CallAssist
About Us
FAQs
VAT Exemption
Reviews
Contact us
0800 123 123
CallAssist
About Us
FAQs
VAT Exemption
Reviews
Contact us
0800 123 123

Used & recommended by NHS

FREE 1 MONTH TRIAL

Increased Independence

Peace of mind for all

CallAssist Privacy Policy

Overview

This privacy notice tells you what to expect us to do with your personal information when you make contact with us or use one of our services.

We work to high standards when it comes to processing your personal information. If you have queries or concerns, please contact us at info@247assist.co.uk and we’ll respond.

We keep our privacy notice under regular review to make sure it is up to date and accurate.

We’ll tell you:

  • why we are able to process your information
  • what purpose we are processing it for
  • whether you have to provide it to us
  • how long we store it for
  • whether there are other recipients of your personal information

Nest Care Group LTD is the controller for the personal information we process, unless otherwise stated.

There are many ways you can contact us, including by phone, email, our website contact form and post.

0800 123 123

info@247assist.co.uk

247 Assist

Nest Care Group Ltd
20-22 Wenlock Road
London, N1 7GU
UK

Our Data Protection Officer can be contacted at info@247assist.co.uk or via our postal address. Please mark the envelope ‘Data Protection Officer’.

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • You have contacted us by email, phone, website contact form or website live chat to make an enquiry
  • You have tried a demo of CallAssist by filling out your details on 247assist.co.uk
  • You have requested an information pack from us via 247assist.co.uk
  • You have made an information request to us.
  • You wish to attend, or have attended, an event.
  • You subscribe to our e-newsletter.
  • You have applied for a job or secondment with us.
  • You are representing your organisation.
  • We have contacted you as part of a business enquiry by using publicly available contact data (please note in this case we will always ask before sending you further correspondence).
  • If it is not disproportionate or prejudical, we’ll contact you to let you know we are processing your personal information.

Your rights

Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information.

Your right of access

You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process. You can read more about this right here. https://ico.org.uk/your-data-matters/your-right-of-access/


Your right to rectification

You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies. You can read more about this right here. https://ico.org.uk/your-data-matters/your-right-to-get-your-data-corrected/

Your right to erasure

You have the right to ask us to erase your personal information in certain circumstances. You can read more about this right here. https://ico.org.uk/your-data-matters/your-right-to-get-your-data-deleted/

Your right to restriction of processing

You have the right to ask us to restrict the processing of your information in certain circumstances. You can read more about this right here. https://ico.org.uk/your-data-matters/your-right-to-limit-how-organisations-use-your-data/

Your right to object to processing

You have the right to object to processing if we are able to process your information because the process forms part of our public tasks, or is in our legitimate interests. You can read more about this right here.

https://ico.org.uk/your-data-matters/the-right-to-object-to-the-use-of-your-data/

Your right to data portability

This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated. You can read more about this right here. https://ico.org.uk/your-data-matters/your-right-to-data-portability/

Exercising the above

You are not required to pay any charge for exercising your rights. We have one month to respond to you. Please contact us at info@247assist.co.uk if you wish to make a request, or contact our helpline on 0800 123 123

Law enforcement

If we are processing your information for criminal law enforcement purposes, your rights are slightly different.

Linked websites

Where we provide links to websites of other organisations, this privacy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices on the other websites you visit.

Children

We may provide services directly to children if the information is given by parent or guardian. We do not proactively collect their personal information.

Medical information

The CallAssist system is not inherently clinical and we do not actively ask for or collect medical data.

How your personal data is used

Interested party

This is data we may collect from those who are inquiring about the service 

How we collect the data:

  • When contacting us via email
  • When contacting via phone

What data we collect:

  • Name
  • Email
  • Phone
  • Contextual information about the purpose of the inquiry.

What we use the data for:

Stakeholders (stakeholders and their roles are defined in the service level agreement)

How do we collect data:

  • When a service is created on our website
  • When a service  is created over the phone

What data we collect:

  • Name.
  • Email.
  • Phone.
  • Content of any personalised messages (if applicable).
  • Contextual information about the reason for using the service.
  • Contextual information about their experience with the service.

How we use this data:

  • This data is used in the way described within the Service level agreement
  • Contact data for stakeholders will be visible to all stakeholders related to an individual account & call receiver. This is in order that stakeholders may effectively communicate about the ongoing management of the service.

Third parties

We use data processors who are third parties who provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct. Here are the data processors we use:

Product delivery - Amazon AWS

Purpose: We use Amazon AWS to host and protect all data required to deliver the service.

Data handled: call behavior, personalised recordings, call creator email address, call creator phone number, call creator name, call receiver name, call receiver phone number, alert receiver email/s, alert receiver phone number/s, payee email, payee phone number, call recorder email, call recorder phone number, report receiver email, details of calls.

