Twitter universal website tag code Twitter website tag code

[Skip to content]

Private hospital continually investing in advanced diagnostic and treatment technologies
Search our Site

GDPR, Online privacy and cookies

Make an appointment

8am-8pm Monday to Friday
8am-2pm Saturday
Call our Contact Centre on

+44 (0)20 7460 5700

Contact Us

Services and specialties

Search our services and specialties

Find a treatment

Find a medical consultant

Search by name, specialty, gender or language

Find a specialist

GDPR, online privacy and cookies

young woman studies paperwork


GDPR - Your Questions Answered

Everything you need to know about GDPR.

You may have heard a lot about the General Data Protection Regulation (GDPR), which comes into effect on 25 May 2018. We’ve put together a selection of questions and answers that’ll help you understand the regulation and how we use your information. 

If you have you have a question that isn’t answered below, please email us at dataprotection@bupa.com or write to us at: Bupa UK Information Governance Team, 4 Pine Trees, Chertsey Lane, Staines-upon-Thames, TW18 3DZ.

About GDPR

On the 25 May 2018, the current UK Data Protection Act (DPA) will be replaced by a new privacy law based on the EU General Data Protection Regulation (GDPR). 

The new law gives you more rights and more control over how organisations use any personal information you share with them such as your name, email address, health information, or even an internet protocol (IP) address 

.As always, we’re committed to safeguarding your privacy and meeting all the requirements of privacy law, so we’ve put some new processes and controls in place. 

We’ll only use and keep your personal information for as long as is necessary, where we have a legitimate business purpose or legal requirement to do so. We keep your information safe in secure systems and we’ll always let you know:

  •  what details we’re collecting
  • why we’re collecting them
  • how we’ll use them
  • who we will (or won’t) share them with
  • when we’ll delete them.

 

  • in the normal course of our business to provide the products and services you have requested
  • to identify you when you contact us
  • to send you information on our products and services which we think might be relevant or beneficial to you (we won’t send you this information if you’re a 1]patient).
  • to send you updates of service changes which are important to you or which we feel may be of interest to you
  • for statistical analysis, including automated techniques and to monitor and analyse our business to make sure we’re providing the best service for our customers.

For more information on what we use your personal information for, please see our privacy policy

From time to time, we will share your personal information with a select number of third party organisations and/or other Bupa group companies who help deliver products and services on our behalf. We impose strict information security control measures for all third parties and group businesses and insist that they maintain industry standards equivalent to or higher than the requirements of our governing regulators in the UK and Europe.

We may also share your data for the purposes of fraud prevention or where we are required to do so by law. 

Information is key to our business and we understand that you trust us to keep it safe. We only store personal information in secure systems which can’t be accessed without authorisation. We have rigorous information security and governance controls in place, including systems to detect and prevent online threats. In response to the new privacy law, we’ve put additional organisational and technical controls in place and have reviewed all our processes to make sure your information continues to be protected. 

Under privacy law, you can request full details of the information we hold about you, how we use and store it, and why. This is called a Subject Access Request (SAR) and you can make one at any time by completing Subject Access Request form located at the bottom of this table. Please note that there is a separate from for requesting Access to Health Records. This form (Access to Health Records Form) is also located at the bottom of this table.

There are number of conditions under which you have the right to have information about you deleted from our systems and archives. This is sometimes referred to as the ‘right to be forgotten’ and is designed to protect you by preventing companies from retaining or using your personal information inappropriately or unlawfully.

Please note that it does not allow you to have all of your information deleted at any time, because we are legally required to retain information for some purposes, and for specified periods. You can exercise this right by downloading the Erasure Request form located at the bottom of this table.

You may have given us your email address during your time as a Bupa customer, or when asking for information about our products and services.  

Yes, you can opt out of all marketing emails from us at any time by sending an email to optmeout@bupa.com

If you’d like to know more about how Bupa uses personal information, please see our privacy notice which can be found in the 'About your privacy' table on this page. You can ask us a specific query, or exercise your individual rights, by emailing dataprotection@bupa.comor by writing to us at: Bupa UK Information Governance Team, 4 Pine Trees, Chertsey Lane, Staines-upon-Thames, TW18 3DZ.

About your privacy

We are committed to protecting your privacy when dealing with your personal information.

This privacy notice provides an overview of the information we collect about you, how we use and protect it. It also provides information about your rights. Fuller details can be found in our Full Privacy Notice available at the bottom of this page.

