For statutory legal purposes, we must inform you that Aintree University Hospital NHS Foundation Trust is the Data Controller processing your personal data.
The following information explains what information the Trust collects about you, why we collect it, how we use it, and your rights under the Data Protection Act 2018 and the General Data Protection Regulations (GDPR).
This is broken down into:
- Why do we collect your information?
- What information do we collect and record?
- Where do we receive information about you from?
- What if you do not provide information to us?
- Who we share information with?
- National data opt-out programme
- International Transfers
- How long do we keep your information?
- What rights do you have?
- Is there any automated processing of your information?
- Consent and withdrawal of consent
- Raising a concern
- Data Protection Act 2018
- General Data Protection Regulation (GDPR)
- Lawful basis for processing data
- Privacy Notice
- Definition of terms
The NHS Constitution
- You have the right of access to your own records and to have any factual inaccuracies corrected.
- You have the right to privacy and confidentiality and to expect the NHS to keep your confidential information safe and secure.
- You have the right to be informed about how your information is used.
- You have the right to request that your confidential information is not used beyond your own care and treatment and to have your objections considered, and where your wishes cannot be followed, to be told the reasons including the legal basis.
The NHS also commits:
- To ensure those involved in your care and treatment have access to your health information so they can care for you safely and effectively (pledge);
- To anonymise the information collected during the course of your treatment and use it to support research and improve care for others (pledge);
- Where identifiable information has to be used, to give you the chance to object wherever possible (pledge);
- To inform you of research studies in which you may be eligible to participate (pledge); and
- To share with you any correspondence sent between clinicians about your care (pledge).
How Your Information Is Used - Privacy Notice
Who are we?
Aintree University Hospital NHS Foundation Trust (‘the Trust’) is registered to collect and process personal information. For this responsibility, the Trust is known as the ‘Data Controller’.
The Trust is a large teaching hospital in Liverpool serving a population of around 330,000 in North Liverpool, South Sefton and Kirkby. Our vision is:
- to be a leading provider of the highest quality healthcare.
We provide high quality elective and emergency care services to meet the day-to-day needs of our local community. In addition, we also provide high quality specialist services including major trauma, hyper acute stroke, regional head and neck surgery, upper GI cancer, hepatobiliary and liver and specialist endocrine services. We also work with our partners to provide a range of services in community settings including diabetes, rheumatology, ophthalmology and alcohol services.
To safeguard your information and support your rights, the Trust has appointed a Data Protection Officer (‘DPO’) as your single point of access. The DPO can be contacted on:
Data Protection Officer
Aintree University Hospital NHS Foundation Trust
2nd Floor, Aintree Lodge
0151 529 6488
Email address: DPO@aintree.nhs.uk
The Trust is registered with the Information Commissioner's Office as a Data Controller reference Z9553640, as required by the Data Protection Act 2018.