birth;
Information we collect about you. With regard to each of your visits to this site we may automatically collect the following information:
technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from this site (including date and time); job vacancies you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call us; and
Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide eg our helpline. We are also working closely with third parties (including, for example, other , business partners, sub-contractors, advertising networks, analytics providers, and search information providers) and may receive information about you from them.
Uses made of the information
We use information held about you in the following ways:
Information you give to us. We will use this information:
to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information about career opportunites and any other information or services that you request from us;
to provide you with information about other careers information or other services we offer that are similar to those that you have already enquired about;
to provide you, or permit selected third parties to provide you, with information about careers, products or services we feel may interest you. We will only contact you by electronic means (unless you have agreed to be recontacted by post or telephone) with information about careers, products and/or services similar to those you have said you are interested in or which were the subject of a previous enquiry by you. Where we permit selected third parties to use your data, they will contact you by electronically, phone, telephone or post only if you have consented to this.
to notify you about changes and updates to our service; and/or
to ensure that content from this site is presented in the most effective manner for you and for your computer.
Information we collect about you. We will use this information:
to administer this site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
to improve this site to ensure that content is presented in the most effective manner for you and for your computer;
to allow you to participate in interactive features of our service, when you choose to do so;
as part of our efforts to keep this site safe and secure;
to make suggestions and recommendations to you and other users of this site about careers, products or services that may interest you or them.
Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive).
Disclosure of your information
We will not share your personal data with third parties for commercial purposes.
We may share your information with selected third parties including:
business partners, suppliers and sub-contractors to the extent necessary for the performance of any contract we enter into with them or you; and/or
analytics and search engine providers that assist us in the improvement and optimisation of our site.
We may disclose your personal information to third parties:
in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; or
if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions of use and other agreements; or to protect the rights, property, or safety of Health Education England, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Where we store your personal data
The data that we collect from you will not be transferred to, or stored at, any locations outside the European Economic Area.
All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of this site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to this site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
This privacy statement applies to this site only. It does not cover links within this site to other websites. If you follow a link to any third party websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to such websites.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.
Changes to the policy
If you have any questions about this privacy statement or the practices of this site, you can contact us on firstname.lastname@example.org.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing, or request that we remove you from our database, by contacting us on email@example.com.
Regulation 6(1) of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2003/2426) (2003 Regulations) as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 (SI 2011/1208) (2011 Regulations) requires website operators and other online providers that set cookies on their users' equipment to provide internet users with clear and comprehensive information about the purposes for which the cookie is stored and accessed.
For more information about cookies and the practical steps providers can take to comply with their obligations under the Regulations, see Practice notes, Cookies: UK issues (www.practicallaw.com/7-506-2678) and Complying with the new cookie regime: practical steps (www.practicallaw.com/0-517-0695).
For a sample short-form notice, see Standard document, Information about cookies: short-form notice (www.practicallaw.com/7-517-2182).
Consent to receive cookies
Cookies are small data files that most website operators place on the browser or hard drive of their user's computer. Cookies may gather information about the user's use of the website or enable the website to recognise the user as an existing customer when he returns to the website at a later date. More recently, cookies have also been used to collect information about the user which allows the website operator or a third party to create a profile of the user, his preferences and his interests for the purpose of serving the user with targeted, interest-based advertising.
Most browsers automatically accept cookies by default, but users can change those settings to block some or all cookies.
The 2011 Regulations do not include any detailed provisions on how user consent should be obtained. However, the Information Commissioner has issued guidance on the practical steps providers can take to comply with the new obligations. For more information about ways to obtain user consent, see Practice note, Complying with the new cookie regime: practical steps (www.practicallaw.com/0-517-0695).
If a user accepts cookies from the site, it might makes sense for the website operator to store that preference (for example, by setting a "cookie acceptance" cookie on the user's browser or hard drive) to avoid the need to obtain consent again when the user next visits the site. The 2003 Regulations allow website operators to make the user's access to certain web pages dependent on his acceptance of cookies. As a matter of good practice, the user should be informed, however, that restrictions on his use of the website apply if he decides to reject cookies.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.
We use the following cookies:
Strictly necessary cookies. These are cookies that are required for the operation of this site. They include, for example, cookies that enable you to log into secure areas of this site.
Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around this site when they are using it. This helps us to improve the way this site works, for example, by ensuring that users are finding what they are looking for easily.
You can find more information about the individual cookies we use and the purposes for which we use them in the table below:
Google Analytics cookie which to track visitor behaviour and measure site performance.
Approximately 2 years
This cookie determines new sessions and visits
This cookie is used in combination with the _utmb cookie to identify new sessions/visits for returning visitors.
On closure of browser
This cookie can tell site owners where visitors came from when arriving on the site.
Session Cookie SESS*
The Session cookie is used when accessing pages of the site that require username and password authentication. This cookie determines that a user is logged in. When the user logs out of the site, this cookie is removed from the browser.
On logging out of the site
End of Session
Since they do not have a direct relationship with the user, third parties (for example, advertising networks) that want to place cookies on users' equipment through a website that they do not operate themselves will find it difficult to provide users with the necessary information and to obtain valid consent. The Information Commissioner's guidance therefore raises the possibility that third parties may wish to consider including a contractual obligation into their agreements with website owners that imposes an obligation on those website owners to satisfy themselves that appropriate steps will be taken to provide information about the third-party cookies and obtain consent.
Given that they have no control over the cookies set by their advertisers, website owners should ideally reject such an obligation. Instead they should bring the fact that third parties may be given access to the website for the purpose of setting cookies to the user's attention without being seen to accept any liability for the third party's compliance with its legal obligations. For more information about third-party cookies, see Practice notes, Cookies: UK issues (www.practicallaw.com/7-506-2678) and Complying with the new cookie regime: practical steps (www.practicallaw.com/0-517-0695).
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of this site.