Privacy Policy
INTRODUCTION
PROACT Medical Ltd processes and holds personal data from, and about, prospective, current and former business partners (customers and suppliers) to comply with tax, labour, health and safety, and other laws, to operate our businesses, and to serve our customers.
SCOPE
This policy statement details the basis on which such information is held, and what we might do with the information. It sets out our position and commitment relating to data protection.
We hold and process individual’s personal and sensitive personal data in regards to our business and services. We hold individual data in secure paper based, and electronic files and systems.
The data we process may relate to former, present and potential future business partners. We collect and maintain such data in order to meet our legitimate interests as a business, to comply with statutory requirements and fulfil individual contracts.
RESPONSIBILITY
Where personal data is to be processed, all members of staff are responsible for ensuring data is processed in line with the current legislation and the General Data Protection Regulations.
REASONS FOR PROCESSING DATA
We process personal information to enable us to promote our goods and services, to maintain our accounts and records and to support and manage our partners.
This may include:
- Personal details
- Financial details
- Goods or services provided
COLLECTING AND PROCESSING YOUR DATA
When we ask you for personal information we will keep to the law, including the General Data Protection Regulations, and we will:
- Make sure you know why we need it
- Only collect relevant information
- Ensure access is restricted to authorised personnel
- Inform you if we have to share it with other organisations
- Make sure we don’t keep it longer than necessary for its declared purpose;
- Process it within the strict terms of the law, including but not limited to the General Data Protection Regulations, and any associated rules, regulations, statutory provisions, extensions or re-enactments thereof and where possible, in line with any current guidance and other publications of the Information Commissioner;
- Keep it accurate, complete and up to date
MEASURES IN PLACE TO PROTECT YOUR DATA
We have established systems in place to protect personal data. In protecting personal data we will not allow the misuse of individual’s data and we shall protect our legitimate interests as a business.
All personal data shall be:
- Held in the full knowledge of the individual (except in cases specifically excluded under the law);
- Protected by reasonable security safeguards against such risks as loss or unauthorised access, destruction, use, modification or disclosure of data;
- Protected from unauthorised cross border transmission to any other state which does not meet those standards laid down by the Council of Europe Convention (1981), the EC Data Protection Directive (95/46/EC) and the GDPR 2015.
SHARING DATA WITH THIRD PARTIES
We may sometimes need to share the personal information we process with the individual it concerns and also with other organisations. Where this is necessary we will comply with all aspects of the law including the General Data Protection Regulations. We do not disclose your information to any third parties or bodies unless we have permission to do so or are required to do so by law.
SOCIAL MEDIA
Any social media posts or comments you send to us via social media will only be shared under the terms of the relevant social media platform (e.g. Facebook / Twitter) on which they are written and could be made public.
We are not responsible for this kind of sharing. You are responsible for ensuring that any comments you post comply with any relevant policy on acceptable use of those services.
RETENTION OF PERSONAL DATA
When we ask for personal information we will keep to the law, including the GDPR.
We will retain your personal information only for as long as is necessary for the purposes for which the information was collected, or as long as is required pursuant to law, or in relation to a legal claim or is used in relation to a valid legal process.
OBTAINING THE DATA WE HOLD ABOUT YOU
You have the right to ask for a copy of your information and to correct any inaccuracies, known as a Subject Access Request.
If you wish to gain access to information you should write to PROACT Medical Ltd requesting this. We will fulfil your request within a month from receipt of a written request and supplied in a portable document format.
We can refuse or charge for requests that are obviously unfounded or excessive. If we refuse a request, we will tell you why without undue delay and at the latest, within one month.
In all cases the relevant information will only be disclosed following a written request instructing the company, and giving consent to the company to make such disclosure. We will need to be satisfied of the identity of the individual making the Subject Access Request.
You have the right to make any reasonable request for the rectification or amendment of personal data records provided that:
- You can readily demonstrate the existence of an identifiable error, necessary update, relevant omission, unnecessary
- It is unlawful to maintain such a record.
The rectification of personal data shall be completed within a month from receipt of a request.
ERASING THE DATA WE HOLD ABOUT YOU
You have the right to ask for your personal data to be erased if:
- The personal data is no longer necessary for the purpose for which it was originally collected;
- We are relying on consent as the lawful basis for holding the data, and you withdraw your consent;
- We are relying on legitimate interests and there is no overriding legitimate interest to continue this processing;
- We have processed the personal data unlawfully;
- We have to do it to comply with a legal obligation.
The right to erasure does not apply if retaining the personal data is necessary for one of the following reasons:
- To exercise the right of freedom of expression and information;
- To comply with a legal obligation;
- For the performance of a task carried out in the public interest or in the exercise of official authority;
- For archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing; or
- For the establishment, exercise or defence of legal claims.
If you wish to have personal data erased you should request this verbally or in writing to the company. The erasure of related personal data shall be completed within a month from receipt of a request. We can refuse or charge for requests that are obviously unfounded or excessive. If we refuse a request, we will tell you why without undue delay and at the latest, within one month.
EMAIL SIGNATURE
The opinions expressed in this email (and its attachment(s) if any) represent those of the individual and not necessarily those of PROACT Medical Ltd. The contents of this email (and its attachment(s) if any) maybe privileged and are confidential it may not be disclosed to or used by anyone other than the addressee(s) nor copied in any way. If received in error please advise the sender, then delete from your system. PROACT Medical Ltd registered in England and Wales. No. 3096460.
TRADEMARKS. PROACT Medical Ltd recognise and respect the ownership of all registered trademarks contained herein to be the property of their respective owners and do not imply any endorsement or affiliation with PROACT Medical Ltd.