The Hywel Dda University Health Board is a Data Controller and we are responsible for collecting and processing your personal information.
For specific enquiries regarding personal data which we process you can contact the Data Protection Officer:
Address: Hywel Dda University Health Board, Information Governance, IT Building, Bronglais General Hospital, Caradoc Road, Aberystwyth, SY23 1ER
Personal data is any information that relates to a person who can be directly or indirectly identified from the information. The terms “personal information” and “personal data” are used throughout this privacy notice and have the same meaning.
To ensure that the Health Board treats personal information correctly, we seek to adhere in full to the requirements of Data Protection legislation.
This privacy notice has therefore been produced to explain as clearly as possible what we do with your personal data
Hywel Dda University Health Board collects, processes and holds personal data relating to you to:
Hywel Dda University Health Board has a legal obligation to safeguard public funds and we reserve the right to check information you have provided for accuracy, in order to detect fraud. We participate in anti-fraud data matching exercises carried out by other agencies such as the National Fraud Initiative.
When we collect and use your personal information, we will ensure this is processed in accordance with at least one of the legal grounds available to us under data protection legislation:
Data protection law recognises certain "special categories" of personal information, which is information revealing racial or ethnic origin, political opinions, religious or philosophic beliefs, trade union membership, genetic information, biometric information for uniquely identifying a person, information concerning health, and information concerning a person's sex life or sexual orientation. These special categories are considered particularly sensitive and so we will only collect and use this information where one or more of the following conditions applies:
Solely automated individual decision-making - including profiling - with legal or similarly significant effects is restricted, although this restriction can be lifted in certain circumstances. You can only carry out solely automated decision-making with legal or similarly significant effects if the decision is:
If you’re using special category personal data you can only carry out processing described in Article 22(1) if:
You have the right to make a complaint about the way we have processed your personal information. To do this, contact the Information Commissioner’s Office which is the statutory body that oversees data protection law:
Email to: email@example.com
Telephone: 0303 123 1113
Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF
You can also contact our Data Protection Officer:
Telephone: 01970 635442
Post: Data Protection Officer, Information Governance, IT Building, Bronglais General Hospital, Caradoc Road, Aberystwyth, SY23 1ER
Our privacy notice is not exhaustive in regard to all aspects of how we collect and use personal information, however we are able to provide any additional information or explanation needed. Please contact the Data Protection Officer, who is the organisation’s primary point of contact, for any queries in relation to how we use your information.