Privacy Policy

If you are a user or subscriber, or just visiting our website, this policy applies to you. This Privacy Policy will help you understand what information we collect, why we collect it and what we do with it.


Who we are


University Hospitals of Leicester NHS Trust is registered as a “data controller” with the Information Commissioner’s Office, under registration number Z7882087.

Our Data Protection Officer is contactable through or you can write to the Head of Privacy, University of Hospitals Leicester, Information Governance, County Hall, Glenfield, Leicester LE3 8RA]


Why we need information from you

We hope that by using you will be better able to understand and manage your pre-diabetes. The e-learning section of allows you to learn more about pre- diabetes through a range of interactive sessions, and the self-management trackers allow you to update, track and manage a range of biomedical markers; such as blood pressure, BMI and weight, as well as activity and diet levels. The action plan section of the site allows you to create and review plans for behaviour change. You can input information about your goals and get emails to remind you of your progress.

We need information from you in order to personalise these services for you.  This includes information about age, ethnicity, and other risk factors associated with pre-diabetes. If you do not provide this information, this will reduce the accuracy and relevance of the content on


The information that we collect about you

We collect two kinds of information once you start using the site:

  • Information you give us:
    • You give us information by registering, logging in to, and using the site, by filling in and updating forms and responding to questions. The information you give us may include: your name,
    • address,
    • e-mail address,
    • phone number,
    • ethnicity and date of birth,

as well as information about your health and wellbeing.

We use this information to provide the personalised service to you. Depending on the information you enter, the logic behind will show you different information in consequence, based on clinical guidance (age and ethnicity are risk factors associated with Type 2 diabetes). You can resubmit or vary information if you like – but will work best when the information you submit accurately reflects your health experience.


  • Information we gain through how you use the site (cookies).
    • Cookies are small files placed on your computer that collect standard internet log information and visitor behaviour. We use this information to track visitor use of the website and compile statistical reports on activity. You can find out more by visiting You can set your web-browser not to accept cookies, but this might impact on some of the features of the website.
  • Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States, and which we then use to make the site work and to understand how it is being used. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.The way in which Google operates Google Analytics is set out in Google's Privacy Policy- external site. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google- external site; however by opting out, the site may not function correctly.


What we do – and don’t do – with information about you

We will:

  • store the information you provide so that you can continue to access and make use of the website;
  • provide access to an administration area of the website for your local HEALTHIER YOU Organisation to download/extract your name and date of birth.
  • Advise your local HEALTHIER YOU Organisation to ensure they abide by all NHS standards for handling identifiable information
  • Be sent an anonymous and password-protected version of collected data from each local HEALTHIER YOU Organisation, which will be analysed for audit purposes and stored in accordance with NHS standards for record handling


We may:

  • use the anonymous information your local HEALTHIER YOU Organisation give us as part of internal clinical audit, to measure or understand the effectiveness of the service that we offer to you and others;
  • use the information you give us as part of the administration of and for internal operations, such as troubleshooting, so as to improve our site and ensure that content is presented in the most effective manner for you and others using the site;
  • need to share information about your use of the site with our web hosting company and our web developers, but only to the extent that is needed for the running and maintenance of the website. Where possible this will not include any information which could be used to identify you personally. Our webhosting company and developers are subject to strict obligations of confidentiality and won’t be able to use your data for anything else.
  • ask you from time to time about your experience in using the site and use the information you provide to analyse and improve the service we offer you;
  • need to share your information with other organisations as part of our legal compliance obligations: for instance, the Care Quality Commission inspects the Trust regularly and can ask to see the information we hold.
  • need to use your information in connection with legal proceedings, or to investigate and respond to any complaints you may make.


We don’t:

  • share information with other users of the website.
  • share the information you give us with commercial organisations.

The legal basis for processing your information

“Processing” means doing anything with your information, for example collecting, storing or deleting your information.Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:

  • The processing is necessary for us to comply with our legal obligations, such as obligations to provide a safe service. We are under legal obligations to have systems in place to proper records (under the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014;
  • is a service provided by the Trust as part of the NHS and forms part of the exercise of our functions under the NHS Act 2006, which include the supply of health services.

Because our service is a ‘health’ service, we will also process ‘sensitive’ information (known as “special category personal data”). The normal legal basis for this is:

  • The processing is necessary for the purposes of preventive medicine, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services;
  • processing is necessary for reasons of public interest in the area of public health, such as ensuring high standards of quality and safety of health care.

We will respect your confidentiality and wherever possible, we will respect your wishes in terms of how we use your information.

Keeping your information up to date

It’s really important that the information you give us is kept up-to-date, so that you can monitor your progress yourself and so that those with an interest in your health, such as your GP, can find out how you are getting on. You can keep your information up-to-date:

  • bychanging your information on your account page.
  • on the specific information you provide on, for instance, your BMI, blood glucose, and activity logs.


How long we keep your information for, and when you stop using

We keep information on your account for 24 months if the account remains active. If the account is deactivated or unused all information is archived after six months, and permanently deleted after 24 months. This is so that we meet our compliance obligations, and in case you want to use the service again in the future. You can find out more about the retention periods for healthcare related information in the NHS Records Management Code of Practice, available via


Keeping your information safe and secure and where your data is stored

We use a range of security measures and processes to keep your information safe and secure, such as:

  • password login;
  • encryption on our website;
  • carrying out regular privacy impact assessments
  • training for staff on information security and data protection;
  • restricting the number of staff that can see identifiable information you provide to the website, only to those that need to know or see the information in order to do their jobs.

Our servers are based in the UK, but your data may be transferred outside of the UK where you have not opted-out of Google Analytics. This is because Google use servers which are outside of the UK and your information will be stored on these servers. You can find out more about Google’s privacy policy (

You can find out more about how the NHS keeps online information safe, and what you can do to help with this, by reading the guidance note at

Please remember:

  • You provide information at your own risk: unfortunately, no data transmission is guaranteed to be 100% secure;
  • You are responsible of your username and password: keep them safe and secure!
  • If you believe your privacy has been breached or infringed, please contact us immediately by emailing


Your rights

You have control over much of the information you supply to us by choosing what you input into You can limit this but this may mean that the service does not work well and may give you an inaccurate picture of your health.

You also have the right to:

  • ask us to let you know what information we hold about you
  • ask us to amend the information we hold about you if you think it is incorrect
  • ask us to delete any information we hold about you
  • ask us to limit the way in which we use your information
  • ask us to send your information on to a third party
  • make a complaint to the Information Commissioner’s Office about the way in which we have used your information. The ICO can be contacted by visiting

You should however be aware that the accuracy and relevance of the programme will depend on the level of information you provide to us.

We will not make a charge in the first instance for providing you with the information we hold about you or.


You can contact our Data Protection Officer to find out more about how we use your information or to exercise any of your rights mentioned above. Our Data Protection Officer is contactable through or you can write to the Head of Privacy, University of Hospitals Leicester, Information Governance, County Hall, Glenfield, Leicester LE3 8RA.


Changes to this policy 

Any changes we may make to this privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy. This page was last updated on [24/05/2018].

How to contact us

You can contact us by emailing with any questions or concerns.  

You can also use the ‘feedback’ button on every page to email us with comments about the site.