This site is owned and operated by APR Medtech’s proprietors. The aim of our website is to help existing clients and potential clients, understand who we are and what products and services we offer.
APR Medtech Ltd (“we”, “us”, or “our”) respects your right to privacy and this policy outlines the information that we obtain via our website, and though other interactions with you, and how we use that information. This policy has been updated in line with GDPR regulations.
When collecting and using personal data, our policy is to be transparent about why and how we process personal data. We process personal data for various purposes. The means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose are set out below.
We have policies, procedures and training in place in respect of data protection, confidentiality and information security. We regularly review our measures with the objective of ensuring their continuing effectiveness.
The transmission of information over the internet is not necessarily secure. We will do our best to protect your personal data, however, we cannot guarantee the security of data that you send to our website or which you email to us; any data that you send is at your own risk. Once we receive information from you, we will use strict procedures and security features designed to prevent unauthorised access to your data.
2. THE DATA WE COLLECT
The data we hold relating to business contacts includes such items as: name, employer, business address, phone numbers, email address and other business contact information including the department or clinical area within which you work.
We collect data from a variety of sources, including from information you provide to us as part of our core business activity (purchase orders, email communication), information we collect from public websites and contact data acquired from 3rd parties.
3. WHY WE HOLD PERSONAL DATA
Where personal data on business contacts is held, it is used for a variety of purposes, including:
- To manage, administer and develop our business
- To promote and develop our products and services
- The communication of technical and safety updates on our products
4. HOW WE USE PERSONAL DATA
We only process personal data for our core business purposes. This includes the processing of customer orders and sending relevant marketing communications by email and occasionally via post.
- We only store personal data on our internal CRM system. This is limited to business contact data including name, email address, organisation and business telephone number.
- We use this data to occasionally send relevant communications related to the products and services we offer. We always offer an unsubscribe option in any business related email marketing communications we send.
- You can also request that we send the personal data that we have for you, or that that we update or delete your data at anytime by contacting us at firstname.lastname@example.org or by calling us on: 01844 340 620.
5. LEGAL BASIS FOR PROCESSING DATA
Where we collect personal data, we’ll only process it:
- to perform a contract with you, or
- where we have legitimate interests to process the personal data and they’re not overridden by your rights, or
- in accordance with a legal obligation, or
- where we have your consent
6. HOW LONG THE DATA IS RETAINED
We retain the personal data processed by us for as long as is considered necessary for the purposes for which it was collected.
7. VISITORS TO OUR WEBSITE
The data we hold
- The data that we hold depends on what data was entered and for what purpose. Personal data entered to engage with the functionality of our website, may include:
- Organisation name
- E-mail address and phone number
- A personal description of the individual and/or their business.
- Information publicly available on the internet such as from LinkedIn, Twitter, Facebook and Google.
In instances where data is collected automatically, for example information about your computer and visits to the website, this may include technical information such as:
- The Internet protocol (IP) address used to connect an individual’s computer to the internet.
- Geographical location.
- Login information.
- Browser type and version.
- Browser plug-in types and versions.
- Time zone settings.
- Operating system and platform.
The cookies we use will not give us access to your computer or any information about you, other than the data you choose to share with us. To enable us to monitor and improve the website, we may use software programs which track how you use our website, this includes IP address, browser versions and operating system details.
Why the data is processed
There are several reasons why we will process the personal data that an individual may provide to us when visiting our website. Examples of these include:
To improve internal operations of the website for surveys, analysis of data, testing, troubleshooting and research. This data is to ensure the website is presented in a personalised manner where possible for individuals.
To allow individuals to access some of the functionality of the website such as access to guides, certain personal data must be entered for these features to work and documents to be accessed as intended.
Promote and develop offers
Some personal data may be used to measure and/or understand the effectiveness of advertising and communications we serve or send to individuals. This is to ensure that only relevant advertising and communications are presented to you.
8. SHARING PERSONAL DATA
We do not sell data to any third parties. We do not provide information to third parties for their own marketing purposes and we do not undertake mailings for third parties. Personal data is only shared with third parties when we are legally permitted to do so. We may provide personal data to (or share data with) third party organisations that assist in the daily running of our business, including warehousing partners for the processing of orders.
9. LOCATIONS OF PROCESSING
The personal data we collect is processed in the UK and European Economic Area (EEA) and is, therefore, protected by the UK an EEA data privacy laws. Should information be stored or processed outside of the EEA, we would put agreements in place with our third-party suppliers to ensure the data is protected to an equivalent standard as would be required in the UK and EEA.
10. YOUR RIGHTS
Under the GDPR you have rights in relation to any of your personal data held by us as a data controller. Specifically, these are:
- The right to be informed about the collection and use of your personal data
- The right to access your personal data held by us as a data controller
- The right to have inaccurate personal data rectified, or completed if it is incomplete
- The right to request the restriction of processing your personal data
- The right to data portability
- The right to object to the processing of your personal data in certain circumstances
The right to request human intervention in any automated decision making
If you wish to exercise any of these rights, please email email@example.com.
11. CHILDREN’S PRIVACY
APR Medtech does not provide products or services that are designed for use by children under the age of 16, or knowingly collect personal information from or about children under the age of 16. If you believe that a child under the age of 16 has disclosed personal information to APR Medtech, please contact firstname.lastname@example.org
APR Medtech tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. If you want to make a complaint about the way we have processed your personal information, you can contact us by email or post at the addresses detailed below. We will look into and respond to this within 30 days.
You also have the right to lodge a complaint with the UK data protection regulator, the Information Commissioner’s Office (“ICO”). For further information on your rights and how to complain to ICO, please refer to the ICO website https://ico.org.uk/
If you have any questions about this privacy statement or how and why we process personal data, please contact us at:
APR Medtech Limited
The Sanderum Centre
30a Upper High Street
Tel: 01844 340 620
This document was last reviewed and updated May 2018.