Data Protection
Data Protection
Data Protection Declaration for Visitors and Users of Our Website and Our Suppliers of Goods and Services
We will protect your privacy and personal data. The processing of the personal data of visitors and users of our website, https://westchestercommunity.org/, our suppliers of goods, and our service providers will be limited to the data required to provide a functional website, fulfill our tasks in the context of our professional activity as a foundation, and our content and services, particularly our contractual relationship with you. This declaration will also apply to our patients, patients’ families, and referring professionals. However, when a patient is admitted to our establishment, they will receive an additional data protection declaration specifically related to the processing of their data, the data of their family members, and referring professionals within the context of our professional activity, which will be added to the patient’s file. We will collect, process, and use your personal data in accordance with the content of these data protection provisions and the applicable data protection regulations, particularly the law of the United States of America. These data protection provisions will define the personal data that we will collect, process, and use about you. Please read the following carefully.
1. Data Controller
1.1 Westchester Foundation (hereinafter “we, us, our”), as the operator of the https://westchestercommunity.org/ website and a provider of community support services, will be responsible for the personal data of visitors and users of the website, suppliers of goods and services, and patients, their families, and referring professionals (hereinafter “you, your”) within the meaning of the applicable data protection laws.
1.2 Any questions regarding data protection or the way we will process personal data can be addressed to the following contact person: Datuk Dr. Ganeshan Palani at md@westchestercommunity.org.
2. From Whom We Receive Your Personal Data
2.1 In principle, we will only collect personal data directly from you or via the website.
3. Description and Scope of Data Processing
3.1 Personal data within the meaning of these data protection provisions will include any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). This will include your surname, first name, email address, postal address, telephone number, credit card details, account details if you are a registered trader, and any other data required for the purposes set out below. If you visit our institution, we will be equipped with a CCTV system that will also collect personal data.
3.2 Personal data will also include information about your use of our website and your telephone calls to us. In this context, we will collect personal data from you as follows: information about your visits to our website, such as the extent of data transfer, the location from which you view data on our website (approximate geolocation data), as well as other connection data and sources you visit. This will generally be done through the use of log files and cookies. You will find more information on log files and cookies below. We will also use a platform that tracks all telephone calls. This tool may give us the name of the caller if they have given prior consent for their number to be associated with their name.
3.3 In principle, your personal data will be kept for as long as necessary to meet our contractual, fiduciary, medical, and other legal obligations, which will generally be 10 years. We will collect your IP address when you visit our website; this will be recorded for 30 days and will then be immediately deleted or made anonymous by shortening. Other data collected on our website for anonymous geolocation purposes only, such as cookies (Google Analytics), will be kept for a period of 14 months. When you telephone us, your number and other personal data will be kept for a maximum of 90 days.
4. Intended Use (Purpose)
We will use your personal data for the following purposes:
4.1 To provide the services you will have requested;
4.2 To ensure that our website is presented to you in the most effective and interesting way possible;
4.3 To fulfill our obligations under any contract entered into between you and us and to notify you of any changes to such contract(s);
4.4 To enable you to participate in interactive offers, if you wish;
4.5 To inform you of changes to our services;
4.6 In the event of a visit to our institution, to ensure your safety and avoid the presence of malicious persons by means of a CCTV surveillance system;
4.7 To send you our Newsletter or any other commercial communications.
5. Data Processing Principles
5.1 When processing data, we will take into account the processing principles of lawfulness, proportionality, purpose, transparency—particularly compliance with information obligations—and data security. We will take appropriate measures to ensure that personal data is accurate.
5.2 Data protection requirements will be considered when planning and designing processing activities (data protection by design and by default).
5.3 We will not make any automated individual decisions.
6. Information on Your Computer, Cookies
6.1 Each time you access our site, we will collect the following information about your computer: the IP address of your computer, the city (latitude and longitude), and your browser request. In addition, the status and quantity of data transmitted will be recorded as part of this request. We will also collect information on the product and version of the browser used and your computer’s operating system. We will record the website from which you accessed our site. The IP address of your computer will be recorded for 30 days and will then be immediately deleted or made anonymous by shortening. We will use this data for the operation of our website, particularly to detect and correct website errors, determine the level of use of the website, and make adjustments or improvements.
