Who we are:
We are iEDapps ltd company address 125 Stocks Bank Road Mirfield UK. Our product is CEMBooks.
The term “Organisation” in the following statement refers to the NHS Trust department that the user is a member of.
What is Personal Information:
For the purposes of this Privacy Notice “Personal Information” consists of any information that relates to an identifiable individual (such as you). In relation to CEMBooks there are two sets of data that are held.
Registration details: This is your name, email address, and employing organisation. If you opt in to telephone alerts this will also include your telephone number. We have aimed to keep this to the minimum information we can.
Logs/sitreps: These are the logs/sitreps that are left using your username/login credentials. They are also classed as Personal Information and are stored on our servers.
We will only process your Personal Information when:
As part of the sign up process we will request your consent to hold your personal information required to create an account and to process the logs/sit reps that are left on the site.
How do we use your Personal Information:
We only use your data to create an account/log in for CEMBooks or to send you notifications of operational issues with CEMBooks.
To whom and where do we disclose your Personal Information:
We will not disclose, share or sell your Personal information – registration information with any third parties.
We will only contact you regarding operational notifications for CEMBooks for example password resets or site downtime and not for further marketing topics or for marketing from 3rd parties.
With relation to the information contained within logs/sit reps and GDPR definitions iEDapps acts as a data processor with Organisation/Trusts acting as data controllers. Their site administrators (“Organisational Administrator”) have access to all logs/sitreps entered on the system. You should review your Organisation/Trusts Privacy Notice about how they control the logs that are visible within CEMBooks. The visibility of the logs and sit reps within your department is controlled by the organisational or departmental administrators when they set up the department.
What do we do to keep your Personal Information secure:
Personal Information submitted to CEMBooks is held on Amazon Web Services UK servers. AWS data is held in high security UK data centres compliant with the latest data protection regulations – aws.amazon.com for more information. In the rare event of any breach of this security we would contact all users via email to inform them of this and the action taken.
What are your rights:
Your rights under GDPR include the right to access a copy of your Personal Information, the right to request the correction or the update of any inaccurate Personal Information and the right to object to the processing of your Personal Information under the conditions set out in applicable law.
You also have the right to request the erasure of your Personal Information (see next para) and, where you have consented to the processing of your Personal Information, you have the right to withdraw such consent at any time (without this withdrawal affecting the lawfulness of the processing prior to such withdrawal for example if the logs are being used as part of an ongoing investigation or enquiry). In addition you also have the right to data portability in certain cases. This is the right to request the return of the Personal Information or logs/sitreps you have provided to us and this would be in excel format if requested and free of charge.
Individuals have the Right to be forgotten where all logs can be deleted from being visible if requested by an individual (for instance on leaving the employing Trust) however a anonymised version would still be retrievable if required by the organisation – this would be held for a maximum of 5 yrs.
The process for erasure involves: direct request to the data protection officer or the Organisational Administrator in the first instance. This will be confirmed between the three parties prior to deletion.
You have the right to complain to the information commissioners office if you feel there is a problem with the way we handle your Personal Information.
Data Retention – How long we will store your Personal Information.
We will only retain your Personal Information login details for the time you are a registered user of CEMBooks and belong to one of the active departments. Logs/sitreps will be retained for 5years, with the previous 5 years data returned to the Owner (Trusts). All data is stored, and remains, in the UK.
Individual CEMBooks sites Resource Area may contain links to third party websites that are not operated by iEDapps ltd. These are not under iEDapps control and as such we are not responsible for the privacy practices or the content of any linked websites or applications.
The only cookies CEMBooks uses are session cookies for authentication. These are standard on every site that uses login authentication. They don’t store personal data (just an identifier for a session), and are deleted once the user logs out or leaves the site. They are first-party cookies, so belong to iEDapps and aren’t shared. We do not use these cookies for tracking or re-targeting.
When you register for a CEMBooks account you will be given the opportunity to opt in to operational notifications from your organisation or department. You can change these settings at any point by logging in to your account and updating your “notification” settings. You can choose to receive these as email or push notifications through the app.
The visibility of logs and sit reps that you leave on the site is determined by the level of visibility assigned to the department you are a member of by the Organisational administrator.
Children’s Personal Information
Children (by definition under 18 yrs of age) are not permitted to be users of CEMBooks and as such no Personal Information about children will be collected.
Changes to this Privacy Notice:
iEDapps may change this Privacy Notice in the future in line with future updates on data protection. The Date last updated will be displayed on this privacy notice. We will provide notification via email if any changes are material or are required by law.
Who is the data protection officer:
The data protection officer is Dr Stuart Nuttall Enquiries about this policy should be directed to the Data Protection Officer at 125 Stocks Bank Road WF14 0ES UK or email@example.com Tel 07837201193
Date of current version: 08/08/20