Who we are
We are ICS Operations Limited trading as Xyla Digital Therapies – CYP. We are part of the Acacium Group of companies.
We deliver digital assessments and interventions for children and young people aged between 5 and 25 who are experiencing mild to moderate mental health difficulties.
Working together with local health services, we’re able to provide experienced teams of clinicians to deliver high quality, safe and effective digital interventions. Upon receiving a referral for assessment and/or treatment from one of our partner organisations, it will be reviewed by our team within 48 hours.
Reducing wait times for mental health support in the UK has become vital. Our service will allow children and young people who need intervention to access it quicker. Key features include:
- Accessibility via a smartphone, tablet or computer
- Choice of appointments, mainly after-school and weekends
- Clinicians who speak many different languages
DESIGNED FOR YOUNG PEOPLE, BY YOUNG PEOPLE
We understand how vital customer engagement is and, from the outset, enlisted a group of young volunteers to help us design and develop an accessible service that truly meets their needs.
We heard how important privacy and confidentiality is to them, that the service must feel customisable, and that the language must not feel dismissive. Their insights have been invaluable, and their involvement continues to guide us as we develop the service further.
Get in touch
If you want to know more about the personal information we have of yours, or if you want to raise a question with us then do drop us a line. If you are under 13 your parent or carer would need to do this. If you are over 13 then you can write to our data protection officer.
Tracy Cherrington: DPO@acaciumgroup.com
We think it would be best if you discussed this with your parent or carer first, and that you copied them into any emails you send.
Personal data – what’s that?
What we mean is any information that could be used to identify you. At its simplest this could be just your name and address; or, it could include a telephone number, email address, a picture or recording of you. As we might be supporting you, there are things our practitioners would need to know to help them do that. This could be quite sensitive and personal information about what has happened and how you are doing.
| Basic details | Name, address, email address, NHS number, date of birth, gender, phone number, GP surgery, school, ethnicity, language, religion, carer, next of kin, other person / professional relationships |
| Contact history | Details of contact we have had with you, referrals received, assessments, treatment appointments and any other form of contact (e.g. phone call to book). |
| Medical information | Notes and reports about your mental health and any relevant assessments by our practitioners Details of your mental health condition and treatment given Information about historical health conditions which relate to your mental health. Relevant information from people who care for you and know you well such as health care professionals and relatives |
We will only collect and process the minimum amount of personal data necessary to achieve the specified purpose.
We will notify you on the privacy notice for any changes to the purpose for which data is collected.
We do not use automated system to analyse personal data, assess behaviour, predict individual preferences, or make decisions that impact individuals without human intervention.
Why do we take this information?
We use the information for the sole purpose of providing the best care and support that we can. This might also include being able to evaluate the quality of support we have given and audit our practices.
Where we get your personal data from and what we do with it?
We get information mainly from you, but also if you are under 13 then your parent or carer has to give it to us on your behalf. We don’t buy lists of names. If you are being supported by us then we might take information from, for example, your school which would help us to help you as best we can. We may also get some information from your GP, local authority, social care services. We’d only take this if we had your (or your parent/carer’s) permission to do that.
So:
- You might get in touch with us to find out about our services.
- You might need a little bit of help yourself and maybe someone has contacted us for you.
- When you are in touch with us we will sometimes ask you for personal information. Personal information means things like your name, your age, where you live and how we can contact you.
- But that’s only if you are over 13. The first thing we would want to know, and check, is how old you are.
- If you are under 13 then we have to ask a parent or carer, or another adult who looks after you to give us that information for you. We tell them how we keep that information safe in our other ‘Privacy Notice’ – it is a bit longer than this one! They can ask to see any of that information, any time.
- If you are 13-18 then you can give us permission (or, ‘consent’) to record some data about you depending on what we are doing and hold on to it for as long as we need to.
- If you are getting support then your practitioner will sit down with you and explain all of this and check that you agree, that you know what your rights are, and that you understand what we do with your personal information – it is yours after all!
- It is really important to know that we are really careful with this information.
- Everyone here is trained in safeguarding which means that we know how to keep you safe and that includes how we keep your information safe. We don’t share it unless you tell us we can (unless we are really worried about you), and we store it safely.
How long we keep your data for
We have thought a lot about how long we should hold on to personal data. We believe it is only as long as you would consider reasonable, or where we have to because of the law. We have a list of how long we keep all information and what we do with it (delete or archive) when its time is up! We keep it very safe on our systems, just like you would expect us too.
Your rights
You have all the same ‘rights’ with regard to your personal information as adults do – this is a very good thing. There are 12 rights and you can see them here.
If you want to know more, have a look at our general Patient Privacy Notice.
If you have any questions about what we are doing or you have some concerns, write to DPO@acaciumgroup.com. You can also complain to the ICO if we can’t help you.
ISO27001 UKAS accredited/certified.
Cyber essentials and cyber essentials plus IASME accredited/certified.