If you do not have access to the internet and would like a paper copy of the Full Privacy Notice, please contact the Bupa Privacy team on +44 (0) 1784 893706.

Alternatively you can email the team at dataprotection@bupa.comor write to Bupa Data Protection, Willow House, 4 Pine Trees, Chertsey Lane, Staines-Upon-Thames, Middlesex TW18 3DZ. If you have any questions about how we handle your information, please contact us at dataprotection@bupa.com.

In this privacy notice, references to "we" or "us" or “our” are to Bupa. For company contact details, click here

Depending on which of our products and services you enquire about, purchase or make use of, different companies within Bupa will process your information.You can find out more about the Bupa companies that handle your information - including which company makes decisions about how your information is handled based on the products/services you access or make use of - by clicking here.

This privacy notice applies to anyone who interacts with us in relation to our products and services (“you”, “your”), via any channel (e.g. email, website, telephone, app etc.). Additional privacy information may be given to you if required for specific interactions or in relation to specific products or services. 

This privacy notice applies to individuals who enquire about, purchase or make use of our products and services. It describes how we handle your information, regardless of the way you contact us (e.g. email, website, telephone, app etc.). Sometimes we will provide you with additional information or notices, depending on the way we interact with each other, for example if you use Bupa apps we may provide you privacy notices just in relation to a particular data type collected through that app.


If you have any questions about this, please contact us at dataprotection@bupa.com

We obtain personal information from you and from certain third parties (e.g. those acting on your behalf, like brokers, healthcare providers etc.). 

Where you provide us with information about other individuals, you must ensure that they have seen a copy of this privacy notice and are comfortable with you doing this.

We obtain personal information from you:

  • Through your interactions with us, including by telephone (please note that we may record or monitor our calls for compliance and quality assurance purposes), by email, via our websites, via our apps, via post, via application or other forms, if entering competitions, social media or face to face e.g. in medical consultations, diagnosis and treatment;

and

  •  from third parties such as:

 

For all our customers:

  • your parent or guardian, if you are under 18 years of age
  • a family member, or someone else acting on your behalf
  • from doctors, other clinicians and healthcare professionals, hospitals, clinics and other healthcare providers  
  • from any service providers who work with us in relation to your product or service, where we don’t provide it to you directly, such as providing you with apps, medical treatment, dental treatment, or health assessments
  • from third parties e.g. CACI or Binleys who conduct customer satisfaction surveys or market research activities on our behalf or who provide us with demographic information and other market insights to allow us to improve our products and services (e.g. your interests, purchases and household type)
  • fraud or credit reference agencies
  • publicly available sources, such as the edited Electoral Roll or social media


In addition, where we provide insurance products and services:

  •  the main member, if you are a dependant under a family insurance policy
  • your employer, e.g. if you are covered by an insurance policy taken out by your employer
  • brokers and other intermediaries - this may be your broker if you have one, or your employer's broker  if they have one
  •  from other third parties that Bupa works with: agents working on our behalf, other insurers and reinsurers, actuaries, auditors, solicitors, translators and / or interpreters, tax advisors, debt collection agencies, credit referencing agencies, fraud detection agencies (including health insurance counter-fraud groups), regulators, data protection supervisory authorities, healthcare professionals, other healthcare providers and medical assistance providers


In addition, where we provide healthcare, dental and care home services:

  •  your employer, e.g. if you are covered by a contract for services taken out by your employer or where we are providing occupational health services.
  • brokers and other intermediaries - this may be your broker if you have one, or your employer's broker if they have one  
  •  those funding the provision of the products or services we provide you, including other insurers, public sector commissioners and embassies

 

We process two categories of personal information about you and/or, where applicable, your dependants, namely:

  • standard personal information (e.g. information we use to contact you, identify you or manage our relationship with you); and 
  • the country you live in, your age, your date of birth and national identifiers (such as your National Insurance number or passport number);


    For more information about these categories of information, see below.

Standard personal information includes:

  • contact information such as your name, username, address, email address and phone numbers;
  • special categories of information (e.g. health information, information about race, ethnic origin and religion that allows us to tailor your care, and information about crime in connection with checks against fraud or anti-money-laundering registers).
  • information about your employment
  • details of any contact we have had with you, such as any complaints or incidents;
  • financial details, such as details about your payments and your bank details;
  • the results of any credit or any anti-fraud checks we have made on you;
  • information about how you use our products and services, such as insurance claims; and
  • information about how you use our website, apps or other technology, including IP addresses or other device information (please see our Cookies Policy for more details).


