Skip to content

Privacy policy

The Celsus Group and its Group companies is a leading provider of medical staffing and services to the UK healthcare sector. This privacy policy applies to the Celsus Group subsidiaries identified below (“Celsus” “we” or “us”). Celsus Group Limited is the controller for Key Medical Services Ltd, Medical Staffing Ltd, TNA Medical Ltd and 111 Lifeline Ltd.

Locked Lock

We are committed to maintaining and respecting the privacy of personal information. Here we explain what types of personal information about individuals (“user” “you” or “your”) may be collected by us, how it is used, with whom it is shared and what rights apply to your personal information. This privacy policy is separate from any terms of engagement with you and it is important that you read both this privacy policy and such engagement terms carefully.

  1. Scope of this privacy policy
  2. Information collected about you
  3. How we collect information
  4. Our use of your information
  5. Cookies and other technologies
  6. Who we share your information with
  7. Transfers outside the EEA
  8. Keeping information secure
  9. Retention
  10. Your rights
  11. How to contact us
  12. Changes to this policy
  13. Purpose and lawful basis for processing of personal data

1. Scope of this privacy policy

This privacy policy applies to the collection of personal information associated with:

  • Users of our websites in particular:
  • celsusgroup.co.uk
    • Celsus Group Limited
    • (with registered office at Suite B, Second Floor, 400 Capability Green, Luton, Bedfordshire, LU1 3LU.)
  • medicalstaffing.co.uk
    • Medical Staffing Limited
    • (with registered office at Suite B, Second Floor, 400 Capability Green, Luton, Bedfordshire, LU1 3LU.)
  • keymedicalservices.co.uk
    • Key Medical Services Limited
    • (with registered office at Suite B, Second Floor, 400 Capability Green, Luton, Bedfordshire, LU1 3LU.)
  • tnamedical.co.uk
    • TNA Healthcare Limited
    • (with registered office at Suite B, Second Floor, 400 Capability Green, Luton, Bedfordshire, LU1 3LU.)
  • 111lifeline.co.uk
    • 111 Lifeline Limited
    • (with registered office at Suite B, Second Floor, 400 Capability Green, Luton, Bedfordshire, LU1 3LU.)
 
  • Users of any applications (“Apps“) we may make available from time to time) and where the identified Celsus Group company which operates that App will be the data controller of personal information collected through that App.
  • Personal information collected by us as a data controller in the usual course of business and where the Celsus Group company with whom you engage will be a controller of your personal data.
(collectively the “Services“).
 
Where you are a user of or engage with more than one Celsus Group company, then each will be a data controller of personal data collected in connection with that Service.
 
This privacy policy does not extend to any third party websites that can be accessed from our websites or Apps including, but not limited to, any links we may provide to social media websites. We are not responsible for the privacy policies or the content of such sites.
 

2. Information collected about you

Depending on the context of your interaction with us, we may collect the following information about you:
  • Contact Information: Your name, job title, address, email or phone number that you submit when communicating with us.
  • Professional Credentials Information: Your professional educational background and cv information in connection with a registration to find a clinical role with a healthcare partner.
  • Compliance Information: Information in connection with a) identity authentication, and verifying professional credentials in connection with conducting professional, regulatory, legal and right to work checks of applicants for clinical roles with healthcare partners, (including against professional identifiers such as GMC, NMC or HCPC numbers and National issued identifiers in particular tax insurance number or passport) and b) health and safety checks necessary for certain placements in clinical roles (including immunisation records and medical checks).
  • Account log-in Credentials: Your email and password where you register with us and the unique ID assigned to you on our systems.
  • Contract Information: Information related to entering into and administering our contract and business relationship with you or the organisation you represent or work for, including transaction information, performance information and financial information.
  • Service Information: Information you provide or we have access to, in connection with any support queries or complaints we receive from you or about your use of the Services and that is used to investigate or respond, or if we consider appropriate to report any matter to the relevant professional conduct or law enforcement bodies.
  • Online Information: Information associated with online identifiers we collect when you visit one of our websites or Apps. We will automatically collect information from you when use our websites or Apps. This includes technical information about your online interaction. We collect the Internet Protocol (IP) address used to connect your device to the internet and will derive your country of location and local region by reference to your IP against public sources and Google analytics. We also collect the browser type and operating system version of your device and may collect an App ID. We also receive information about the content of an online request as well as the date, times and frequency with which you access our online Services and the way you use and interact with its content.
 

