Privacy Policy
We, Stride Health Group Ltd. ('we', 'our' or 'us'), take your privacy and the security of your Personal Data very seriously. We are committed to safeguarding the privacy and Personal Data of our website visitors and those with whom we communicate through that website, whether by email or electronically, at all times and in the best way possible.
We collect, use and are responsible for certain Personal Data about you. When we do so, we are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) concerning services we offer to individuals in the European Economic Area (EEA).
The types of Personal Data that we may be required to manage could include information about current and past clients, suppliers, employees, and others we communicate with. This policy and any other documents within set the basis on which we will process any Personal Data we collect from Data Subjects or provided to us by Data Subjects or other sources.
The CEO has approved this policy of Stride Health Group Ltd. It sets out rules for Data Protection and the legal conditions that must be satisfied when we obtain, handle, process, transfer, and store Personal Data.
Any questions concerning the compliance of this policy or the procedure that has not been followed should be referred in the first instance to our Compliance team at privacy@getstride.com.
It would be helpful to start by explaining some key terms used in this policy:
| We, us, our | Stride Health Group Ltd. Our registered address is: 33 Lamas Road, Badersfield, Norwich, England, NR10 5FB. We are registered on the ICO Data Protection Register under registration number ZB624281. |
| Data Subject | The individual to who the Personal Data concerns. |
| Processing | Means any operation or actions performed on Personal Data, for example, collection, recording, organisation, structuring, storing, altering, deleting or otherwise using Personal Data. |
| Personal Data | Any information relating to an identified or identifiable individual. |
| Special Category Personal Data | Personal Data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership, Data concerning health, sex life or sexual orientation. |
| You and your | Refers to the person who is accessing our website and whose data is processed. |
Who we are
This policy references Stride Health Group Ltd. "we," "us", and "our" are to Stride Health Group Ltd., 33 Lamas Road, Badersfield, Norwich, England, NR10 5FB.
The Data Controller is Stride Health Group Ltd.
Data protection principles
- We will comply with the following data protection principles when processing personal information:
- We will process personal information lawfully, fairly and in a transparent manner
- We will collect personal information for specified, explicit and legitimate purposes only and will not process it in a way that is incompatible with those legitimate purposes
- We will only process the personal information that is adequate, relevant and necessary for the relevant purposes
- We will keep accurate and up-to-date personal information and take reasonable steps to ensure that inaccurate personal information is deleted or corrected without delay
- We will keep personal information in a form which permits the identification of data subjects for no longer than is necessary for the purposes for which the information is processed and
- We will take appropriate technical and organisational measures to ensure that personal information is kept secure and protected against unauthorised or unlawful processing and accidental loss, destruction or damage.
How your Personal Data is collected
We collect most of this Personal Data directly from you in person, by telephone, text, email, or via our website. When you register with us, contact us (including via email), send us feedback, purchase products or services via our website, and complete customer surveys or participate in competitions via our website.