Special category information includes:

  • information about your physical or mental health, including genetic information or biometric information (we may get this information from application forms you have filled in, from notes and reports about your health and any treatment and care you have received or need, or it may be recorded in details of contact we have had with you such as information about complaints or incidents, and referrals from your existing insurance provider, quotes and records of medical services you have received);
  • information about your race, ethnic origin and religion (we may get this information from your medical or care-home preferences to allow us to provide care that is tailored to your needs); and;
  • information about any criminal convictions and offences (we may get this information when carrying out anti-fraud or anti-money-laundering checks, or other background screening activity.

We process your personal information for the purposes set out in this privacy notice. We have also set out some legal reasons why we may process your personal information (these depend on what category of personal information we are processing). We normally process standard personal information if this is necessary to provide the services set out in a contract, it is in our or a third party’s legitimate interests or it is required or allowed by any law that applies. Please see below for more information about this and the reasons why we may need to process special category information.

By law, we must have a lawful reason for processing your personal information. We process standard personal information about you if this is:

  • necessary to provide the services set out in a contract − if we have a contract with you, we will process your personal information in order to fulfil that contract (that is, to provide you and your dependants with our products and services)
  • in our or a third party’s legitimate interests − details of those legitimate interests are set out in more detail below;
  • required or allowed by law

We process special category information about you because:

  • it is necessary for the purposes of preventive or occupational medicine, to assess whether you are able to work, medical diagnosis, to provide health or social care or treatment, or to manage health-care or social-care systems (including to monitor whether we are meeting expectations relating to our clinical and non-clinical performance);
  • it is necessary for an insurance purpose (for example, advising on, arranging, providing or managing an insurance contract, dealing with a claim made under an insurance contract, or relating to rights and responsibilities arising in connection with an insurance contract or law);
  • it is necessary to establish, make or defend legal claims (for example, claims against us for insurance);
  • it is necessary for the purposes of preventing or detecting an unlawful act in circumstances where we must carry out checks without your permission so as not to affect the outcome of those checks (for example, anti-fraud and anti-money-laundering checks or to check other unlawful behaviour, or carry out investigations with other insurers and third parties for the purpose of detecting fraud);
  • it is necessary for a purpose designed to protect the public against dishonesty, malpractice or other seriously improper behaviour (for example, investigations in response to a safeguarding concern, a member's complaint or a regulator (such as the Care Quality Commission or the General Medical Council) telling us about an issue);
  • it is in the public interest, in line with any laws that apply;
  • it is information that you have made public; or
  • we have your permission. As is best practice, we will only ask you for permission to process your personal information if there is no other legal reason to process it. If we need to ask for your permission, we will make it clear that this is what we are asking for, and ask you to confirm your choice to give us that permission. If we cannot provide a product or service without your permission (for example, we can’t manage and run a health trust without health information), we will make this clear when we ask for your permission. If you later withdraw your permission, we will no longer be able to provide you with a product or service that relies on having your permission.

We process your personal information for a number of legitimate interests, including managing all aspects of our relationship with you, for marketing, to help us improve our services and products, and in order to exercise our rights or handle claims. More detailed information about our legitimate interests is set out below.

 

  • Legitimate interest is one of the legal reasons why we may process your personal information. Taking into account your interests, rights and freedoms, legitimate interests which allow us to process your personal information include: 
  • to manage our relationship with you, our business and third parties who provide products or services for us (for example, to check that you have received a service that you’re covered for, to validate invoices and so on); 
  • to provide health-care services on behalf of a third party (for example, your employer); 
  • to make sure that claims are handled efficiently and to investigate complaints (for example, we may ask your treatment provider for information to make sure we receive accurate information and to monitor the quality of your treatment and care); 
  • to keep our records up to date and to provide you with marketing as allowed by law; 
  • to develop and carry out marketing activities and to show you information that is of interest to you, based on our understanding of your preferences (we combine information you give us with information we receive about you from third parties to help us understand you better); 
  • for statistical research and analysis so that we can monitor and improve products, services, websites and apps, or develop new ones; 
  • to contact you about market research we are carrying out; 
  • to monitor how well we are meeting our clinical and non-clinical performance expectations in the case of health-care providers; 
  • to enforce or apply our website terms of use, our policy terms and conditions or other contracts, or to protect our (or our customers’ or other people’s) rights, property or safety; 
  • to exercise our rights, to defend ourselves from claims and to keep to laws and regulations that apply to us and the third parties we work with; and;
  • to take part in, or be the subject of, any sale, purchase, merger or takeover of all or part of the Bupa business.

