At Mater Private Healthcare Group we understand that the privacy and security of your information is important to you. To this end, we endeavour to safeguard the privacy of all information you entrust us with in order to protect and respect your privacy.
For the purpose of Data Protection Laws, The Mater Private Healthcare Group, with a registered address at Eccles Street, Dublin 7 and registered under company number 99197 will act as a Data Controller when acting as an employer, a supplier of health services and where dealing with suppliers and in this role it is responsible for processing your data in a safe, secure and compliant manner.
- What personal information may we collect from you?
When we refer to personal data in this policy, we mean information that can or has the potential to identify you as an individual.
We may hold and use personal data about you as a customer, patient or in any other capacity. Depending on the services you receive from us, this may include special category personal data such as information relating to your health.
Personal data we collect from you may include the following:
- information that you give us when you enquire or become a patient of ours such as your name, address, contact details (including email address and phone number);
- information you give us when you make a payment to us, such as financial or credit card information;
- the name and contact details (including phone number) of your next of kin or relatives;
- notes and reports about your health and any treatment and care you have received and/or need, including information relating to clinic and hospital visits and medicines administered;
- information about complaints and incidents;
- information obtained from customer surveys that you have taken part in;
- information that you give us when you submit a question/comment in relation to our services or website;
- information you give us using the contact us or book an appointment form on our website;
- information you give us when you apply for a job with us (CV, cover letter, contact details);
- information you give us when you publish public comments on our social media pages e.g. Facebook, Twitter, Google, LinkedIn, Boards.ie, Rate My Hospital, Reddit.ie, Glassdoor.com
- images stored on the CCTV systems in use at our facilities for safety and security purposes
Please note: where you have named and provided us with personal data about your next of kin, it is your responsibility to ensure that the individual is aware of and accepts the terms of this Privacy Notice.
- What personal information may we receive from third parties and other sources?
When you use our services, we may obtain the following categories of personal data from others:
- your GP, other medical professionals including HSE, other hospitals and health professionals when you transfer or are referred to our service;
- independent medical consultants who carry out procedures at the Hospitals of Mater Private Healthcare Group. To provide you with the best possible care, consultants may need to share your personal data and medical records with Mater Private Healthcare Group;
- an external marketing company who analyse public social media pages where you publish comments about Mater Private Healthcare Group. These comments are analysed to assess the public's opinions in relation to our services so that we may provide you with improved services.
- your employer or sports club if you are referred by them for medical assessment and/or treatment.
- Why do we collect this information?Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be used for the purpose(s) for which it was collected. Your information helps us to provide and improve our services.We will use this information as follows
- To create and maintain your medical record on our administration systems which records all aspects of your assessment, diagnosis and treatment while in our care;
- To ensure that our clinical staff have the information they require for your assessment and/or treatment;
- To protect your safety post treatment through necessary follow up by manufacturers of the medical devices and equipment used in your treatment;
- To generate invoices for treatment received and subsequent payment of those invoices;
- To keep you informed on our latest services and offerings, where you have subscribed to receive such information;
- To create a candidate profile for you if you are a prospective employee;
- To constantly improve our website services and security;
- To carry out internal clinical audits.
- With whom do we share this information?We may share your personal data with our selected business associates, suppliers and contractors to provide you with our services. For example, these business partners may include:
We may also disclose your personal information to third parties:
- health insurers to secure payment for your treatment where it is covered by your private health insurance policy;
- health professionals, independent consultants and other hospitals that require your personal data as part of the provision of medical treatment;
- IT service providers that either host or have access to our data as part of their product offering;
- regulatory bodies such as HIQA, the Health and Safety Authority, where we are obliged to make data available as required;
- manufacturers of medical devices and equipment for patient safety purposes, to allow for any necessary follow up post treatment, such as, for example, product recall;
- outsourced service providers such as the use of external laboratories and marketing companies;
- other companies and organisations with whom we exchange data for the purposes of fraud protection and credit risk reduction.
- As part of normal business processing with other companies within the Mater Healthcare Group;
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
We attach a supporting Schedule with a list of the categories of third parties with whom we share your data.
- How long do we retain your information for?
The time periods for which we retain your information depends on the type of information and the purposes for which we use it. We will keep your information for no longer than is required or permitted.
For further information on the periods for which your personal data is kept, please see our data retention policy, a copy of which can be made available on request to our Data Protection Officer.
- What legal basis do we have to protect your data?
The legal bases for the processing of your personal data are :
- The processing is necessary for the performance of the contract which you have entered into with us or to take steps at your request prior to entering into a contract;
- that you have provided consent for the processing for one or more specified purposes such as marketing, for example when you fill out an admissions form and provide your consent to receiving marketing material or subscribe to receive future material;
- the processing is necessary for compliance with certain legal obligations to which we are subject;
- processing necessary for the purposes of the legitimate interests which we pursue where such interests are not overridden by your interests or fundamental rights or freedoms which require the protection of your information.
The legal bases for the processing of your special category personal data (i.e. your medical information) are that the processing is necessary:
- to provide you with health services;
- to protect your vital interests;
- for the establishment, exercise or defence of legal claims;
- for compliance with certain legal obligations to which we are subject;
- for reasons of public interest in the area of public health;
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.