We may also collect your information indirectly
- from publicly accessible sources, e.g., Companies House,
- directly from a third party (e.g., sanctions screening providers, credit reference agencies, customer due diligence providers, e.g., your bank or building society)
- from cookies on our website—for more information on our use of cookies, please see our cookie policy
How and why we use your Personal Data
Under data protection law, we can only use your Personal Data if we have a proper reason, e.g.:
- where you have given consent
- to comply with our legal and regulatory obligations
- for the performance of a contract with you or to take steps at your request before entering into a contract, or
- for our legitimate interests or those of a third party
A legitimate interest is when we have a business or commercial reason to use your Personal Data, so long as your own rights and interests do not override this. When relying on legitimate interests, we will carry out an assessment to balance our interests against yours. You can obtain details of this assessment by contacting us
| What do we use your Personal Data for | Our reasons |
|---|---|
| To create and manage your account with us | For our legitimate interests, i.e. to be as efficient as we can so we can deliver the best service to you at the best price OR To perform our contract with you or to take steps at your request before entering into a contract |
| Entering into an employment contract with you (See our separate Employee Privacy Policy) | For our legitimate interests, i.e. to be as efficient as we can so we can deliver the best service to you at the best price OR To perform our contract with you or to take steps at your request before entering into a contract OR To comply with our legal and regulatory obligations. |
| Providing services to you, Entering into a contract with you, |
To perform our contract with you or to take steps at your request before entering into a contract OR To comply with our legal and regulatory obligations. |
| Preventing and detecting fraud against you or us. Conducting checks to identify and verify your identity or to help prevent and detect fraud against you or us. Credit reference checks via external credit reference agencies. |
To comply with our legal and regulatory obligations. OR For our legitimate interests, i.e., to minimise fraud that could damage you and us. |
| To enforce legal rights or defend or undertake legal proceedings. | Depending on the circumstances: - to comply with our legal and regulatory obligations - in other cases, for our legitimate interests, i.e., to protect our business, interests and rights |
| Special Category Personal Data | Personal Data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership, Data concerning health, sex life or sexual orientation. |
| Communications with you not related to marketing, including about changes to our terms or policies or changes to the services or other important notices Marketing our services to: - existing and former customers - third parties who have previously expressed an interest in our services - third parties with whom we have had no previous dealings. |
Depending on the circumstances: To comply with our legal and regulatory obligations or, in other cases, for our legitimate interests, i.e., to be as efficient as possible so we can deliver the best service to you at the best prices |
| External audits and quality checks, e.g., for ISO or Investors in People accreditation and the audit of our accounts | Depending on the circumstances: For our legitimate interests, i.e., to maintain our accreditations so we can demonstrate we operate at the highest standards or To comply with our legal and regulatory obligations |
| To share your Personal Data with members of our group and third parties that will or may take control or ownership of some or all of our business (and professional advisors acting on our or their behalf) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency in such cases the information will be anonymised where possible and only shared where necessary | Depending on the circumstances: - to comply with our legal and regulatory obligations or - in other cases, for our legitimate interests, i.e., to protect, realise or grow the value of our business and assets |
| Ensuring business policies are adhered to, e.g., policies covering security and internet use. Operational reasons, such as improving efficiency, training and quality control. Statistical analysis to help us manage our business. |
For our legitimate interests, i.e., to make sure we are following our internal procedures so we can deliver the best service to you |
| Protecting the security of systems and data used to provide the services | To comply with our legal and regulatory obligations We may also use your Personal Data to ensure the security of systems and data to a standard that goes beyond our legal obligations, and in those cases, our reasons are for our legitimate interests, i.e., to protect systems and data and to prevent and detect criminal activity that could be damaging for you and us |
| Updating and enhancing customer records, | Depending on the circumstances: - to perform our contract with you or to take steps at your request before entering into a contract or - to comply with our legal and regulatory obligations or - for our legitimate interests, e.g., making sure that we can keep in touch with our customers about existing orders and new products |
Where we process Special Category Personal Data, we will also ensure we are permitted to do so under data protection laws, e.g., we have your explicit consent the processing is necessary to protect your (or someone else's) vital interests where you are physically or legally incapable of giving consent or the processing is necessary to establish, exercise or defend legal claims.
Who we share your Personal Data with
We may disclose your Personal Data if we need to do so to comply with any legal or regulatory obligation or request or where we have a legitimate interest in doing so, such as to enforce or apply our contract, to investigate potential breaches, or to protect the rights, property or safety of Stride Health Group Ltd. This may include exchanging information for fraud protection and credit risk reduction with other companies and organisations.
Who we share your personal information with. We will only share your personal information with Your authorised representatives and Other third parties with whom we deal and that have a legitimate interest in collecting your personal information for management, planning and organisation of work. In addition, we will share personal information with law enforcement or other authorities if applicable law requires.