3. How we collect information

The information we collect will come to us in the following ways:
  • From information given to us by you when you:
    • Register or complete forms. – Where you provide contact information and where in connection with an application for a clinical role you also provide us with, Professional Credentials and Compliance Information.
    • Provide Contact and Contract Information – In connection with the provision of Services.
    • Otherwise communicate Service information to us – In connection with the Services.
    • Provide Service feedback or complete surveys – that we use for research purposes and to improve our Services (although you are not obliged to respond to them).
    • When you respond to a marketing communication or promotion.
  • From information collected automatically
    • We collect Online Identifiers when you engage with our Services online.
    • We will also collect your information automatically via cookies, in line with the cookie settings on your browser. For more information about cookies, and how we use them on the Website, see the section below, headed “Cookies”.
  • From information received from other sources
    • Compliance Information from official registers or third party providers of verification services in connection with professional, regulatory risk and compliance evaluation checks.
    • Service Information from our healthcare partners.
    • From a colleague who refers you (with your consent) to our Services.
 

4. Cookies and similar technologies

Our websites use cookies and similar technologies (“Cookies“) to collect and store certain information. These typically involve pieces of information or code transferred to or accessed from, your device to store and that sometimes track information about you. Cookies enable you to be remembered when using that device to interact with online services and can be used to manage a range of features and content, as well as storing searches and presenting personalised content.
 
We use Cookies to distinguish you from other visitors to our websites and which helps us to improve your experience of using our websites and to improve our range of services.
 
Some Cookies are essential to provide you with the service you register for, (for example to manage your browsing session or to validate your access to your registered account. Otherwise you can change your Cookie choices at any time.
 
Before the Website places Cookies on your computer, you will be presented with a message bar requesting your consent to set non-essential Cookies. Please note if you wish to deny consent to the placing of all Cookies; certain features of the Website may not function fully or as intended.
 
Our websites may place the following Cookies:
  • Strictly necessary cookies
    • These are cookies that are required for the operation of our websites. They include, for example, cookies that enable you to log into secure areas.
  • Analytical / performance cookies
    • They allow us to recognise and count the number of visitors and to see how visitors move around our websites when they are using it. This helps us to improve the way our websites work, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies
    • These are used to recognise you when you return to our websites. This enables us to personalise our content for you, greet you by name and remember your preferences.
  • Targeting cookies
    • These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website more relevant to your interests. This may also result in you seeing advertisements for our Services on other websites and services you visit.
We have provided below more information about the cookies that we use, the purposes for which we use them and how to manage your cookie preferences.
 
  • Google
    • _ga / _gid / _gat / google_cid / NID
    • Our site uses analytics services. Website analytics refers to a set of tools used to collect and analyse anonymous usage information, enabling us to better understand how our site is used. This, in turn, enables us to improve our site and the services offered through it. This cookie is also used to improve our advertising to website visitors. It can redirect more relevant advertisements to the visitor and helps improve reports on campaign performance. Analytical/performance cookie
    • Expiry/Lifetime: Current session + 24hrs typically
    • You can prevent the use of Google Analytics at any time, either by installing the Google Browser Plugin, which sets an opt-out cookie, or by selecting the appropriate setting in your browser software. You can find further information here.
  • Wordpress
    •  DYNSRV
    •  his cookie is added by our load balancer to track which web server to send the visitor to. Its purpose is to improve the performance of the website.
    • Strictly necessary cookie
    •  Expiry/Lifetime: Current session
  • Hotjar
    • _hijd
    • Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behaviour in subsequent visits to the same site will be attributed to the same user ID.
    • Analytical/performance cookie
    • Expiry/Lifetime: 365 days You can prevent Hotjar from collecting your information by clicking on this link and following the instructions there.
  •  Facebook
    •  _fbp
    • Used by Facebook to deliver our advertising to people who have already visited our website when they are on Facebook or a digital platform powered by Facebook advertising and to track conversion. The main purpose of this cookie is: Targeting/Advertising
    • Expiry/Lifetime: 3 monthsYou can opt-out of seeing online ads from Facebook and other companies participating with the European Digital Advertising Alliance. ‘Your online choices’ scheme. Further information is available here.
Please also note that:
  • You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser.
  • You can choose to delete Cookies at any time; however, you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings.
  • It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
  • For more information generally on cookies, including how to disable them, please refer to aboutcookies.org. You will also find details on how to delete cookies from your computer.
 