6.2 Cookies will contribute in many ways to making your visit to our website easier, more pleasant, and more useful. Cookies are information files that your web browser will automatically save on your computer’s hard drive when you visit our website.
6.3 For example, we will use cookies (such as Google Analytics, Google Ads, Social Media Ads, or others) to temporarily save the services you will have chosen and the data you will have entered when you fill in a form on the website, so that you will not have to repeat the entry when you visit another subpage. Cookies will also be used, where appropriate, to identify you as a registered user after you have registered on the website, without you having to log in again when you visit another subpage.
6.4 If you do not wish to use browser cookies, you will be able to configure your browser so that it does not accept cookies. Please note that in this case, you will only be able to use our website to a limited extent, if at all. You can choose at any time if you do not wish to accept cookies from our service providers in the settings of our cookies banner.
7. Data Security
7.1 In principle, we will process and store all the information you will send us on servers located in the United States of America. If necessary and if permitted by law, we may also transmit your personal data to recipients located outside the United States of America or in a country that does not guarantee adequate data protection. If personal data will be transferred to a country that does not have adequate data protection, we will ensure adequate protection by using sufficient safeguards, such as on the basis of EU standard contractual clauses or binding internal data protection guidelines. Questions regarding such data transfers and the safeguards applied in a specific case may be addressed at any time to the contact person mentioned in point 1.
7.2 Subject to point 7.1, we will not pass on your personal data to third parties unless you have given your consent to the data being passed on or unless we will be authorized or obliged to pass on data by virtue of legal provisions and/or administrative or judicial orders. This may include providing information for the purposes of criminal prosecution, preventing threats, or enforcing intellectual property rights.
7.3 Unfortunately, the transmission of information over the Internet and by electronic means is not entirely secure, which is why we cannot guarantee the security of data transmitted by these means. However, we will use technical and organizational measures to protect our website and our other systems against the loss, destruction, access, modification, or distribution of your data by unauthorized persons. In particular, your personal data will be transmitted to us via our website in encrypted form. We will use the SSL (Secure Socket Layer) encryption system.
8. Outsourcing of Data Processing (Subcontractor)
8.1 We will use external service providers (subcontractors) for our website and our IT system. As part of the use of our website and our IT system, the processing of your personal data will therefore be outsourced, but we will remain responsible to the data subjects and the relevant supervisory authority for the processing of outsourced personal data in accordance with data protection regulations. We will also use other subcontractors in the course of our business.
8.2 We will be responsible for the careful selection of the service provider(s) and the contractual guarantee that:
– The service provider processes personal data only in the manner in which we will be authorized to do so and that no legal or contractual obligation of confidentiality will be breached;
– The service provider does not process personal data for its own purposes;
– Data security will be guaranteed as far as possible;
– The service provider will only subcontract the processing of personal data with the prior consent of the controller;
– We will have the corresponding control rights.
9. We will have a subcontracting agreement in place with our subcontractors for this purpose.
10. Changes to this Data Protection Policy
10.1 We reserve the right to amend these data protection provisions at any time with effect for the future. An updated version will be available on the website. We invite you to consult the website regularly to stay informed about the current privacy and data protection policy.
11. Your Rights
11.1 You have the right to request information about your personal data that we process. In particular, you may request information about the personal data itself, the purpose of the processing, the storage period or, if this is not possible, the criteria for determining this period, the origin of your data if it has not been collected from you, the possible existence of an automated individual decision, and, where applicable, the recipients or categories of recipients to whom the personal data is communicated.
11.2 You also have the right to revoke any consent you may have given for the use of your personal data at any time.
11.3 You have the right to request, under certain conditions, that we return your personal data to you or transfer it to another data controller of your choice.
11.4 You have the right to request, under certain conditions, that inaccurate data be rectified and, if this is not possible, that the disputed nature of the data be noted.