We may use your personal information to send you marketing by post, by phone, through social media, by email and by text.

We can only use your personal information to send you marketing material if we have your permission or a legitimate interest as described above.

If you don’t want to receive emails from us, you can click on the ‘unsubscribe’ link that appears in all emails we send. If you don’t want to receive texts from us you can tell us by contacting us at any time. Otherwise, you can always contact us here to update your contact preferences.

You have the right to object to direct marketing and profiling (the automated processing of your information to help us evaluate certain things about you, for example, your personal preferences and your interests) relating to direct marketing. Please see the section about your rights for more details.

Like many businesses, we sometimes use automation to provide you with a quicker, better, more consistent and fair service, and marketing information we think will be of interest to you (including discounts on our products and services). This will involve evaluating information about you and, in some cases, using technology to provide you with automatic responses or decisions (automated decisions). You can click below for more information about this.

You have the right to object to direct marketing and profiling relating to direct marketing. You may also have the right to object to other types of profiling and automated decision-making set out below. In these cases, you have the right to ask us to make sure that one of our advisers reviews an automated decision, to let us know how you feel about it and to ask us to reconsider the decision. You can contact us to exercise these rights here.

By law, we must tell you about:

  • automated decision-making (making a decision using technology, without any person being involved); and
  • profiling (automated processing of your information to help us evaluate certain things about you, for example, your personal preferences and your interests).

This is because you have certain rights relating to both automated decision-making and profiling. You have the right to object to profiling relating to direct marketing. If you do this, we will no longer carry out profiling for direct marketing purposes. You also have the right to object to profiling in other circumstances set out below.

 

This is because you have certain rights relating to both automated decision-making and profiling. You have the right to object to profiling relating to direct marketing. If you do this, we will no longer carry out profiling for direct marketing purposes. You also have the right to object to profiling in other circumstances set out below:

 

  • consider the request, including any information you have provided that is relevant to it;
  • meet your request; and
  • let you know in writing what we have done to meet your request, and the outcome.

You can contact us here to ask about these rights.

 

Profiling and automated decision-making

The processes set out below involve both profiling and automated decision-making.

  • Depending on the type of health-insurance product that you want to benefit from, to help us decide what level of cover we can offer you, we will ask you to provide information about your medical history. We may use software to review this information to find out whether you have any previous or existing health conditions which we cannot cover you for and which will be excluded from your policy.
  • We may use software to help us calculate the price of products and services based on what we know about you and other customers. For example, our technology may analyse information about your claims history and compare it with the information we hold about previous claims to evaluate how likely you are to need to make a claim. We may also evaluate your age, where you live and other details relating to your health (such as existing health conditions and whether you smoke) to calculate prices for community-rated products which are based on predefined groups with similar risk profiles.

Profiling

The processes set out below involve profiling:

  • In order to improve outcomes and be more efficient, and allow us to offer advice about different treatment paths (for example, alternatives to surgery or other invasive treatments), we may use software to evaluate medical history and information about the general population in an area to identify customers who are likely to need that advice most.
  • When your policy is due for renewal, our software tells us this and may also evaluate your payment and claims history, information about the general information in a particular area, and other information from third parties to automatically provide you with information about what incentives we can offer you and the marketing messages you will receive.
  • We ask other organisations to carry out some of our consumer and market analysis to improve our marketing processes. This involves sharing personal information relating to our customers with third parties who specialise in profiling and segmenting people (putting people into groups of different types of customer, based on different kinds of information collected about them, to help us to better target our products to them). These companies match the information we give them with information they get from other sources to improve the accuracy of their analysis. We use the results of this analysis to help us target marketing and offers.
  • We may use information about the products you have bought, and information about what other customers who have bought the same products you have bought, to make sure we send you information about the products you are most likely to be interested in.
  • We may share your personal information (including your name, date of birth, sex and the country you live in) with third-party companies, such as FINSCAN, who we use to carry out anti-fraud checks. We will review any matches from this process. (We will not use automated decision-making for this.)