- Do we transfer your information outside the European Union (EU) or European Economic Area (EEA)
In a limited number of circumstances, your personal data may need to be transferred outside of the European Union and European Economic Area to a country for which there is no adequacy decision relating to the safeguards for personal data from the European Commission.
If the destination is not the subject of an adequacy decision then either a derogation under Article 49(1) GDPR will apply which does not have to be listed here or we will ensure that appropriate safeguards will be in place to protect your data such as Standard Contractual Clauses, your consent or Privacy Shield for US transfers.
- What are your rights with respect to your personal data?
You have the following rights:
- The right to access the personal data we hold about you;
- The right to require us to rectify any inaccurate personal data about you without undue delay;
- The right to have us erase personal data we hold about you. It should be noted that this is not an absolute right and is limited to certain specific situations such as, for example, where processing is unlawful, where it is no longer necessary for us to hold the personal data in order to provide you with our services or, in some circumstances, if you have withdrawn your consent to the processing and there is no other legal ground for our processing of the data;
- The right to object to us processing personal data about you such as processing for profiling or direct marketing;
- The right to ask us to provide your personal data to you in a portable format. This right only applies to data which you have provided to us, and where the processing is carried out by automated means;
- The right to request a restriction of the processing of your personal data.
Where our processing of your personal data is based on your consent to that processing, you have the right to withdraw that consent at any time but any processing that we have carried out before you withdrew your consent remains lawful.
You may exercise any of the above rights by contacting the Mater Private Data Protection Officer at the details shown below.
You may lodge a complaint with your local supervisory authority with respect to our processing of your personal data. The local Supervisory Authority in Ireland is the Data Protection Commission.
You can contact the Office of the Data Protection Commissioner at:
Telephone: +353 (0)761 104 800 or Lo Call Number 1890 252 231
Postal Address: Data Protection Commissioner, Canal House, Station Road, Portarlington, R32 AP23 Co. Laois
For further information please visit the Data Protection Commissioner website www.dataprotection.ie.
What Are Cookies
Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device.
We may also use other companies to set cookies on our websites and gather cookie information for us – please refer to the information detailed below:
This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored, however, this may downgrade or 'break' certain elements of the sites functionality for you.
Most browsers automatically accept cookies. You have the ability to accept or decline cookies or request that you be warned when a website is trying to install a cookie. This can be done by modifying the settings in your browser. Please note that disabling cookies may affect the functionality of some parts of this website for you.
For more information about managing cookies and how to stop cookies being installed visit http://www.allaboutcookies.org/manage-cookies/
The Cookies We Set
When you submit data through a form such as those found on contact pages or service pages, cookies may be set to remember your user details for future correspondence.
In order to provide you with a great experience on this site we provide the functionality to set your preferences for how this site runs when you use it. In order to remember your preferences we need to set certain cookies; these cookies enhance your experience of the website and ensure proper website functioning.
Third Party Cookies
This site uses Google Analytics which is one of the most trusted analytics solutions on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.
For more information about Google Analytics, and the cookies it sets, please visit:
To opt out of being tracked by Google Analytics, please visit: http://tools.google.com/dlpage/gaoptout
As we provide healthcare services it's important for us to understand statistics about how many of the visitors to our site actually contact us and as such, this is the kind of data that these cookies will track. This is important for you, as it means that we can accurately make business predictions that allow us to monitor our advertising.
Advertising or Targeting Cookies
We might, on some occasions, wish to advertise on social media or other websites. When we do this we may wish to use personal data in order to improve the targeting of the advertising. This enables us to improve efficiency and keep our costs down.
The behavioural advertising cookies used by this site are designed to ensure that we provide you with the most relevant adverts where possible by anonymously tracking your interests and presenting similar things that may be of interest. You can opt out of one or all third party Online Behavioural Advertising (OBA) cookies on the web browser you are currently using with an "opt-out cookie" by visiting:
- How can you contact us/or our Data Protection Officer
Our Data Protection Officer can be contacted by:
Phone: 1800 123 456 | Outside ROI +353 (0)1 885 8888
Address: The Data Protection Officer, Mater Private Hospital, Eccles Street, Dublin 7
Phone: (021) 6013200
Address: The Data Protection Officer, Mater Private Hospital, Citygate, Mahon, Cork,
|Category of Third Party||Description of Service Provided|
IT Service Providers
System based processing of personal and/or medical details as part of patient treatment and/or organisational/ operational requirements e.g. cloud hosting services; application development and support services; IT Infrastructure services; email services; call recording services.
|Legal/Professional Advisors||The provision of business consulting, audit and legal services including access to and analysis of personal data as part of business initiatives, statutory audits, legal claims and ad-hoc consultancy advice|
|Transport, Storage & Shredding||
The provision of courier services for the transportation of physical documents to and from suppliers, insurers and referring corporate/medical partners.Storage and destruction of physical files for operational and regulatory purposes
|Outsourced Service Providers||The external processing of personal data to external providers where Mater Private Hospital does not have either the expertise, capacity or demand to provide the processing required. E.g. test/analysis by external laboratories|
|Regulatory Bodies||Provision of personal data as required to satisfy recurring obligations, audit and mandatory reporting purposes with bodies such as HIQA, TUSLA, Health, and Safety Authority etc.|