Policy contents
- What’s in this policy?
- What does this policy cover?
- What is not covered in this policy?
- How do you protect my personal information?
- What happens in the event of a security breach?
- What types of personal information does Astor Bannerman (Medical) Ltd collect about me?
- How long will Astor Bannerman (Medical) Ltd keep my personal information?
- Under what principle does Astor Bannerman (Medical) Ltd process your information?
- How can Astor Bannerman (Medical) Ltd use my personal information?
- When will Astor Bannerman (Medical) Ltd use my information to contact me?
- Will I be contacted for marketing purposes?
- Will my data be used when Astor Bannerman advertises with other companies?
- When does Astor Bannerman (Medical) Ltd share my personal information with others?
- Can I delete my information?
- What are my rights?
- How will I find out about changes to this policy?
- How can I contact Astor Bannerman (Medical) Ltd?
- What’s in this policy?
This policy tells you:
- What information we might collect about you
- How we might use that information
- When we might use your details to contact you
- What information of yours we might share with others
- Your choices about the personal information you give us
- What does this policy cover?
This policy sets out the way in which Astor Bannerman (Medical) Ltd will collect and use information acquired from you in a way that is consistent with our responsibilities and is also consistent with your rights under GDPR privacy law. Please read it carefully so that you understand how we may use your information.
- What is not covered in this policy?
Our services sometimes link to services run by other companies, like playing embedded video files on our website that are hosted on YouTube or Twitter. Those companies have their own privacy and cookies policies, so remember that the information you give them will follow their rules and not ours.
This link outlines how Google uses information from sites or apps that use their service Google’s Privacy & Terms site.
- How do you protect my personal information?
In compliance with applicable data protection legislation (including but not limited to the General Data Protection Regulation (GDPR, Regulation (EU) 2016/679), we’re strongly committed to keeping your information safe.
Astor Bannerman (Medical) Ltd undertakes to put appropriate technical and organisational measures in place against unauthorised or unlawful processing of personal data, and against accidental loss or destruction of data.
All members of staff are responsible for ensuring that any personal data which they hold is kept securely and not disclosed to any unauthorised third parties.
All electronic data is held on an exchange server and all laptops or PCs are password protected.
Astor Bannerman (Medical) Ltd will ensure that all personal data is accessible only to those who have a valid reason for using it.
Astor Bannerman (Medical) Ltd will have in place appropriate security measures such as:
- ensuring that hard copy personal data is kept in filing cabinets/cupboards with controlled access
- Password protecting personal data held electronically
- Archiving personal data which are then kept securely
- Placing any PCs /terminals etc. showing personal data so that they are only visible to authorised staff
- Ensuring that PC screens are not left unattended without a password protected screen-saver being used
At the same time, no service can be completely secure – if you have any concerns that your personal information has been put at risk, please get in touch as soon as possible as per section 14.
- What happens in the event of a security breach?
In the event of a security breach, Astor Bannerman (Medical) Ltd commit to notify all parties concerned, and the ICO (Information Commissioner’s Office), at the latest within 72-hours of becoming aware of the breach.
As soon as the company becomes aware of the breach, all steps will be taken to secure the data, identify the potential risk of the data loss and to contact candidates and clients to notify them of the loss and associated risks. The 72-hour ICO commitment should be the very minimum requirement and we will endeavour in all cases to exceed that target.
- What types of personal information does Astor Bannerman (Medical) Ltd collect about me?
Information that you give us
Depending on the service you are accessing or ordering, we might ask for your name, job title, employer, contact details or financial details.
Device information
Devices are lots of things like:
- Your computer
- Your mobile
- Your TV
- Your tablet
- Your voice-enabled device
We automatically collect some technical information from these devices and web browsers even when you’re not signed in to an Astor Bannerman (Medical) Ltd service. This might include:
- IP (internet protocol) address
- Device ID
- App ID
- Vendor ID
Information on your activities outside Astor Bannerman (Medical) Ltd when you talk about us
For example, if you have mentioned us in a Twitter post, we will collect your Twitter handle.
- How long will Astor Bannerman (Medical) Ltd keep my personal information?
We only hold your information for as long as we do the activities we told you about or have a valid reason to keep it.
