At Empath Employment Pathway – Occupational Health Services, we are committed to protecting the privacy, confidentiality, and security of all information we hold about users of our website, online portal, job applicants, employees, and individuals referred to or accessing our occupational health services.
This Privacy Notice explains what information we collect, how it is used, and how it is protected when you visit our website, use our online systems, apply for roles, or are referred to our services.
All personal data is collected, stored, and processed in full compliance with current UK data protection legislation, including the UK GDPR, and in line with the professional and ethical standards of the General Medical Council (GMC), Nursing and Midwifery Council (NMC), Health & Care Professions Council (HCPC), British Psychological Society (BPS), Chartered Society of Physiotherapy (CSP), and the Faculty of Occupational Medicine (FOM). Where services relate to Ireland, processing is also compliant with EU GDPR.
Empath Employment Pathway – Occupational Health Services acts as the Data Controller for all personal data processed in relation to the services it provides.
As Data Controller, we are responsible for determining how and why your personal data is processed and for ensuring that appropriate safeguards are in place.
When you visit our website, our web server may automatically collect limited technical information for system security and performance purposes. This may include:
We may also use cookies to optimise website performance and user experience. Further details are available in our Cookies Policy.
We do not collect personal data such as your name, address, email address, or telephone number unless you voluntarily provide it, for example by completing a contact form, registering on our portal, or applying for a role.
If you contact us, your information will be used only to respond to your enquiry and will not be processed for any other purpose.
All data you provide is stored on secure servers. Where access to secure areas of the website is password-protected, you are responsible for keeping your login details confidential.
While we take all reasonable steps to protect your information, data transmission over the internet cannot be guaranteed to be completely secure. Any transmission is therefore at your own risk.
We use personal data for:
We do not share your personal data with third parties or government bodies without your consent, unless required by law.
All staff and associated professionals are bound by strict confidentiality obligations.
We use Google Analytics to understand website usage and improve performance. Google Analytics collects anonymised information only and does not store IP addresses or personal identifiers. Data is retained for a limited period and processed in accordance with GDPR requirements.
We apply robust technical and organisational measures to protect personal data from:
Our security controls are reviewed regularly and managed under our Information Security Management System.
When registering on our portal, we may collect personal data such as names, email addresses, and information relating to individuals being referred for assessment. This may include special category (health) data.
Such data is processed solely for occupational health purposes, including:
All data is handled confidentially and protected in line with legal and ethical standards.
If you apply for a role via our website or upload your CV, your data will be used only for recruitment and employment-related purposes. By submitting your information, you consent to its processing in line with data protection law.
Due to the nature of occupational health services, we process personal and special category health data. We have strict procedures and safeguards to ensure this information is protected.
We adhere to professional codes of conduct and are registered with the Information Commissioner’s Office (ICO). Where applicable, an EU Representative is appointed for Irish-based services.
We follow the core principles of data protection, including:
Medical records are generally retained in line with statutory and professional retention periods. Data is not transferred outside the UK or EU without appropriate safeguards.
You have the right to:
Requests must be made in writing for security reasons, and identity verification will be required.
Our website may contain links to external websites. We are not responsible for the privacy practices or content of third-party sites.
We may update this Privacy Notice from time to time. Any changes will be published on this page.
If you have concerns about how your data is handled, please contact us via our Contact Us page.
You may also seek guidance from:
We use cookies to monitor website usage and improve functionality. Cookies do not store personal information. You can control or disable cookies through your browser settings.
We aim to make our website accessible to all users and strive to comply with WCAG 2.1 Level AA standards. If you experience any accessibility issues, please contact us.
Website content is provided for general information only and does not replace advice from your own medical professional.