We share your information within the Bupa Group, with relevant policyholders (including your employer if you are covered under a group scheme), with funders arranging services on your behalf, with people acting on your behalf (for example, brokers and other agents) and with others who help us provide services to you (for example, health-care providers and medical-assistance providers) or who we need information from to allow us to handle or confirm claims or entitlements (for example, professional associations). We also share your information in line with the law. For more information about who we share your information with, please see below.

We sometimes need to share your information with other people or organisations for the purposes set out in this privacy notice.

For all our customers, we share your information with:

  • other members of the Bupa Group;
  • other organisations you belong to, or are professionally associated with, in order to confirm your entitlement to claim discounts on our products and services;
  • doctors, clinicians and other health-care professionals, hospitals, clinics and other health-care providers;
  • suppliers who help deliver products or services on our behalf;
  • people or organisations we have to, or are allowed to, share your personal information with by law (for example, for fraud-prevention or safeguarding purposes, including with the Care Quality Commission);
  • the police and other law-enforcement agencies to help them perform their duties, or with others if we have to do this by law or under a court order;
  • if we (or any member of the Bupa group) sell or buy any business or assets, the potential buyer or seller of that business or those assets; and
  • a third party who takes over any or all of the Bupa Group’s assets (in which case personal information we hold about our customers or visitors to the website may be one of the assets the third party takes over). 

If we provide insurance or manage a health-care trust, we share your information with:

  • the policyholder or their agent if you are not the main member under an individual policy (we will send them all membership documents and confirmation of how we have dealt with a claim, and all people who are insured on the policy may have access to correspondence and other information we provide through our online portal);
  • your employer (or a their broker or agent) for product or service administration purposes if you are a member or beneficiary under your employer’s group scheme;
  • your broker or agent (or both);
  • other third parties we work with to provide our products and services, such as agents working on our behalf, other insurers and reinsurers, actuaries, auditors, solicitors, translators and interpreters, tax advisers, debt-collection agencies, credit-reference agencies, fraud-detection agencies (including health-insurance counter-fraud groups), regulators, data-protection supervisory authorities, health-care professionals, health-care providers and medical-assistance providers; and;
  • organisations who provide your treatment and other benefits, including travel-assistance services.

If we provide health-care, dental and care-home services, we share your information with:

  • your employer, if your employer is paying for the services we are providing;
  • your employer (or a their broker or agent) for product or service administration purposes if you are a member or beneficiary under your employer’s group scheme;
  • our insurance partners, for example, brokers, reinsurers, actuaries, auditors, solicitors, translators and interpreters, tax advisers, debt-collection agencies, credit-reference agencies, fraud-detection agencies, regulators, data-protection supervisory authorities;
  • those paying for the products or services we provide to you, including insurers, public-sector commissioners and embassies;
  • othose providing your treatment and other benefits;
  • national registries such as the Cancer Registry;
  • national screening databases, such as the NHS Cervical Screening recall system;
  • government authorities and agencies, including the Health Protection Agency (for infectious diseases such as TB and meningitis); and organisations that carry out patient surveys on our behalf (for example, NPS).

If we share your personal information, we will make sure appropriate protection is in place to protect your personal information in line with data-protection laws.


We support ethically approved clinical research. We may use anonymised information (with all names and other identifying information removed) or information that is combined with other people’s information, or reveal it to others, for research or statistical purposes. You cannot be identified from this information and we will only share the information in line with legal agreements which set out an agreed, limited purpose and prevent the information being used for commercial gain.

We deal with many international organisations and use global information systems. As a result, we transfer your personal information to countries outside the EEA (the EU member states plus Norway, Liechtenstein and Iceland) for the purposes set out in this privacy notice. Not all countries outside the EEA have data-protection laws that are similar to those in the EEA and if so, the European Commission may not consider those countries as providing an adequate level of data protection.

We keep your personal information in line with set periods calculated using the following criteria.

  • How long you have been a customer with us, the types of products or services you have with us, and when you will stop being our customer.
  • How long it is reasonable to keep records to show we have met the obligations we have to you and by law.
  • Any time limits for making a claim.
  • Any periods for keeping information which are set by law or recommended by regulators, professional bodies or associations.
  • Any relevant proceedings that apply.

If you would like more information about how long we will keep your information for, please contact us at  dataprotection@bupa.com.