11.5 Under certain conditions, you have the right to request a ban on processing or disclosure, and the deletion or destruction of your personal data if it is not possible for the data to be marked as disputed.
11.6 You may assert your rights as described above at any time by contacting us at the address indicated.
11.7 If you believe that the processing of your personal data by us breaches the applicable data protection provisions, you may lodge a complaint with the relevant authorities.
Updated: 05 October 2024
Data Protection Declaration for Visitors and Users of Our Website and Our Suppliers of Goods and Services
1. Data Controller
1.1 Westchester Foundation (hereinafter “we, us, our”), as the operator of the https://westchestercommunity.org/ website and a provider of community support services, will be responsible for the personal data of visitors and users of the website, suppliers of goods and services, and patients, their families, and referring professionals (hereinafter “you, your”) within the meaning of the applicable data protection laws.
1.2 Any questions regarding data protection or the way we will process personal data can be addressed to the following contact person: Datuk Dr. Ganeshan Palani at md@westchestercommunity.org.
2. From Whom We Receive Your Personal Data
3. Description and Scope of Data Processing
3.1 Personal data within the meaning of these data protection provisions will include any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). This will include your surname, first name, email address, postal address, telephone number, credit card details, account details if you are a registered trader, and any other data required for the purposes set out below. If you visit our institution, we will be equipped with a CCTV system that will also collect personal data.
3.2 Personal data will also include information about your use of our website and your telephone calls to us. In this context, we will collect personal data from you as follows: information about your visits to our website, such as the extent of data transfer, the location from which you view data on our website (approximate geolocation data), as well as other connection data and sources you visit. This will generally be done through the use of log files and cookies. You will find more information on log files and cookies below. We will also use a platform that tracks all telephone calls. This tool may give us the name of the caller if they have given prior consent for their number to be associated with their name.
3.3 In principle, your personal data will be kept for as long as necessary to meet our contractual, fiduciary, medical, and other legal obligations, which will generally be 10 years. We will collect your IP address when you visit our website; this will be recorded for 30 days and will then be immediately deleted or made anonymous by shortening. Other data collected on our website for anonymous geolocation purposes only, such as cookies (Google Analytics), will be kept for a period of 14 months. When you telephone us, your number and other personal data will be kept for a maximum of 90 days.
4. Intended Use (Purpose)
We will use your personal data for the following purposes:
4.1 To provide the services you will have requested;
4.2 To ensure that our website is presented to you in the most effective and interesting way possible;
4.3 To fulfill our obligations under any contract entered into between you and us and to notify you of any changes to such contract(s);
4.4 To enable you to participate in interactive offers, if you wish;
4.5 To inform you of changes to our services;
4.6 In the event of a visit to our institution, to ensure your safety and avoid the presence of malicious persons by means of a CCTV surveillance system;
4.7 To send you our Newsletter or any other commercial communications.
5. Data Processing Principles
5.1 When processing data, we will take into account the processing principles of lawfulness, proportionality, purpose, transparency—particularly compliance with information obligations—and data security. We will take appropriate measures to ensure that personal data is accurate.
5.2 Data protection requirements will be considered when planning and designing processing activities (data protection by design and by default).
5.3 We will not make any automated individual decisions.
6. Information on Your Computer, Cookies
6.1 Each time you access our site, we will collect the following information about your computer: the IP address of your computer, the city (latitude and longitude), and your browser request. In addition, the status and quantity of data transmitted will be recorded as part of this request. We will also collect information on the product and version of the browser used and your computer’s operating system. We will record the website from which you accessed our site. The IP address of your computer will be recorded for 30 days and will then be immediately deleted or made anonymous by shortening. We will use this data for the operation of our website, particularly to detect and correct website errors, determine the level of use of the website, and make adjustments or improvements.
6.2 Cookies will contribute in many ways to making your visit to our website easier, more pleasant, and more useful. Cookies are information files that your web browser will automatically save on your computer’s hard drive when you visit our website.
