We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
Use of personal data in NHS Digital’s corporate email communications: GDPR information
Why and how we process your data and how NHS Digital’s communications team uses personal data in bulk email communications with the NHS and care system and your rights.
|How we use the information (processing activities)||
NHS Digital’s corporate communications team send bulk emails to people across the health and care system to help them get the best out of our products and services and stay abreast of new standards and requirements for the use of data and digital technology. We maintain email distribution lists for key groups in the health and care system (for example, GP practice staff, Chief Information Officers, and pharmacy professionals) and use these lists to distribute regular bulletins and one-off announcements. We ask people on these distribution lists to provide information about themselves to help us make these communications more useful. For example, by understanding the job roles recipients in GP practices are performing, we can tailor our emails to their needs. We also collect information about how recipients use our emails. This helps us make our emails more effective. For example, information about the number of recipients who open and click links in a bulletin shows us how useful people found it and helps us make the next bulletin more useful.
|Does this contain sensitive (special category) data such as health information?||No|
|Is data transferred outside the UK?||We use the Granicus gov.delivery platform to hold mailing list data. The servers are based in the United States and the data is protected by Standard Contractual Clauses (SCCs) which allow for data transfer from the EU to third countries.|
|How long the data is kept||We will hold your information for as long as you are using our bulletins. On an annual basis, we will contact subscribers who have not opened or clicked on a link for a consecutive period of 11 months. We will ask if they still wish to receive the bulletin. If they do, they will be directed to the subscription page to update their preferences or will be offered the opportunity to unsubscribe.|
|How can you withdraw your consent?||
Alternatively, subscribers may email email@example.com with their full name and email address and we will respond within 48 hours.
|Is the data subject to decisions made solely by computers? (automated decision making)||No|
|The legal basis for collecting this data||
If you are on a bulletin list and don’t want to be, you have the right to be removed.
Anybody can ask to be added to any of our email distribution lists. By choosing to receive our communications, you are consenting to NHS Digital collecting and using your data to improve our email communications.