Data will be stored for: 8 years

You can see their security policy here

Product delivery - Twillio

Purpose: Twillio physically connects to international phone systems. We use Twillio to deliver the calls to the call receiver, to deliver calls to alert receiver/s , to deliver SMS to alert receiver/s, to deliver SMS marketing and to monitor product performance.

Data handled: Phone numbers, CLI, call recordings, personalised message recordings, call performance.

Data will be stored for: 8 years.

You can see their security policy here

Product delivery - Mailgun

We use a third-party provider, Mailgun, to deliver automated emails including the summary emails which list all of the information provided by someone in order to set up a call. We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government guidance on email security. Most webmail such as Gmail and Hotmail use TLS by default. We’ll also monitor any emails sent to us, including file attachments, for viruses or malicious software. You must ensure that any email you send is within the bounds of the law.

Data handled: call creator email address, call creator phone number, call creator name, call receiver name, call receiver phone number, alert receiver email/s, alert receiver phone number/s, payee email, payee phone number, call recorder email, call recorder phone number, report receiver email, details of calls.

Data will be stored for: 8 years

You can see their security policy here

Customer service and marketing - Sendgrid

Purpose: We use Sendgrid to keep in touch with existing customers and to market to potential customers. We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government guidance on email security. Most webmail such as Gmail and Hotmail use TLS by default. We’ll also monitor any emails sent to us, including file attachments, for viruses or malicious software. You must ensure that any email you send is within the bounds of the law.

Data handled: IP Addresses, Interested party email, interested party phone number, call creator email address, call creator phone number, call creator name, call receiver name, call receiver phone number, 

You can see their security policy here

Customer service - Freshcaller

Purpose: We use a third-party provider, Freshcaller, to supply and support our VOIP based customer service phone service. When you call our main helpline, we collect Calling Line Identification (CLI) information. This is the phone number you are calling from (if it’s not withheld). We hold a log of the phone number, date, time and duration of the call. We record calls for quality and training purposes. We use this information to understand the demand for our services and to improve how we operate. We may also use the number to call you back if you have asked us to do so, if your call drops, or if there is a problem with the line. We may also use it to check how many calls we have received from it.

Data handled: CLI, call statistics and performance, call recordings.

Data will be stored for: 8 years.

You can see their security policy here

Customer service - Freshdesk

We use a third-party provider, Freshdesk, to supply and support our live chat service as well as providing our knowledge base. Search queries and results are logged and may be matched with personal information in order to provide a better customer experience.

If you use this service, we may collect your name, email and the contents of your live chat session.

Data handled: IP Addresses, Behavior, messages and disclosed contact details

Data will be stored for: 8 years

You can see their security policy here

Customer service - Google apps

We use a third-party provider, Google apps , to supply and support our customer service email client service.

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government guidance on email security. Most webmail such as Gmail and Hotmail use TLS by default.

We’ll also monitor any emails sent to us, including file attachments, for viruses or malicious software. You must ensure that any email you send is within the bounds of the law.

Data handled: Email addresses and email content (which may include other contact information, apart from payment details)

Data will be stored for: 8 years

You can see their security policy here

Payment collection - Stripe

Purpose: We use stripe to securely collect and store debit/credit card details for the purpose of paying for 247Assist services. When you set up a payment method for 247Assist services your payment information is stored only with Stripe. Stripe is chosen for their attention and investment in security.

Data handled: Email, home address, debit/credit card details

Data will be stored for: 8 years

You can see their security policy here

Social media - Hootsuite

We use a third-party provider, Hootsuite, to manage our social-media interactions. If you send us a private or direct message via social media, it will be stored by Hootsuite for three months. It will not be shared with any other organisations.

We see all this information and decide how we manage it. For example, if you send a message via social media that needs a response from us, we may process it in our case management system as an enquiry or a complaint.

Data handled: Social media handles, behaviour and content

Data will be stored for: 8 years

You can see their security policy here

WPForms & Wufoo forms

We use WPForms and Wuforms to collect data outside of our standard call creation and management interface. We use these to set up services, register enquiries and collect feedback

Data handled: Emails, phone numbers, Names.

Data will be stored for: 8 years

You can learn more about WPForms here

See Wufoo forms security information here

Website optimisation - Google analytics

Purpose: When you visit our website, we use a third-party service, Google Analytics, to collect standard internet log information and details of behaviour patterns. We do this to find out such things as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

Data handled: IP Addresses, behaviour on website

Data will be stored for: 8 years

You can see their security policy here

Web cookies

We use a cookies tool on our website which relies on implied consent of users. In recognition of the fact that the implementation date for the revised e-Privacy Regulation remains unknown, we are taking reasonable steps now to align our use of cookies the standard of consent required by GDPR.


Purpose and legal basis for processing

The purpose for implementing all of the above is to maintain and monitor the performance of our service and website and to constantly look to improve the site and the services it offers to our users. The legal basis we rely on to process your personal data is article 6(1)(f) of the GDPR, which allows us to process personal data when its necessary for the purposes of our legitimate interests. As we are processing your personal data for our legitimate interests as stated above, you have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it