PRIVACY NOTICE – Mipatient
1. Policy Statement
Mipatient (we, us, our) is a registered data controller under the terms of the General Data Protection Regulation (GDPR). Details of our notification to the data protection regulator may be found in the Information Commissioner’s Office Public Register of Data Controllers at https://ico.org.uk/ under registration number [pending] . Our registered office address is at 1 Simonsburn Road, Kilmarnock, KA1 5LA, Scotland.
2. General Information
3. What information do we collect?
When you register to use our services, our site we may ask you to provide certain information such as, your company type, company name, first name, last name, mobile number and email address.
4. What do we use your information for?
We may use your personal data for the following purposes:
(a) in the normal course of our business, to allow us to register you to receive our services and to provide you with our services on the basis that processing is necessary in order to perform our contract with you to provide our services;
(b) to allow us to manage your account on the basis that processing is necessary in order to perform our contract with you to provide our services;
(c) to allow us to analyse your personal preferences and personalise our services to you;
(d) to store your data to pre-populate fields to make it easier for you to provide information when you return to our site and/or our app;
(e) to communicate with you, including sending you information about products and services which we think may be of interest to you. You will be able to opt-out of such communications at any time by contacting us through the website;
(f) to validate your information (and, in some cases, match it against information that has been collected by a third party) to check that the data we hold about our users is accurate, consistent and up to date on the basis that processing is necessary in order to perform our contract with you to provide our services;
(g) to allow us to provide third parties with anonymised data; and
(h) to comply with any legal obligations to which we are subject.
We shall periodically check that the personal data we store for you is accurate. If you would like to update the personal data we hold about you, please contact us on firstname.lastname@example.org with your request.
5. What is our legal basis for using your personal data?
We will only use your personal data where it is permitted by law and where:
(a) we need to use your personal data to perform a contract with you;
(b) we need to use your personal data to comply with our legal or regulatory obligations;
(c) you have given us consent to use your personal data (if consent is needed); and
(d) it is in your interests or someone else's interests and where there is no disadvantage to you.
6. Who do we share your personal data with?
As part of using our services, we will share your personal data with the following parties:
(a) our service providers, who process and store data on our behalf;
(b) our pre-approved third party partners We will only share information in this way if you agree to it at the time;
(c) professional advisors;
(d) any member of our group, and other companies which may be added to our group from time to time.
We may also share your personal data with third parties:
(a) in the event that we, our business, or substantially all of its assets are acquired by a third party (in which case personal data about customers will be one of the transferred assets);
(b) if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any contract with you; or to protect our rights, property, or safety of our employees, customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
8. Will we transfer your personal data outside of the UK?
We will not transfer your personal data outside of the European Economic Area (EEA).
9. How long do we store your personal data for?
We only store your personal data for as long as necessary for the purposes listed in paragraph 4.
10. What are your rights?
Data protection laws give you a number of rights as set out in further details below. If you would like to exercise any of your rights, please contact us using the details located at section 15 of this policy.
Right to access your personal data: you may request access to a copy of your personal data. Please send all requests for access in writing.
Right to withdraw: you may withdraw your consent at any time. Please contact us using the details located at section 15 of this policy if you would like to withdraw your consent and we will delete your data in line with your right to erasure below.
Right to rectification: you may ask us to rectify inaccurate information held about you. If you would like to update the data we hold about you, please contact email@example.com
Right to erasure: you may ask us to delete your personal data. If you would like us to delete the personal data we hold about you, please contact us using the details below, specifying why you would like us to delete your personal data.
Right to portability: you may ask us to provide you with the personal data that we hold about you in a structured, commonly used, machine readable form, or ask for us to send such personal data to another data controller.
Right to make a complaint: you may make a complaint about our data processing activities by contacting us using the details located at section 15 of this policy. Alternatively, you may make a complaint to the UK supervisory authority, which is the Information Commissioner's Office, by visiting their website at www.ico.org.uk by phoning 0303 123 1113 (local rate) / 01625 545 745 (national rate), or by writing to Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
11. Cookies policy
Our policy in relation to cookies can be found at https://www.mipatient.com/cookie-policy
12. Security and Data Storage
We will treat all of your information in strict confidence and we will endeavour to take all reasonable steps to keep your personal data secure once it has been transferred to our systems. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal data, and data stored on our app.
Please note that the internet is not a secure medium and we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the Internet and will not hold us liable for any breach of data security.
14. How can we be contacted?