This policy applies to information we collect when you choose to use this website, and to personal information, which we process further to supply services to you.
This website is owned by CNUK Medtech Solutions and our registered business office is at Daisy Building (2nd Floor), Castle Hill Hospital, Castle Road, Cottingham, Hull, England, HU16 5JQ.
Who we are
CNUK Medtech Solutions (‘we’ or ‘us’) are a ‘data controller’ for the purposes of the General Data Protection Regulation (‘GDPR’) (as applicable the ‘Legislation’) where we control the purposes for which we process your personal information.
Any questions about our data protection policy or how we handle your personal data should be addressed to CNUK Medtech Solutions using the information in the ‘How to contact us’ section below.
What information we collect
Personal information provided by you
We collect personal information about you (such as your name, address and contact details), for example your email address when you request further information on our products or services.
Personal information about other individuals
If you give us information on behalf of someone else, such as a child for whom you are legally responsible, you confirm that either:
(1) the other person has a contractual relationship with you and knows that you will be transferring their personal data to us for specific purposes; and/or,
(2) s/he has appointed you to act on his/her behalf and has agreed that you can:
- give consent on his/her behalf to the processing of his/her personal data
- receive on his/her behalf any data protection notices
- give consent to the processing of his/her sensitive personal data (as listed below).
What we do with the information we gather
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping
- We may use the information to improve our products and services
- We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided
- From time to time, we may also use your information to contact you for market research purposes
- We may contact you by email, phone, fax or mail
- We may use the information to customise the website according to your interests
For example, we may monitor how many times you visit the website, which pages you go to, traffic data, location data and the originating domain name of a user’s internet service provider, to improve the user’s experience whilst visiting the website, and better understand how you use it. This information helps us to build a profile of our users. Some of this data will be aggregated or used for statistical analyses, which means that we will not be able to identify you individually.
You can set your browser not to accept cookies and the websites below tell you how to remove cookies from your browser. However, some of our website features may not function as a result.
For further information on cookies generally visit www.aboutcookies.org or www.allaboutcookies.org.
How will we use the information about you?
We collect information about you so that we can: provide the information requested; customise our website and its language to your particular preferences; notify you of any changes to our website or to our services that may affect you; improve our services.
Who your information might be shared with
We may disclose your personal data to: employees within our group; our agents, associates and service providers; law enforcement agencies in connection with any investigation to help prevent unlawful activity.
Keeping your data secure
Our staff and associates are bound by obligations of confidentiality and are trained in the protection of personal data. We comply with the Legislation and use the appropriate technical and organisational measures necessary to safeguard your personal data. We only share your personal data with third parties who also comply with the Legislation.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason, we cannot guarantee the security or integrity of any personal data that is transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘How can you contact us?’ below).
We only send your data outside the EEA where we have in place a legal agreement which complies with the Legislation.
What can I do to keep my information safe?
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We store the personal data that relates to your test results on secure servers:
- for a period of up to 10 years from the date on which you first completed a test in order to allow you to access your test data. However, we shall regularly review this information in conjunction with you and shall delete it if you so request;
- until you ask us to destroy it. In each case, unless the law requires us to store the data for a longer period.
What rights do you have?
The GDPR provides the following rights for individuals whose personal data is processed:
1. The right to be informed;
2. The right of access;
3. The right to rectification;
4. The right to erasure;
5. The right to restrict processing;
6. The right to data portability;
7. The right to object to processing;
8. Rights in relation to automated decision making and profiling [We do not carry out automated decision making and profiling].
Right to access – i.e. to request a copy of your information
You can request a copy of your information, which we hold (this is known as a subject access request). If you would like a copy of some or all of it, please contact using the information below and:
• let us have proof of your identity (a copy of your driving licence or passport); and
• let us know what information you want.
Right to correct any mistakes in your information
You can require us to correct any mistakes in your information that we hold free of charge. If you would like to do this, please:
• email or write to us (see ‘How can you contact us?’ below);
• let us have enough information to identify you;
• let us know the information that is incorrect and what it should be replaced with. Right to remove your details from our records or restrict
Right to remove your details from our records or restrict how we use your information
You can ask us to stop contacting you for particular purposes or remove your information completely from our records. There may be a legal reason why we need to keep your personal data, and, in that circumstance, we will destroy your personal information as soon as we are legally entitled to do so.
If you would like us to stop contacting you with information about our services, please:
• email or write to us (see ‘How can you contact us?’ below). You can also click on the ‘unsubscribe’ button at the bottom of the email and/or newsletter;
• let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone).
Right to lodge a complaint with the Supervising Authority
If you have any concerns or complaints about how we use your personal data, we hope you will alert us to these directly (see the Contact information below).
If you are still unhappy, you are entitled to complain to the Information Commissioners Office (ICO), which is the supervising authority in the UK. Their contact details and the procedure can be found at www.ico.gov.uk.
How to contact us
If you wish to contact us about any other matter, please send an email to firstname.lastname@example.org
CNUK Medtech Solutions [December 2018]