You have the right to access your information and to ask us to correct any mistakes and delete and restrict the use of your information. You also have the right to object to us using your information, to ask us to transfer of information you have provided, to withdraw permission you have given us to use your information and to ask us not to use automated decision-making which will affect you. For more information, see below.

You have the following rights (certain exceptions apply).

  • Right of access: the right to make a written request for details of your personal information and a copy of that personal information
  • Right to rectification: the right to have inaccurate information about you corrected or removed
  • Right to erasure ('right to be forgotten'): the right to have certain personal information about you erased
  • Right to restriction of processing: the right to request that your personal information is only used for restricted purposes
  • Right to object: the right to object to processing of your personal information in cases where our processing is based on the performance of a task carried out in the public interest or we have let you know the processing is necessary for our or a third party’s legitimate interests. You can object to our use of your information for profiling purposes where it is in relation to direct marketing
  • Right to data portability: the right to ask for the personal information you have made available to us to be transferred to you or a third party in machine-readable formats
  • Right to withdraw consent: the right to withdraw any consent you have previously given us to handle your personal information. If you withdraw your consent, this will not affect the lawfulness of Bupa’s use of your personal information prior to the withdrawal of your consent and we will let you know if we will no longer be able to provide you your chosen product or service
  • Right in relation to automated decisions: you have the right not to be subject to a decision based solely on automated processing which produces legal effects concerning you or similarly significantly affects you, unless it is necessary for entering into a contract with you, it is authorised by law or you have given your explicit consent. We will let you know when such decisions are made, the lawful grounds we rely on and the rights you have.

Please note: Other than your right to object to the use of your data for direct marketing (and profiling to the extent used for the purposes of direct marketing), your rights are not absolute: they do not always apply in all cases and we will let you know in our correspondence with you how we will be able to comply with your request.

If you make a request, we will ask you to confirm your identity if we need to, and to provide information that helps us to understand your request better. If we do not meet your request, we will explain why.

In order to exercise your rights please contact  dataprotection@bupa.com.

If you have any questions, comments, complaints or suggestions in relation to this notice, or any other concerns about the way in which we process information about you, please contact our Data Protection Officer and Privacy Team at  dataprotection@bupa.com.

You also have a right to make a complaint to your local privacy supervisory authority. Bupa’s main establishment is in the UK, where the local supervisory authority is the Information Commissioner:

Information Commissioner's Office
Wycliffe House 
Water Lane 
Wilmslow 
Cheshire, United Kingdom 
SK9 5AF

Phone: 0303 123 1113 (local rate) or 01625 545 745 (national rate).

You can also lodge a complaint with another supervisory authority which is based in the country or territory where:

  • you are living,
  • you work, or
  • the alleged infringement took place.

About cookies

A cookie, also known as a browser cookie, is a text file containing small amounts of information which a server may download to your computer hard drive, tablet or mobile device when you visit a website or use an app.

There are different types of cookies which are used to do different things. These include letting you navigate between different pages on a website efficiently, remembering preferences you have given and helping us to identify ways to improve your overall site experience. Others are used to provide you with advertising which is more tailored to your interests, or to measure the number of site visits and the most popular pages users visit.

‘First party’ and ‘third party’ cookies

Each type of cookie can be set and controlled by the operator of the website which the user is browsing such as Bupa Cromwell Hospital (known as a ‘first party cookie’) or a third party such as Facebook, for example to display advertisements and social sharing features, (known as a ‘third party cookie’).

Due to their core role of enhancing and enabling usability or site processes, disabling certain cookies may prevent you from using certain aspects of the Bupa website, such as generating a quote or placing an order.

Broadly speaking, there are two different types of browser cookie:

(1) Session cookies are stored in the computer's memory during a user's browsing session and are automatically deleted from the user's computer when the browser is closed or the session is deemed to have ended.

These cookies usually store a session ID that is not personally identifiable to users, allowing the user to move from page to page without having to log-in repeatedly. They are widely used by commercial websites; for example to keep track of items that a consumer has added to a shopping basket.

Session cookies do not collect any information from the user's computer and they expire at the end of the user's browser session. They can also become inaccessible after the session has been inactive for a specified length of time, usually 20 or 30 minutes.

(2) Persistent cookies are stored on the user's computer and are not deleted when the browser is closed. Persistent cookies can be used to retain user preferences for a particular website, allowing those preferences to be used in future browsing sessions.

