Primary Care
Rota
Rostering connected to your staff
Multidisciplinary Staff Bank
Manage your flexible staff
GP Marketplace
Find vetted locums
Streamlined Administration
Payments, pensions and compliance
Sign up as a clinicianBook a DemoRegister your practice
Secondary Care
In-Genius™ Rota
AI-Powered scheduling for Resident Doctors
In-Check™ Compliance
Comply to regulation and contract obligations
Exception Reporting
Track additional hours worked
Book a Demo
For Clinicians
Primary Care
Secondary Care
Case Studies
Primary Care
Secondary care
About us
Meet the team
Careers at Lantum
Register your practiceBook a DemoLogin
Book a demoLogin
Book a demoLogin
Primary Care
Rota
Multidisciplinary Staff Bank
GP Marketplace
Payments and Compliance
Sign-up as a clinician
Secondary Care
In-Genius Rota
Compliance
Exception Reporting
For Clinicians
Primary Care
Secondary Care
Case Studies
Primary Care
Secondary Care
Primary Care
Rota
Rostering connected to your staff
Multidisciplinary Staff Bank
Manage your flexible staff
GP Marketplace
Find vetted locums
Streamlined Administration
Payments, pensions and compliance
Sign up as a clinicianBook a DemoRegister your practice
Secondary Care
In-Genius™ Rota
AI-Powered scheduling for Resident Doctors
In-Check™ Compliance
Comply to regulation and contract obligations
Exception Reporting
Track additional hours worked
Book a Demo
For Clinicians
Primary Care
Secondary Care
Case Studies
Primary Care
Secondary care
About us
Meet the team
Careers at Lantum
Register your practiceBook a DemoLogin

Lantum Privacy Policy

Overview of Policy
Lantum Limited is the data controller in respect to the personal information that youprovide us with. This privacy policy, together with our Terms and Conditions and anyother documents referred to, forms the basis of our collection, storage and use ofpersonal data collected by Lantum.
We value your privacy and want to remain accountable, fair and transparent with youin the way that we collect and use your personal information when you visit ourwebsite/ app, use our products and services or engage with our customer supportteam.
References in this policy to:
“NHS Bodies” mean the following groups that form the NHS. ICB (Integrated CareBoards), ICS (Integrated Care Systems), PCN (Primary Care Network), GP Practices,Federations, UTC (Urgent Treatment Centre), Remote Consultation Providers,Secondary Care Hospital Departments.
“Healthcare Professionals” means any clinical or non-clinical member of staff seekingto offer themselves and secure sessional work with one or more NHS Bodies.
“Healthcare Professionals” means any clinical or non-clinical member of staff seekingto offer themselves and secure sessional work with one or more NHS Bodies.
The types of personal data we process
Healthcare Professionals, Healthcare Organisations and Website Users
● Identity Data - This includes your first name, maiden name, last name,photograph, title, date of birth and gender
○ How we collect it, why we collect it and the legal basis for processing it
We may collect identity data when you contact us via email,telephone, the customer support chat function or when you signup to use the Lantum platform. This information may also beshared with relevant NHS Bodies who, from time to time, maycontact you directly with shift opportunities. The legal basis we rely on for this is Article 6(1)(f) of the GDPR - Legitimate Interestsand Article 6(1)(b) - Contractual Obligations.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider. All data originating from the UK is stored in Irelandwithin the EU. All data originating from the US is stored in the US.
○  How long do we keep it for?
We keep the identity data mentioned above for no more than 12years after your most recent enquiry or post customerrelationship
● Contact Data - This includes your billing address, email address and telephonenumbers
○ How we collect it, why we collect it and the legal basis for processing it
We may collect contact data when you contact us via email,telephone, via the customer support chat function or when yousign up to use the Lantum platform. This information may also beshared with relevant NHS Bodies who, from time to time, maycontact you directly with shift opportunities. The legal basis werely on for this is Article 6(1)(f) of the GDPR - Legitimate Interestsand Article 6(1)(b) - Contractual Obligation.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider. All data originating from the UK is stored in Irelandwithin the EU. All data originating from the US is stored in the US.