How we keep your information safe
The security of your personal information is very important to us. We protect all Personal Data we hold and ensure we have appropriate organisational and technical measures in place to prevent unauthorised access or unlawful processing of Personal Data and to prevent Data from being lost, destroyed, or damaged.
We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We also have procedures to deal with suspected data security breaches. For example, we will notify you and the Information Commissioners' Office of a suspected data security breach where we are legally required to do so.
Please contact us if you have any queries or concerns about our use of your Personal Data. We hope we will be able to resolve any issues you may have.
How long do we keep your personal information
We will retain your Personal Data for as long as is reasonably necessary for the purposes explained in this Notice.
In some circumstances, we may retain your Personal Data for longer than is needed for those purposes described in this Notice. For instance: where we are required to do so under legal, regulatory, tax or accounting requirements to ensure that we have an accurate record of your dealings with us in the event of any complaints or challenges or if we reasonably believe there is a prospect of litigation relating to your relationship with us.
We maintain policies governing the creation, retention and disposal of records in our care. These policies set out our requirements for the management of records, including guidance on keeping Personal Data as current as possible, securely deleting records and irrelevant or excessive data, and storing information anonymously or in a manner which no longer identifies you.
Your Rights
- The right to access the Personal Data held about you
- The right to ask us not to process your Personal Data for marketing purposes
- The right to withdraw at any time any consent you have given to receive marketing material from us
- The right to ask us to rectify inaccurate Personal Data about you
- The right to ask for the restriction of Personal Data concerning yourself that is inaccurate, unlawfully processed, or no longer required
- The right to ask for the erasure of Personal Data concerning yourself where processing is no longer necessary or the legitimate interests we have in processing your Personal Data are overridden by your interests, rights and freedoms as the data subject
- The right to complain to the supervisory authority (the Information Commissioner's Office). You can contact the ICO
You can contact us concerning any of your rights or exercise any of those rights. To protect your privacy, we may ask you to prove your identity before we formally respond to any request. There is no charge for a request, and we will respond to the request within one month.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information. In the first instance, contact our Compliance department by sending a communication to privacy@getstride.com.
If you are dissatisfied with how we deal with your request, you can contact the Information Commissioners Office on 0303 123 1113 or at their website www.ico.org.uk
Cookies
Our website uses cookies to distinguish you from other users. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer.
We use the following types of cookies:
Strictly necessary cookies are required for the operation of our website.
Performance cookies allow us to count visitors and see how users move around our website.
Functional cookies enable us to provide enhanced functionality and personalisation of our website.
Targeting cookies are set by some of our partner websites and allow you to receive targeted advertising.
Using cookies helps us provide a good experience when you browse our website (for example, to remember your chosen territory). Cookies also allow us to collect data about your devices and how you use our website. In addition, we use data analytics to maintain and improve our website.
Strictly necessary cookies are required to access our website and cannot be switched off. You can choose whether or not to allow the other types of cookies listed above, but some of our services may not function properly if you do not allow functional cookies. Therefore, we recommend you accept all cookies for the best browsing experience.
You can find out more about exactly which cookies we use and can set or change your cookie preferences by clicking on this link:
CCTV
In some situations, we process the Personal Data of our staff, stakeholders, visitors and public members through CCTV systems. To the extent that we do so, we have set this out below. This Privacy Notice supplements the Overview section and is not intended to override it.
For GDPR, the definition of 'CCTV' includes dash-cams in company vehicles or private vehicles used in Company business. CCTV monitors our premises for the safety of visitors and staff and the security of the property. Images are retained for 30 days under ICO guidelines.
Cameras built into extra-terrestrial UAVs are not subject to the UK GDPR or associated legislation due to their function.
More information concerning our use of CCTV can be found on our stand-alone CCTV Policy by following this link [Insert Hyperlink]
Change to policy
The Company may change or update this Privacy Notice at any time.
Should we change our approach to data protection, you will be informed of these changes or made aware that we have updated the Privacy Notice so that you know which information we process and how we use this information. Where required under applicable laws, we will obtain your consent to these changes.