Persistent cookies usually assign a unique ID to the user’s browser and they are usually configured to identify a user for a prolonged period of time, from days to months or even years.

How does Bupa Cromwell Hospital use cookies?

The cookies used by Bupa Cromwell Hospital help us to track basic visitor information and to learn about the behaviour of visitors to this website and how they respond to our marketing communications and for research and statistical purposes. The more we learn, the better we are able to provide relevant and interesting content and services.

The cookies that Bupa Cromwell Hospital uses do not collect personal information such as name, address, email address and do not link any information they collect to an individual. From time to time Bupa Cromwell Hospital may also analyse IP addresses, user agent strings or other anonymous data sources. All data is collected in an anonymous and aggregated form.

How can you control the use of cookies?

Your use of the website constitutes your consent to this website setting cookies on your device.

Most web browsers automatically accept cookies and your use of this website constitutes your consent to this website setting cookies on your computer or other device.

It is possible to disable cookies on most web browsers. We recommend that if you do not want this website to set cookies on your computer or other device you should either; not use the site and delete any Bupa cookies that may have already been placed, or change the settings in your website browser to disable cookies. However, because cookies allow you to take advantage of some of this website's essential features, we recommend you leave them turned on.

Learn more about cookies

To find out more about cookies, search in Google or visit aboutcookies.org or allaboutcookies.org(which is run by the IBA Europe).

Information Commissioner's Office cookie guide  

Cookies used by Bupa Cromwell Hospital

To help you understand the different types of cookies we use and what they do, we have conducted a full audit of our sites and grouped cookies into four categories:

  • Strictly necessary cookies
  • Performance cookies
  • Functionality cookies
  • Targeting cookies

In the tables below you will find a list of the cookies used on our websites and a brief description of the information they gather.

We work with a host of third-party suppliers who place cookies on your device. Where the information is available to us, we have listed these cookies in the table. We rely on the information passed on to us by third-party suppliers. If you want to know more about cookies used by these third-party suppliers, please click on the links in the tables for individual cookie policies.

Strictly necessary cookies

'Strictly necessary' cookies let you move around the website and use essential features such as accessing secure areas of the website and identifying you as being logged in. These cookies don't gather any information about you that could be used for marketing or remembering where you've been on the internet. Accepting these cookies is a condition of using the website, however, as they are required for the proper operation of the website. If you prevent them, we cannot guarantee how it will perform.

Cookie source Name Purpose

More  information (external links)

Session ID

JSESSIONID
JSESSIONIDSSO

These cookies are used to ensure that our site knows that you are the same users as you move from one page to the next. Without these cookies our site would think you are a new user and would drop you back to the login screen.  

 

Performance cookies / analytics cookies

We use these cookies to collect information about how visitors use our website, including details of the site where the visitor has come from and the total number of times a visitor has been to our website. By using our website, you agree that we can place these types of cookies on your device. We use the information to improve our website and enhance the experience of its visitors. All information these cookies collect is aggregated and therefore anonymous.

Cookie source Name Purpose

More  information (external links)

Adobe SiteCatalyst analytics s_cc
s_lastvisit
s_nr
s_ppv
s_sq
s_vi
Dart
Adobe SiteCatalyst is the software we use for tracking what pages you are viewing on our websites. SiteCatalyst privacy policy
Google Analytics

_utma
_utmb
_utmc
_utmz

Another tool to monitor user behaviour on the websites, tracking pages visited and where they have come from. Google privacy policy

 

Functionality cookies / application or site specific cookies

These cookies remember choices you make to improve your experience. By using the website, you agree that we can place these types of cookies on your device.

These cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.

Cookie source Name Purpose

More  information (external links)

Language  global#lang This cookie stores the language you select. This is kept until you close the browser.  
Adobe SiteCatalyst analytics s_cc This is the software we use for tracking what pages you are viewing on our websites. SiteCatalyst privacy policy

 

Targeting cookies / advertising

We do not use any advertising cookies on our website.

Contact us at Bupa Cromwell Hospital IPC
Call Bupa Cromwell Hospital

Call the Bupa Privacy Team on
+44 (0)1784 893 706

We can take your call between 9am-5pm Tuesday, Thursday and Friday.

Fax Bupa Cromwell Hospital

Email the Bupa Privacy Team

Send us an email enquiry and we will get back to you.