○ How long do we keep it for?
We keep the contact data mentioned above for no more than 12years after your most recent enquiry or post customerrelationship
● Financial Data - This includes your bank account and payment card details
○ How we collect it, why we collect it and the legal basis for processing it
We may collect financial data when you sign up to use theLantum platform so that we can process payments for completedshifts or subscriptions for use of the platform. The legal basis werely on for this is Article 6(1)(b) of the GDPR - ContractualObligation.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider in Ireland within the EU
○ How long do we keep it for?
We keep the financial data mentioned above for no more than 12years post customer relationship
● Transaction Data - This includes details about payments between us and otherdetails of purchases made by you
○ How we collect it, why we collect it and the legal basis for processing it
We may collect transactional data when any payments are madebetween us and Healthcare Professionals or Practice Managers.The legal basis we rely on for this is Article 6(1)(f) of the GDPR -Legitimate Interests and Article 6(1)(b) - Contractual Obligation.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider in Ireland within the EU
○ How long do we keep it for?
We keep the transaction data mentioned above for no more than12 years post customer relationship
● Technical Data - This includes your login data, internet protocol addresses (IP),browser type and version, browser plug-in types and versions, time zonesetting and location, operating system and platform and other technology onthe devices you use to access our site
○ How we collect it, why we collect it and the legal basis for processing it
We may collect technical data from website users and anyonewho signs up to use the Lantum platform for system maintenanceand general business protection and for data analytics toimprove our marketing, website and customer experience. Thelegal basis we rely on for this is Article 6(1)(f) of the GDPR -Legitimate Interests.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider. All data originating from the UK is stored in Irelandwithin the EU. All data originating from the US is stored in the US.
○ How long do we keep it for?
We keep the technical data mentioned above for no more than 12years post customer relationship or recent enquiry
● Usage Data - information about how you use our website and services
○ How we collect it, why we collect it and the legal basis for processing it
We may collect usage data from website users and anyone whosigns up to the Lantum platform to better analyse how a productor service is being used. The legal basis we rely on for this isArticle 6(1)(f) of the GDPR - Legitimate Interests.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider. All data originating from the UK is stored in Irelandwithin the EU. All data originating from the US is stored in the US.
○ How long do we keep it for?
We keep the usage data mentioned above for no more than 12years post customer relationship or recent enquiry
● Marketing Data - This includes your preferences in receiving marketingcontent and your communication preferences in relation to us, relevant NHSBodies that may have shift opportunities or third parties. You can opt outanytime by clicking ‘unsubscribe’ on our marketing emails, changing yournotification preferences on your Lantum account or emailingprivacyrequest@lantum.com and requesting to be removed from marketingcommunications
○ How we collect it, why we collect it and the legal basis for processing it
We may collect marketing data from current and potentialHealthcare Organisations and Healthcare Professionals. We mayoccasionally send you updates and marketing emails to keep youup to date with what we’re up to. The legal basis we rely on forthis is Article 6(1)(f) of the GDPR - Legitimate Interests and Article6(1)(a) - Consent.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider in Ireland within the EU
○ How long do we keep it for?
We keep the marketing data mentioned above for no more than12 years post customer relationship or recent enquiry
● Communications with us - This includes your support queries, calls withcustomer support or any questions, comments or problems you communicatewith us
○ How we collect it, why we collect it and the legal basis for processing it
We may collect communication data from anyone who contactsus to help analyse and improve our platform. The legal basis werely on for this is Article 6(1)(f) of the GDPR - Legitimate Interests
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider in Ireland within the EU
○ How long do we keep it for?
We keep the communication data mentioned above for no morethan 12 years post customer relationship or recent enquiry
● Research Data - In order to improve the Lantum platform, we regularly conductsurveys to gather feedback. Special category data such as ethnicity andreligion is only collected for compliance with NHS frameworks, however, all theinformation collected is anonymised before being shared and all surveys arecompletely optional with no required answers. We also collect additionalconsent before any research surveys are completed.