We think about what type of information it is, the amount collected, how sensitive it might be and any legal requirements.
We design our services so that we don’t hold your information any longer than we have to.
- Under what principle does Astor Bannerman (Medical) Ltd process your information?
We process your data under the principle of Legitimate Interest and core business purposes.
This means that we have a genuine and legitimate interest for processing your data, directly related to our trading activity as a service and equipment provider, and we not harming any of your rights or interests. We only process your data for core business purposes and do not give this out to any third parties except our approved sub-contractors that have a legitimate interest and only where we have a Data Processing Agreement in place with them. Sometimes we might ask your permission to do things, like when you subscribe to an email. Other times, when you’d reasonably expect us to use your personal information, we don’t ask your permission, but only when the law says it’s fine to use it, and it fits with the rights you have.
- We use your information for these purposes:
- To deliver our services and to provide you with information about them
- To deal with your requests, complaints and enquiries
- To keep our database accurate and up to date
- To personalise services
- To show you advertising / for marketing purposes
- To provide you with guidance and literature
- To help us understand what kind of services you might use
- To recommend things we think might interest you
- To research and innovate
- When will Astor Bannerman (Medical) Ltd use my information to contact me?
We might use your information to contact you about different things, like:
- To update you on changes to Astor Bannerman (Medical) Ltd policies, practices and Terms of Use
- To check with you about any service or activity you’ve signed up for.
- To answer you when you’ve contacted us, or to respond to a comment or complaint
- To send you relevant useful guidance and literature
- For marketing purposes we will never distribute or sell your personal information to 3rd parties outside of the Astor Bannerman (Medical) Ltd.
- We will only contact you when we need to or when you’ve given us permission.
- Will I be contacted for marketing purposes?
We’ll only send you marketing emails or contact you about Astor Bannerman (Medical) Ltd promotions, services, your views about Astor Bannerman (Medical) Ltd products or services if you’ve agreed to this. If you sign up to receive marketing collateral through our website, there will be a requirement to confirm that you are happy for your data to be held. Keep in mind, even if you unsubscribe, we may still contact you (see section 9).
- Will my personal information be used when Astor Bannerman (Medical) Ltd advertises with other companies?
We might use information that we hold about you to show you relevant and “targeted advertising” through other companies’ sites, like Facebook, Google, Snapchat or Twitter for example.
If you don’t want to see our targeted advertising, you can set ad preferences in your social media companies’ settings.
- When does Astor Bannerman (Medical) Ltd share my personal information with others?
We’ll never sell your personal information. We only share it with others in these ways:
- When you make something public, like post a comment or product review which the public can see.
- In the event we need to share personal information with Astor Bannerman (Medical) Ltd approved sub-contractors in order to fulfil our contract with you.
- When you use another company’s service that connects to us, like voice-enabled devices. We might also share your information if we have to by law, or when we need to protect you or other people from harm.
- Can I delete my information?
Yes, in certain circumstances you can request that Astor Bannerman (Medical) Ltd deletes records of your personal information. See section 11.
- What are my rights?
You’re in control of your personal information. You have the right to:
- Request a copy of your information (Data Subject Access Requests (DSAR)). Please contact Astor Bannerman (Medical) Ltd if you would like a copy of your personal information. We will not charge for requests, but we will seek verification of your identity, and will only refuse the request if it is “manifestly unfounded or excessive”.
- To ask us to correct information that’s wrong, to delete it or to request that we only use it for certain purposes
- To change your mind, and ask us to stop using your information. For example, unsubscribing from marketing emails or promotions.
- How will I find out about changes to this policy?
We update this policy occasionally. If we make important changes, like how we use your personal information, we will get in contact with you. It might be a notice, an email, or a message in your app. If you don’t agree to the changes, then you have the option to stop using our services, delete your account and stop giving us any more personal information. We’d be sorry to see you go.
- How can I contact Astor Bannerman (Medical) Ltd?
For any other questions or comments about this policy you can contact us via the following:
By email: info@astorbannerman.co.uk
By post: SHEQ Department, The Elephant Works, Andoversford Link, Cheltenham, GL54 4LB
We comply with the Information Commissioner’s Office. You can also contact them for advice and support. https://ico.org.uk/