[300-5005-POL-R1] Last Updated 15th May 2018
For the purposes of the EU General Data Protection Regulation (GDPR), OBS Medical (we) or (us) is the “data controller” (i.e. the company who is responsible for, and controls the processing of, your personal data).
Data Relating to Our Customers and Users of Our Sites
OBS Medical collects information as part of its normal business operations and in the administration of its relationship with Customers, which may include personal information.
Business Contact and Customer Relationship Management.
We collect and maintain information about our Customers, which may include company name, business contact name and title, phone number, email and other contact details. We may also collect billing address, financial account, credit card information, order details, subscription and license information, and usage details. In addition, we collect user credential and profile data (name, contact, authorized users) of Customer’s authorized users and account administrators.
Data Submitted on Sites.
In order to access or use certain portions of the Sites, to enjoy the full functionality of the Sites, or to conduct or seek to conduct business with us, you may be prompted to provide certain personal data to us, including in the following ways:
- by filling in forms (for example, a “Contact Us” form) on our Sites or at a trade show or anywhere else we conduct business;
- by downloading documentation from our Sites;
- by subscribing to newsletters or other communications; or
- by corresponding with us by phone, e-mail or otherwise using our contact details.
Typically, the personal data you give us may include name, business affiliation, business address, telephone number, and email address, and any personal details required to resolve any enquiries or complaints.
We may also obtain personal data about Customers from third parties, such as LinkedIn and other publicly accessible sources.
Customer Support and Service.
When Customers contact us for support or other customer service requests, we maintain support tickets and other records related to the requests, including any information provided by Customers related to such support or service requests. We may also collect call recordings related to support and customer service-related calls.
Customer Owned Data
As a provider of Services, we may receive, process or store certain information, including personal information, on behalf of our Customers. All such information (“Customer Data”) is owned and controlled by our Customers, who are the data controllers for such information with respect to EU data protection law.
Personal Data We Collect About You
We will obtain personal data about you (such as your name, e-mail address and contact phone number) when you use this website.
We may monitor your usage of the website. This may include monitoring, how many times you visit, which pages you go to, traffic data, location data and the originating domain name of the users internet service provider. This information helps us to build a profile of our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.
Use of Personal Data
The following is an overview of our purposes for using personal data that we process as a data controller.
For individuals in the European Union, our processing (i.e. use) of your personal data is justified on the following legal bases:
- the processing is necessary to perform a contract with you or take steps to enter into a contract at your request;
- the processing is necessary for us to comply with a relevant legal obligation;
- the processing is in our legitimate interests, subject to your interests and fundamental rights, and notably our legitimate interest in using applicable data to conduct and develop our business activities; or
- you have consented to the processing.
We use the personal data we collect to:
- conduct and develop our business with you and with others;
- process, evaluate and complete certain transactions involving the Sites, and more generally transactions involving OBS Medical Services;
- operate, evaluate, maintain, improve and develop the Sites (including by monitoring and analyzing trends, access to, and use of the Sites for advertising and marketing);
- evaluate, improve and develop our Services generally;
- customize our Sites to users’ needs;
- engage you about events, promotions, the Sites and OBS Medical Services;
- provide you with documentation or communications which you have requested;
- correspond with users to resolve their queries or complaints;
- provide you with any Services you request;
- send you marketing communications, where it is lawful for us to do so;
- protect and ensure safety of the Sites, OBS Medical confidential and proprietary information, and OBS Medical employees;
- manage, protect against and investigate fraud, risk exposure, claims and other liabilities, including but not limited to violation of our contract terms or laws or regulations.
Retention of Your Personal Data
We apply a general rule of keeping personal data only for as long as required to fulfil the purposes for which it was collected. However, in some circumstances, we may retain personal data for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required.
In specific circumstances, we may also retain your personal data for longer periods of time corresponding to a statute of limitation, so that we have an accurate record of your dealings with us in the event of any complaints or challenges.
Subject to applicable law, you may have some or all of the following rights available to you in respect of your personal data
- to obtain a copy of your personal data together with information about how and on what basis that personal data is processed;
- to rectify inaccurate personal data (including the right to have incomplete personal data completed) ;
- to erase your personal data (in limited circumstances, such as where it is no longer necessary in relation to the purposes for which it was collected or processed);
- to restrict processing of your personal data under certain circumstances
- to withdraw your consent to our processing of your personal data (where that processing is based on your consent)
In relation to all of these rights, please contact us at email@example.com
Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will endeavor to respond to your request within all applicable timeframes.
We may also obtain information about your online movements and use of our website. We do this by placing a “cookie”, which is a small file, on your computer’s hard disk. Cookies are used for several reasons:
- To recognise you whenever you visit the website;
- To speed up access to this website;
- To store your personal preferences;
- To build a profile about you;
The vast majority of web browsers accept cookies. However, you can change your browser settings so the cookies are not accepted. If you do this, you may lose some of the functionality of this website.
If you wish to contact us, please send an email to firstname.lastname@example.org or you can write to us at:
OBS Medical Ltd, 5G Park Square, Milton Park, Abingdon, Oxfordshire, OX14 4RR, UK
Or call (from UK or International) on +44 (0) 1235 432 050.