Privacy statement policy
CityDoc Medical Ltd ( “we”, “our” or “us”) understand that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of everyone who visits our websites, citydoc.org.uk and any current or future subdomains and will only collect and use personal data in ways that are described here, and in a manner that is consistent with our obligations and your rights under the law.
It is likely that we will need to update this policy from time to time. We’ll let you know about significant changes, but you’re welcome to review the policy whenever you wish.
It also describes your choices regarding the use, access and deletion of your personal information.
Cookie – means a small text file placed on your computer or device by our sites when you visit certain parts of our sites and/or when you use certain features of our sites
Cookie Law – means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003;
Personal data – means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to us via Our Site. This definition shall, where applicable, incorporate the definitions provided in the EU Regulation 2016/679 – the General Data Protection Regulation (“GDPR”) or the Data Protection Act (“DPA”) 2018
Information about us
Our Company Registration Number is 07619063
Our registered address is 5 Portmill Lane, Hitchin, SG5 1DJ
Our Data Protection Officer can be contacted by email at [email protected]
Legal bases for collecting your data
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
- Consent – We collect and process your data with your consent via positive opt-in
- Contractual obligations – We require the personal data to fulfill our contractual obligations
- Legal compliance – If the law requires us to, we may need to collect and process your data
- Legitimate interest – In specific situations, we collect and process your data for our legitimate interests in a way that can be reasonably expected as part of running our business and which does not materially infringe upon your rights, freedom or interests
When do we collect your data?
- When you visit any of our sites
- When you make an online purchase
- When you engage with us on social media
- When you contact us by any means with customer support requests
- When you choose to complete any surveys we send you
- When you’ve given a third party permission to share with us the information they hold about you
- We collect data from publicly-available sources when you have given your consent to share information or where the information is made public as a matter of law
What personal data do we collect?
Depending upon your use of Our Site, We may collect some or all of the following personal and non-personal data :
- Business/company name;
- Contact information such as email addresses and telephone numbers;
- Demographic information such as postcode, address;
- IP address;
- Items you have purchased;
By using Our Sites you may also receive certain third party Cookies on your computer or device. Third-party Cookies are those placed by websites, services, and/or parties other than us. Third-party Cookies are used on Our Sites for advertising, marketing, and analytics.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our Website and Service. They include, for example, cookies that enable you log into secure areas of our Website or Service.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our Website and Service when they are using it. This helps us to improve the way our Website and Service works.
- Functionality cookies. These are used to recognise you when you return to our Website. This enables us to personalise our content for you.
- Targeting cookies. These cookies record your visit to our Website, the pages you have visited and the links you have followed. We will use this information to make our Website and the advertising displayed on it (if any) more relevant to you. We may also share this information with third parties for this purpose.
The list of cookies we use are listed here
We take measures to protect the technical information collected by our use of Google Analytics. The data collected will only be used on a need to know basis to resolve technical issues, administer the Site and identify visitor preferences; but in this case, the data will be in non-identifiable form. We do not use any of this information to identify Visitors or Users.
How do we use the personal data we collect?
We may use your data for the following purposes:
- Providing and managing your account;
- Providing and managing your access to our sites;
- Supplying our products and/or services to you (please note that we require your personal data in order to enter into a contract with you);
- Providing your delivery details to our fulfilment partners;
- Replying to emails from you.
Do we share your data?
In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal requirements, a court order, or a governmental authority.
We may sometimes contract with third parties to supply products and services to you on our behalf. These may include payment processing, delivery of goods, search engine facilities, advertising, and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.
Where do we store your data?
Some or all of your data may be stored outside of the European Economic Area (“the EEA”). You are deemed to accept and agree to this by using our sites and submitting information to us. If we do store data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the GDPR and DPA 2018.
We will take reasonable steps to maintain appropriate technical and organizational measures to protect the personal data you provide to us against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your personal data.
How do we keep your data safe?
We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical and physical safeguards to protect personal data against accidental or unlawful destruction, accidental loss, unauthorised alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the personal data in our possession. This includes, for example, firewalls, password protection and other access and authentication controls. We use SSL technology to encrypt data during transmission through public internet, and we also employ application-layer security features to further anonymise personal data.
How long will we keep your personal data?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected. At the end of that retention period, your data will either be deleted or anonymised so that it can be used in a non-identifiable way for statistical analysis.
You retain the right to request us to refrain from processing your data for the purposes of marketing. To exercise such right, you may reply to any information we send you, detailing your request that we refrain from sending any marketing correspondence, or you can exercise this same right by clicking unsubscribe on any marketing emails. If at any time we intend to use your data for such marketing purposes however, it is standard practice for us to make you aware in advance of collecting such data.
We may at times provide links on our Website to third party websites, including without limitation those owned or managed by our partner networks, affiliates or advertisers. These websites have separate privacy policies, and we, therefore, cannot accept any responsibility for the content. As such, choosing to follow these links is a choice you make at your own risk, and we advise that you check these websites’ individual privacy policies before submitting any personal data.
You retain at all times the right to access / amend / delete any personal data we hold about you or to exercise your right of data portability or to object to, or restrict, the purposes for which your personal data is processed on certain grounds. You may exercise this right by making a request in accordance with Data Protection Laws, by emailing [email protected]. You may also lodge a complaint with the UK data protection regulator, the Information Commissioner’s Office should you be dissatisfied with the way that we handle your personal data.