5. Our use of your information

Any or all the above information may be required by us from time to time in order to provide you with the best possible service and experience when using our Services. Specifically, your information may be used by us for the following reasons:
 
a) Our Services
  • In order to create and validate your registration with us.
  • To tell you about technical updates and changes to our Services and this privacy policy.
  • To verify applicant professional status and eligibility and to manage corporate risk, conflicts of interest, security, safety, compliance obligations relevant to the Services.
  • To take steps to enter into and administer a contract with you or with the organisation you represent or work for.
  • To administer and protect our business and Services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
  • In order to respond to you questions and correspondence.
  • Monitoring and assessing performance and the quality of the Services.
  • To carry out accounting and processing of payments.
  • Investigating possible violations and enforcing our contracts.
  • Complying with professional and legal obligations relevant to verification, record keeping, health and safety and in responding to regulatory or lawful requests.
 
b) Service Improvement and Marketing
We analyse the use of our Services, sometimes in conjunction with Cookies to understand how users engage with us so that we can further improve our services. We may also derive aggregated information to help explain how our Services are used to potential partners.
 
 
We may also use these insights to:
  • Contact you by email or telephone to seek feedback on our Services and how we can make improvements for market research purposes; or
  • Communicate to you promotional details about our Services that we believe may be of interest to you by email, sms or by phone call.
If you do wish to change your marketing contact preferences please refer to the section headed “Your rights” below.
 
 
You can see the lawful basis for which we use your personal information under the section “Purpose and lawful basis for processing of personal data”.
 
 

6. Who we share your information with?

We may share your information within certain circumstances with:
  • Any of our Group companies or affiliates:
    • Involved with supporting, delivering or administering our Services to you, including where relevant in increasing the number of job opportunities available to you where you are an applicant for clinical roles; and
    • Improving our Services.
  • Third party service providers in connection with IT platform, background and evaluation and health screening checks, software management, e-billing/payment services or those who support the administration of those services we procure for the purposes described in this privacy policy and on our behalf.
  • To auditors or to professional legal advisors in connection with receiving advice relevant to our Services.
  • To any professional conduct body, regulatory agency or other body including the courts, medical bodies and supervisory authorities.
  • In response to a court order or in cooperating with law enforcement in investigating and prosecuting activities that are illegal or harmful to others.
  • If we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity, or violation of any relevant terms of use or other contracts.
  • In connection with a corporate transaction, such as a sale, assignment, divestiture, merger, bankruptcy, consolidation, reorganization, liquidation, or other transfer of the company or its assets. We may transfer or assign this privacy policy and any of your information to another Group company or affiliate or a third-party entity that acquires or is merged with us as part of a merger, acquisition, sale, or other change of ownership.
  • In other ways described to you at the point of collection, or pursuant, where applicable or required by law, to your consent.
 

7. Transfers outside the UK or EAA

Information which we collect from you may be stored and processed in and transferred to countries outside of the UK or European Economic Area (EEA). For example, this could occur if our servers are in a country outside the UK or EEA or one of our service providers is situated in a country outside the UK or EEA.
 
We will only transfer personal information outside UK or the EEA where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your personal information, e.g. by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en, or by ensuring that other approved safeguards are in place such as the EU-US Privacy Shield Framework, in the event that the organisation in receipt of the Data is based in the United States of America.
 
To ensure that your personal information receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties we share this with. This ensures your personal information is treated by those third parties in a way that is consistent with the Data Protection Laws.
 
Please see ‘How to contact us’ for details on how to request information on protecting your personal data if transferred outside the UK or EEA.
 

8. Keeping information secure

We will use technical and organisational measures to safeguard your information, for example:
  • Access to your account is controlled by a password and a username that is unique to you.
  • We store your personal information on secure servers.
We are certified to ISO 27001. This family of standards helps us manage your information and keep it secure.
 
Technical and organisational measures include measures to deal with any suspected personal data breach. If you suspect any misuse or loss or unauthorised access to your personal information, please let us know immediately by contacting us via this e-mail address: DPO@celsusgroup.co.uk.
 
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses, and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
 

9. Retention

Unless a longer retention period is required or permitted by law, we will only hold your personal information on our systems for the period necessary to fulfil the purposes outlined in this privacy policy, our contractual obligations to you and for an appropriate period after that time to identify any issues and resolve any legal proceedings. We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services.
 

10. Your rights

You have the following rights under certain circumstances in relation to your information:
  • To request access to your personal information – this enables you to receive a copy of the personal data held by us.
  • To request correction of the personal data held by us – this enables you to have any incomplete or inaccurate personal data we hold about you corrected, though we may need to verify the accuracy of the new personal data you provide to us.
  • To request erasure of your personal data – this enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it.
  • To object to processing of your personal data – this enables you to object to the further processing of your personal data. You also have the right to object where we are processing your personal data for direct marketing purposes.
  • To request restriction of processing of your personal data – this enables you to ask us to suspend the processing of your personal data in certain cases (while we verify or investigate your concerns with this information, for example).
  • To request that your personal data be moved to a third party
  • To withdraw consent – this right arises at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your personal information (where consent is our legal basis for processing your information), please contact us via this e-mail address: DPO@celsusgroup.co.uk.
 