○ How we collect it, why we collect it and the legal basis for processing it
We may collect research data from anyone who consents toproviding feedback. This is done to help analyse and improve ourplatform and to also meet NHS requirements when submittingframework applications. The legal basis we rely on for this isArticle 6(1)(c) of the GDPR - Legal Obligation and Article 6(1)(f) -Legitimate Interests. We also rely on Article 9(g) Reasons ofSubstantial Public Interest (with a basis in law) and Schedule 1 ofthe DPA 2018(8) Equality of opportunity or treatment.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider in Ireland within the EU
○ How long do we keep it for?
We keep the communication data mentioned above for no morethan 12 years post customer relationship or recent enquiry
● Third Party Software Suppliers - Lantum uses third party software suppliers forcustomer relationship management and to process payments. Personally Identifiable Information (PII) is often processed through these third partysoftwares however, Lantum has strict security procedures in place for howthese are chosen and used, in line with our ISO 27001 certification. Each thirdparty software also has their own Privacy Policies in place that we haveassessed and they are also subject to confidentiality clauses or Non-disclosureagreements to ensure your data is safe at all times.
○ How we collect it, why we collect it and the legal basis for processing it
The data provided to our third party softwares is used to formand maintain customer relationships by allowing us to managecommunications. We also use this data to make and receivepayments from healthcare professionals and organisations forsessions that have been completed. The legal basis we rely onfor this is Article 6(1)(f) - Legitimate Interests.
○ Where do our third party suppliers store it?
The vast majority of our suppliers are cloud-based and store PIIdata in data centres located in London and Ireland. Those whodo not store data in the UK are either recognised as a safecountry to receive and process personal data or haveappropriate safeguards in place in line with the GDPR.
○ How long do we keep it for?
We keep the data mentioned above, on our third party supplier platforms, for no more than 12 years post customer relationshipor recent enquiry
Healthcare Professionals Only
● Professional Data - This includes your employment history, professionalqualifications, certifications, references, CV, GMC/NMC number and any otherinformation required by a healthcare organisation to assess your ability to workwith them.
○ How we collect it, why we collect it and the legal basis for processing it
We may collect professional data from Healthcare Professionalswho sign up to Lantum to find shifts. This information may also beshared with practices you decide to work with. The legal basiswe rely on for this is Article 6(1)(f) of the GDPR - LegitimateInterests and Article 6(1)(c) - Legal Obligation
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider. All data originating from the UK is stored in Irelandwithin the EU. All data originating from the US is stored in the US.
○ How long do we keep it for?
We keep the professional data mentioned above for no morethan 12 years post customer relationship or recent enquiry
● Screening Data - This includes clinical governance checks (including theresults and application of DBS, police or similar checks for any informationprovided relating to current and/or spent criminal convictions).
○ How we collect it, why we collect it and the legal basis for processing it
We may collect screening data from Healthcare Professionalswho sign up to Lantum to find shifts. This information may also beshared with practices you decide to work with; however,additional consent will be requested when we apply for a DBS onyour behalf and when uploading DBS documents. Our ClinicalGovernance team will also contact referees, by email, for allapproved GPs. The legal basis we rely on for this is Article 6(1)(c)of the GDPR - Legal Obligation. Additionally, the condition forprocessing we rely on is Schedule 1 (2) Health or Social carepurposes under the 2018 Data Protection Act.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider. All data originating from the UK is stored in Irelandwithin the EU. All data originating from the US is stored in the US.
○ How long do we keep it for?
We keep the screening data mentioned above for no more than12 years post customer relationship
● Medical Data - This includes any additional data you provide regarding yourhealth. For example, immunisations you may have had. All additionalhealth/security related documents require further consent when uploading.
○ How we collect it, why we collect it and the legal basis for processing it
We may collect medical data from Healthcare Professionals who sign up to Lantum to find shifts. This information may also beshared to your Lantum profile which is visible to practices to helpincrease your chances of booking sessions, however alladditional documents require further consent. The legal basis werely on for this is Article 6(1)(f) of the GDPR - Legitimate Interests.Additionally, the condition for processing we rely on is Article 9 (h) of the GDPR - Health or Social Care and Schedule 1 (2) Healthor Social care purposes under the 2018 Data Protection Act.
