Privacy notice

Voror Health Technologies Ltd (‘we’, ‘us’, ‘our’) is dedicated to protecting personal data and complies with The Data Protection Act 2018 - the UK’s implementation of the General Data Protection Regulation (GDPR).

In this section:

This privacy notice describes why, and how, we collect and use your personal data and what your rights are.

What is personal data?

Personal data we commonly collect to conduct our business activities include:

  • Financial information of staff and suppliers such as bank details.
  • Family and beneficiary details for insurance and pension planning services (names and dates of birth).
  • Professional details (career history, education, professional memberships).
  • Contact details (name, job title, contact number, email address, postal address).

Special categories

We usually do not collect special categories of personal data about individuals. In the event that we do process special categories of personal data, it is with the explicit consent of the individual unless it is obtained indirectly for legitimate purposes. Examples of special categories of personal data include:

  • Information provided to us by clients in the course of a professional engagement.
  • Dietary restrictions or access requirements when registering for in-person events that reveal religious beliefs and/or physical health information.
  • Personal identification documents that may reveal race or ethnic origin.

Personal data relating to criminal convictions

We may obtain personal data about employees, contractors or any other individual providing services for us that reveals information about criminal convictions.

How do we collect personal data?

Directly

We obtain personal data directly from individuals from:

  • Emails
  • Visits to our website
  • Business cards
  • Job applications
  • Office visits
  • Meeting attendances

We also obtain personal data directly when we are establishing a business relationship, or through performing professional services through a contract.

Indirectly

We obtain personal data indirectly from:

  • Recruitment services (such as agencies and former employers)
  • Bought-in marketing lists
  • Public registers
  • Framework agreements
  • Internet searches
  • News articles

What are the lawful bases we use for processing personal data?

In order to process personal data, we must have a lawful basis for doing so. We depend on the following lawful bases when collecting and using personal data to perform our business activities and provide our services:

  • Legal obligations and public interests: We may process personal data to meet certain regulatory and public interest obligations or mandates
  • Legitimate interests: We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable, and balanced. Examples include:
    • Direct marketing - to deliver insights and knowledge we believe is welcomed by our clients, subscribers and those who have interacted with us.
    • Provision of employee benefits such as eyecare vouchers - to raise staff morale and satisfaction.
  • Consent - we rely on your freely given consent.
  • Contract - we may process personal data in order to preform contractual obligations.

Why do we need personal data?

We will always explain our rationale for collecting personal data and maintain transparency throughout. Such reasons include:

  • Providing professional advice and delivering reports related to our professional services
  • Promoting our professional services to existing and prospective business clients
  • Travel arrangement assistance
  • Seeking qualified candidates
  • Fulfilling employment or contractual obligations

Personal data security

The measures we use to ensure personal data security include:

  • Putting in place policies and procedures to protect personal data from loss, misuse, alteration, or destruction.
  • Making sure that access to personal data is limited only to those who need access to it and that confidentiality is maintained.
  • Disposing personal data in a secure manner when we no longer require it.

Unless a different time frame applies as a result of business need or specific legal, regulatory, or contractual obligations, we will retain personal data for 12 months from the most recent engagement or processing.

Do we share personal data with third parties?

Sometimes we may share personal data with trusted third parties to help us to deliver effective and quality services. These recipients are either contractually bound to safeguard the data we entrust them or will sign an agreement to make sure that this is the case.

Recipients that we engage with include:

  • Parties that support us as we provide services (IT system support, providers of telecommunication systems, document production services and cloud-based software services).
  • Sub-contractors and partner organisations involved in delivering our professional services.
  • Professional advisers such as lawyers and insurers.
  • Recruitment service providers.
  • Law enforcement and regulatory agencies.

Do we transfer personal data outside the European Economic Area (EEA)?

We are a UK based business and operate only in the UK. In the event that we store personal data outside the EEA, we will make sure that appropriate safeguards are in place to guarantee that your rights remain enforceable (such as the EU-US Privacy Shield).

Your data protection rights

You have the following seven legal rights regarding the manner in which personal data relating to you is used:

Right of access to information

You have the right to access your personal data held about you.

Right to have information corrected

You have the right to request the correction of any personal data that is incomplete, inaccurate, or out of date.

The right to data portability

You have the right (in certain circumstances) to obtain personal data in a format to allow you to transfer it to another organisation.

The right to restrict processing

You have the right to stop, or to limit, the processing of your personal data.

The right to be forgotten

You have the right to request the deletion of personal data where there is no compelling reason for its continued processing.

The right to withdraw consent

You have the right to withdraw any consent that you have given to us in relation to our use of your personal data at any time. You also have the right to tell us to stop sending you any direct marketing materials at any time.

The right to complain

If you are unhappy about the way in which Voror Health Technologies Ltd have processed your personal data, you have a right to raise the issue or to lodge a complaint with the Information Commissioner’s Office – see https://ico.org.uk/make-a-complaint/ for more details.
You can find more information about your rights on the Information Commissioner’s Office website https://ico.org.uk/for-the-public/ If you want to exercise any of these rights, contact us.
Important: We may request specific information from you to help us to confirm your identity and therefore ensure your rights. This will help us guarantee that personal data is not disclosed to any person who has no right to receive it.

Visitors to our website

When someone visits https://voror.co.uk/:

  • We collect standard internet log information and details of visitor behaviour patterns.
  • We do this to find out things such as the number of visitors to the various parts of the sites.
  • We collect this information in a way which does not identify anyone.
  • We do not make any attempt to find out the identities of those visiting our website.
  • We will not associate any data gathered from these sites with any personally identifying information from any source.

Links to other websites

Our website (https://voror.co.uk/), and its subdomains, may provide links to other websites known as external links. This privacy notice does not cover external links to other websites. We encourage you to read the privacy statements on the other websites that you visit.
External links are selected and reviewed when the page is published. However, we are not responsible for the content of external websites we have no control over. The content on external websites can be changed without our knowledge or agreement.
Some of our external links may be to websites that also offer commercial services, such as online purchases. The inclusion of a link to an external website from our website is not an endorsement of that website or the site’s owners, their products, or services.

People who email us

Any email sent to us, including any attachments, may be monitored, and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.

Changes to our privacy notice

This privacy notice will be reviewed and updated, if needed, to reflect changes that we might make to our services or to reflect changes in the law or best practice. Any changes we make to our privacy notice in the future will be posted on this page.
This version of the privacy notice is effective from 19th October 2021.

Contact

If you have any comments or concerns regarding our privacy notice, or the manner in which Voror Health Technologies Ltd handle your personal data, or if you would like to exercise any of the rights outlined above contact us:

  • By post: Data Protection Officer, Voror Health Technologies Ltd, 13 Hanover Square, Mayfair, London, England, W1S 1HN
  • By email: info@voror.co.uk