INTRODUCTION
This policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.
THE WEBSITE
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all UK national laws and requirements for user privacy.
If you have any questions about this privacy policy or our privacy practices, please contact us: QAEC Limited t/a MedDev Regulatory Consulting, [EMAIL], [REGISTERED ADDRESS].
USE OF COOKIES
What are cookies?
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
What do we use cookies for?
We may use cookies to remember personal settings you have chosen at our website. In no other context do we use cookies to collect information that identifies you personally. Most of the cookies we set are automatically deleted from your computer when you leave our website or shortly afterwards.
We use anonymous session cookies (short-term cookies that disappear when you close your browser) to help you navigate the website and make the most of the features. If you log into the website, application or a course as a registered user, your session cookie will also contain your user ID so that we can check which services you are allowed to access.
This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Should users wish to deny the use and saving of cookies from this website onto their computer’s hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.
PERSONAL INFORMATION
Whilst using our website, software applications or services, you may be required to provide personal information (name, company details, contact details, etc.). We will use this information to administer our website, applications and client databases. We will ensure that all personal information supplied is held securely in accordance with the General Data Protection Regulation (EU) 2016/679, as adopted into law of the United Kingdom in the Data Protection Act 2018.
Further, by providing telephone and email details, you consent to us contacting you using that method. You have the right at any time to request a copy of the personal information we hold on you. Should you wish to receive a copy of this, or would like to be removed from our database, please contact us at [EMAIL].
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
The controller responsible for your personal information is: QAEC Limited t/a MedDev Regulatory Consulting [REGISTERED ADDRESS].
INFORMATION COLLECTION AND USE
How do we collect information?
MedDev Regulatory Consulting collects information in two possible ways:
a. When you directly give it to us (“Directly Provided Data”)
When you provide detail through our site, purchase our services or communicate with us, you may choose to voluntarily give us certain information – for example, by filling in text boxes or completing registration forms. All this information requires a direct action by you at that time in order for us to receive it.
b. When you give us permission to obtain from other accounts (“User Authorised Data”)
Depending on your settings or the privacy policies for other online services, you may give us permission to obtain information from other sources. For example, this can be via social media or by choosing to send us your location data when accessing our website from your smartphone.
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
• Where we need to perform a contract we are about to enter into or have entered into with you.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
• Where we need to comply with a legal obligation.
Generally, we do not rely on consent as a legal basis for processing your personal information.
We may share your personal information with:
• Internal third parties within our business.
• External third parties (such as service providers who provide IT and system administration services), professional advisers including lawyers, bankers, auditors and insurers based), and HM Revenue & Customs, regulators and other authorities.
• Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this privacy policy.
We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
HOW LONG DO WE KEEP YOUR DATA FOR?
MedDev Regulatory Consulting will not retain your personal information longer than necessary. We will hold onto the information you provide either while your contract is in existence, or as needed to be able to provide the services to you, or (in the case of any contact you may have with any representative from our business) for as long as is necessary.
If legally required or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also retain some of your information for a limited period of time as required, even after your contract has ended or it is no longer needed to provide the services to you.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
REGISTRATION FORMS
MedDev Regulatory Consulting will not sell or rent your personally identifiable information, gathered as a result of filling out the site registration form, to anyone.
CHOOSING HOW WE USE YOUR DATA
We understand that you trust us with your personal information and we are committed to ensuring you can manage the privacy and security of your personal information yourself.
With respect to the information relating to you that ends up in our possession, and recognising that it is your choice to provide us with your personally identifiable information, we commit to giving you the ability to do all of the following:
• You can verify the details you have submitted to MedDev Regulatory Consulting by contacting us at [EMAIL]. Our security procedures mean that we may request proof of identity before we reveal information, including your e-mail address and possibly your address.
• You can also contact us by the same method to change, correct, or delete your personal information controlled by MedDev Regulatory Consulting regarding your profile at any time. Please note though that, if you have shared any information with others through social media channels, that information may remain visible, even if your contract has ended.
• If your contract has ended, we may retain archived copies of your information as required by law or for legitimate business purposes (including to help address fraud and spam).
• You can always feel free to update us on your details at any point by emailing [EMAIL].
• You can request a readable copy of the personal data we hold on you at any time. To do this, please contact us by emailing [EMAIL]. Please note, we are constantly reviewing how we process and protect data. Therefore, changes to our policy may occur at any time. We will endeavour to publicise any changes.