Our website address is: https://medicshield.co.uk.
Information is critical to enabling our business to operate and where information is in the public domain, we have a legitimate business interest to source and use that data to achieve this business purpose. At the point of obtaining data on individuals and integrating it into our systems we assume the responsibilities of a ‘data controller’ according to the General Data Protection Regulation (GDPR). This document will articulate how we execute these responsibilities in what we do and protect the rights of the individual in safeguarding their data.
What information do we collect and how do we obtain it?
Information on our client contacts is sourced through existing relationships with these individuals or through information that is in the public domain. We maintain information on our client contacts within our database and again we only collect information, which is necessary, relevant and adequate for the purpose it is being used for and we never sell this information to a third party.
The standard data we collect is:
- Contact details e.g. phone number, email address etc.
- Job position.
- Any ongoing correspondence based on interactions e.g. notes from discussions.
How do we use the data we have collected?
Medicshield will only process information that is necessary for the purpose for which it has been collected.
For client contacts, we utilise information collected to:
- Communicate on specific work assigned to us by our client organisation.
- Contact you from time to time about events, services, or information which we think may be of interest to you.
Our Staff are not permitted to disclose your information outside of our organisation.
Who has access to your data?
Medicshield employees involved will have access to data through the processes described above. All employees are bound by employment contracts to only access this data for the purposes described and not disclose information outside of our organisation.
In addition, we work with a third-party organisation, ResourceSmith, who operate elements of our data processing on our behalf. We take steps to ensure that our third-party partner complies with data protection legislation and protects your information just as we do. We only disclose personal information that is necessary for them to provide the service that they are undertaking on our behalf. Due to the international nature of our business, there may be some instances where your information is processed or stored outside of the EU. In those instances, we will ensure that appropriate safeguards are in place for that transfer and storage as required by applicable law.
What rights and choices are available to you?
You have the right as an individual to access your personal information we hold about you and make corrections if necessary. You have the right to withdraw any consent you have previously given us and ask us to erase information we hold about you. You can also object to us using your personal information (where we rely on our business interests to process and use your personal information). You can contact us directly to:
1) Ask for a copy of the information that we hold about you.
2) Correct and update your information.
3) Withdraw your consent (where we rely on it).
4) Object to our use of your information (where we rely on our legitimate interests to use your personal information) provided we do not have any continuing lawful reason to continue to use and process the information. When we do rely on our legitimate interests to use your personal information for direct marketing, we will always comply with your right to object.
5) Erase your information (or restrict the use of it), provided we do not have any continuing lawful reason to continue to use and process that information.
6) Transfer your information in a structured data file (in a commonly used and machine-readable format).
If you want to take any of the actions outlined above, please send an email to email@example.com specifying what you would like to occur.
Website Cookies Policy