If you are not satisfied with the way a complaint you make in relation to your information is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner’s Office (ICO). The ICO’s contact details can be found on their website at https://ico.org.uk/.
 
It is important that the information we hold about you is accurate and current. Please keep us informed if your information changes during the period for which we hold it.
 
In most cases we will deal with your request as soon as possible and at the latest within one calendar month of the request. If we need to extend the time period for responding to your request, we will let you know within the one-month period. We do not charge a fee for any such requests unless there are exceptional circumstances.
 

11. How to contact us

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to:
  • Email: DPO@celsusgroup.co.uk
  • Post: Suite B, Second Floor, 400 Capability Green, Luton, Bedfordshire, LU1 3LU
 

12. Changes to this privacy policy

We reserve the right to change this privacy policy as necessary from time to time or as may be required by law. Any changes will be posted on the relevant website or App and in relation to substantive changes, will be notified to you by email.
 
We regularly review this privacy notice and will update it where necessary. We do recommend you regularly review this privacy notice to make sure you have the most up to date information. This privacy notice was last updated on 18/11/2022.
 

13. Purpose and lawful basis for processing of personal data

This table forms an important part of our privacy policy which you should also read.
  • Purpose / Activity: To create and validate your registration with us
    • Type of Information:
      • a. Contact Information
      • b. Compliance Information
      • c. Account log-in credentials
    • Lawful basis for processing including basis of legitimate interest:
      • Performance of a contract
  • Purpose / Activity: To verify applicant professional status and eligibility and to manage corporate risk, conflicts of interest, security, health and safety, compliance obligations relevant to the Services
    • Type of Information:
      • a. Contact Information
      • b. Compliance Information
    • Lawful basis for processing including basis of legitimate interest:
      • a. Performance of a contract
      • b. Necessary to comply with a legal obligation
      • c. Necessary for purposes of carrying out obligations in the field of social protection law.
      • d. Consent where applicable to the context of collection.
  • Purpose / Activity: To enter into, administer a contract with you or with the organisation you represent or work for: a. Accounting and processing of payment b. In order to respond to questions and correspondence and to monitor quality of the Services c. Investigating possible violations and enforcing our contracts
    • Type of Information:
      • a. Contact Information
      • b. Contract Information
      • c. Service Information
    • Lawful basis for processing including basis of legitimate interest:
      • a. Performance of a contract
      • b. Necessary for our legitimate interests
      • c. Necessary to comply with a legal obligation
  • Purpose / Activity: To manage our relationship with you which will include notifying you about technical updates or changes to our terms or privacy policy
    • Type of Information:
      • a. Contact Information
      • b. Contract Information
    • Lawful basis for processing including basis of legitimate interest:
      • a. Performance of a contract with you
      • b. Necessary to comply with a legal obligation
      • c. Necessary for our legitimate interests (to keep our records updated)
  • Purpose / Activity: To administer and protect our business and Services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
    • Type of Information:
      • a. Contact Information
      • b. Online Information
    • Lawful basis for processing including basis of legitimate interest:
      • a. Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or Group restructuring exercise)
      • b. Necessary to comply with a legal obligation
  • Purpose / Activity: To use data analytics to improve Services, user relationships and experiences
    • Type of Information:
      • a. Contact Information
      • b. Online Information
    • Lawful basis for processing including basis of legitimate interest:
      • Necessary for our legitimate interests (to define types of users for Services to keep our Services updated and relevant, to develop our business and to inform our marketing strategy).
    • Purpose / Activity: To make suggestions and recommendations to you about our Services that may be of interest to you
    • Type of Information:
      • a. Contact Information
      • b. Online Information
      • Lawful basis for processing including basis of legitimate interest:
      • a. Necessary for our legitimate interests (to develop our products/services and grow our business)
      • b. Consent (where applicable to the particular method of collection (e.g. cookies) or to the channel of delivery of a promotional message)

Get in contact with us

Want to get in touch?

We’d love to hear from you. Here’s how you can reach us.

01582 394 800
info@celsusgroup.com
Suite B, Second Floor, 400 Capability Green, Luton, Bedfordshire, LU1 3LU