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider. All data originating from the UK is stored in Irelandwithin the EU. All data originating from the US is stored in the US.
○ How long do we keep it for?
We keep the screening data mentioned above for no more than 12 years post customer relationship
● Profile Data - This includes your ID number, shift bookings, name of hospital/department, biography, additional qualifications, clinical systems and spoken languages, feedback and any other notes on your account.
○ How we collect it, why we collect it and the legal basis for processing it
We may collect profile data from Healthcare Professionals who sign up to Lantum to find shifts to help increase shift opportunities. This information may also be shared with relevantNHS bodies. The legal basis we rely on for this is Article 6(1)(f) ofthe GDPR - Legitimate Interests
○ Where do we store it?
All the information you provide is stored by our cloud hostingprovider. All data originating from the UK is stored in Ireland within the EU. All data originating from the US is stored in the US.
○ How long do we keep it for?
We keep the professional data mentioned above for no more than 12 years post customer relationship or recent enquiry
Lantum offers a diary management and Locum service organisational tool toHealthcare Professionals using the Lantum platform via a third party, called LocumOrganiser. Use of this tool is completely optional. If a Healthcare Professional opts touse Locum Organiser, Locum Organiser will share the following information withLantum:
a) Healthcare Professional’s full postcode
b) How far the Healthcare Professional is willing to travel to provide services to a healthcare Organisation, from the individual’s full postcode
c) Healthcare Professional’s GMC number
In all cases, it is Lantum’s legal obligation to use and share personal data if wesuspect any wrongdoing or are required to support any legal or financial investigations.
Website Cookies
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies enable us to provide a variety offeatures and functionality. For example, cookies enable us to identify you, secure your access to Lantum and save your product usage preferences which will ensure everyone who uses Lantum has the best possible experience. Any browser visiting these sites will receive cookies from us.
We use the following categories of cookies:
Strictly necessary cookies. These are cookies that are required for the operation of our website.
They include, for example, cookies that enable you to log into secure areas of our website or make use of e-billing services.
Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences.
Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the content displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
Except for essential cookies, all cookies will expire after 2 weeks unless renewed again by visiting our sites. For detailed information on the use of our cookies, please refer to our cookie policy
What are your rights?
● The Right to be Informed
You have the right to be informed about how your data is being collected, processed, stored, used and who it will be shared with as detailed in this Privacy Policy.
● The Right of Access
You have the right to request copies of what information we hold on you and to know what we are doing with that information.
● The Right to Rectification
You have the right to ask us to change or correct the personal information we hold about you if you believe it is inaccurate or incomplete.
● The Right to Erasure
You have the right to ask us to erase your personal information, in some circumstances.
● The Right to Restrict
You have the right to block or suppress the processing of your personal information for a duration of time, in some circumstances.
● The Right to Data Portability
You have the right to request to transfer the personal information we hold about you to either yourself or a third party, in a structured, commonly used and machine readable format, in some circumstances.
● The Right to Object
You have the right to ask us to stop processing your personal information in some circumstances.
For example, when we are relying on our own (or someone else’s) legitimate interests to process your personal information, when we are processing your personal information for direct marketing or when we are processing your personal information for research purposes.You don’t have to pay anything in order to exercise your rights. Please contact us at privacyrequest@lantum.com, Lantum Ltd, 1 Mark Square, London EC2A 4EG, if you wish to make a request under your rights. We then have 30 days to get back to you with a response.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at privacyrequest@lantum.com.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk

Last Updated: 06/02/2023
Copyright - Lantum 2024
4th Floor, 1 Mark Square
London, EC2A 4EG
0203 771 8411
Primary CareSecondary CareFor Clinicians
Contact usCareersOur blog
FAQsPrivacy policyTerms & ConditionsCookies Policy