6.3 For example, we will use cookies (such as Google Analytics, Google Ads, Social Media Ads, or others) to temporarily save the services you will have chosen and the data you will have entered when you fill in a form on the website, so that you will not have to repeat the entry when you visit another subpage. Cookies will also be used, where appropriate, to identify you as a registered user after you have registered on the website, without you having to log in again when you visit another subpage.
6.4 If you do not wish to use browser cookies, you will be able to configure your browser so that it does not accept cookies. Please note that in this case, you will only be able to use our website to a limited extent, if at all. You can choose at any time if you do not wish to accept cookies from our service providers in the settings of our cookies banner.
7. Data Security
7.1 In principle, we will process and store all the information you will send us on servers located in the United States of America. If necessary and if permitted by law, we may also transmit your personal data to recipients located outside the United States of America or in a country that does not guarantee adequate data protection. If personal data will be transferred to a country that does not have adequate data protection, we will ensure adequate protection by using sufficient safeguards, such as on the basis of EU standard contractual clauses or binding internal data protection guidelines. Questions regarding such data transfers and the safeguards applied in a specific case may be addressed at any time to the contact person mentioned in point 1.
7.2 Subject to point 7.1, we will not pass on your personal data to third parties unless you have given your consent to the data being passed on or unless we will be authorized or obliged to pass on data by virtue of legal provisions and/or administrative or judicial orders. This may include providing information for the purposes of criminal prosecution, preventing threats, or enforcing intellectual property rights.
7.3 Unfortunately, the transmission of information over the Internet and by electronic means is not entirely secure, which is why we cannot guarantee the security of data transmitted by these means. However, we will use technical and organizational measures to protect our website and our other systems against the loss, destruction, access, modification, or distribution of your data by unauthorized persons. In particular, your personal data will be transmitted to us via our website in encrypted form. We will use the SSL (Secure Socket Layer) encryption system.
8. Outsourcing of Data Processing (Subcontractor)
8.1 We will use external service providers (subcontractors) for our website and our IT system. As part of the use of our website and our IT system, the processing of your personal data will therefore be outsourced, but we will remain responsible to the data subjects and the relevant supervisory authority for the processing of outsourced personal data in accordance with data protection regulations. We will also use other subcontractors in the course of our business.
8.2 We will be responsible for the careful selection of the service provider(s) and the contractual guarantee that:
– The service provider processes personal data only in the manner in which we will be authorized to do so and that no legal or contractual obligation of confidentiality will be breached;
– The service provider does not process personal data for its own purposes;
– Data security will be guaranteed as far as possible;
– The service provider will only subcontract the processing of personal data with the prior consent of the controller;
– We will have the corresponding control rights.
9. We will have a subcontracting agreement in place with our subcontractors for this purpose.
10. Changes to this Data Protection Policy
10.1 We reserve the right to amend these data protection provisions at any time with effect for the future. An updated version will be available on the website. We invite you to consult the website regularly to stay informed about the current privacy and data protection policy.
11. Your Rights
11.1 You have the right to request information about your personal data that we process. In particular, you may request information about the personal data itself, the purpose of the processing, the storage period or, if this is not possible, the criteria for determining this period, the origin of your data if it has not been collected from you, the possible existence of an automated individual decision, and, where applicable, the recipients or categories of recipients to whom the personal data is communicated.
11.2 You also have the right to revoke any consent you may have given for the use of your personal data at any time.
11.3 You have the right to request, under certain conditions, that we return your personal data to you or transfer it to another data controller of your choice.
11.4 You have the right to request, under certain conditions, that inaccurate data be rectified and, if this is not possible, that the disputed nature of the data be noted.
11.5 Under certain conditions, you have the right to request a ban on processing or disclosure, and the deletion or destruction of your personal data if it is not possible for the data to be marked as disputed.
11.6 You may assert your rights as described above at any time by contacting us at the address indicated.
11.7 If you believe that the processing of your personal data by us breaches the applicable data protection provisions, you may lodge a complaint with the relevant authorities.
Updated: 05 October 2024