This Privacy Policy explains what information we collect about you when you complete a RIVIAM eConsent Form and why it is collected.

The focus of this policy is on the information used by RIVIAM to enable you to complete the form.

If you would like to understand more about how the data collected on the eConsent Forms is used by our Customers (see below for a definition of ‘Customers’), who this is shared with, how it is kept secure and your data rights, please read the Customer's Privacy Policy available as a link on the eConsent Forms.

When we refer to 'RIVIAM' within this Privacy Policy we are referring to RIVIAM Digital Care which is a trading name of Targett Business Technology Ltd, Silver Building, Bath and West Buildings, Lower Bristol Road, Bath, BA2 3EG, the company which provides this application.

Data protection framework

Targett Business Technology Ltd is based within the United Kingdom and, as such, is registered with the Information Commissioner’s Office (ICO). We have aligned our Privacy Policy with the EU General Data Protection Regulation (GDPR) which came into effect on 25 May 2018, under the supervision of the ICO within the UK.

RIVIAM eConsent Forms

RIVIAM provides eConsent Forms to our Customers and is the Data Processor. Parents and carers can complete and submit an eConsent form to provide consent for a child to receive an immunisation as part of the Children's School-Aged Immunisation Programme. The consent is then received by our Customer for triage.

Information we may collect from you during the process of completing an eConsent Form

The following data is collected:

• Internet log information. This is statistical data only which we collect in order to find out the numbers of people completing eConsent Forms. The information is collected in such a way that does not identify individuals and we do not make any attempts to identify visitors this way.
• Web server log files. IP addresses are used by your computer every time you are connected to the Internet. Your IP address is a number used by computers on the network to identify your computer. IP addresses are automatically collected by our web servers so that data (such as the web pages on the eConsent Form) can be sent to you. In most cases, your internet provider will use a different IP address when your traffic enters the internet. It is this latter address we record in our web server log files. The files are used to record information about the forms, such as system errors. Log files do not contain any personal information or information about other sites which you have visited.
• Cookies. Cookies are files with a small amount of data commonly used to provide functionality for websites and web forms. RIVIAM's eConsent Forms contain only a session cookie as part of our content management system to enable you to complete the forms. Once you have done so and your browser is closed, the cookie will be not be stored on your computer.

Links to other websites

Please be aware that the eConsent Forms may link to websites that may be accessed through the forms. If you follow a link to any of these websites, please note that they will have their own privacy and cookie policies and we do not accept any responsibility or liability for these website's privacy and security practices.

Security

We take the security of your personal data very seriously. RIVIAM has put in place technical measures to secure the information processed on our eConsent Forms on behalf of our Customers.

Changes to this Privacy Policy

We may update this policy from time to time. We advise you to review this page periodically for any changes. We will notify you of any changes by posting them on this page and they will become effective immediately.

Contacting RIVIAM

If you have any questions or concerns about the information RIVIAM collects about you as you complete an eConsent Form, please contact our Help Desk.

If you are not happy with the response from our Help Desk, please get in touch with RIVIAM's Data Protection Officer, Christine Targett.

Definitions

• Customers: organisations providing health and social care services that have a legal contract with RIVIAM to use our digital services.
• GDPR: General Data Protection Regulation.
• Personal data: Any information relating to an identifiable individual such as your name, NHS number, contact details. It can also be location data or an online identifier