We are obliged to process your personal data for various reasons, which we will explain below. These reasons include processing of your data to respond to any enquiry that you may make through our website, and for legal and regulatory purposes.
We take the privacy and security of your personal data very seriously.
If you use our website, complete an online form, or send us an email (e.g. to obtain email updates or ask us to send you further information), then we may collect and use personal data about you such as:
- Email address;
- Country of residence;
- Telephone number;
- Technical information about your device, such as your IP address, device type, device and advertising identifiers, browser type and version, and other standard server log information; and
- Other personal data you choose to provide to us.
Such information will be provided by you and may be supplemented by us from publicly available information or data brokers where appropriate. It is used by us in our legitimate interests to administer the website, register you for any services you have signed up to and respond to any queries or requests for information you may have.
Occasionally, we may obtain sensitive personal data about you, for example, if you voluntarily provide information about your physical or mental health, as part of a request for information. In this case, we use such information only to respond to your inquiry and if applicable to provide you additional guidance (e.g. to inform you of your right to submit an adverse event report). By providing us with your sensitive personal data, you consent to us processing this data for the purposes set out in this Privacy Notice or any collection notice provided to you.
You may personalise your preferences, obtain more information, and withdraw or change your consent at any time by clicking on “Cookie Preferences” or by visiting our cookie link available on the site.
We use aggregate information, which does not identify individuals, to monitor traffic patterns to the website and particular pages, as well as site usage, in order to help us improve the design and layout of our website content.
We carefully look after your information; giving access only to appropriate individuals who have a need to know. We store it in digital locations that are verified as being appropriately secure and we protect the data in our networks with advanced monitoring systems to make sure that it stays under our control. We review it for accuracy on a periodic basis, and finally, when we do not need your information anymore, we have policies to ensure that it is appropriately destroyed.
Generally, your information is only used to:
- respond to your enquiry and to facilitate subsequent contact with you, as you may consent; and
- assess and improve the performance of our website.
The majority of the information collected about you is provided by you, and is therefore provided with your consent in order to respond to your enquiry.
Some information collected is because we have a legitimate interest in that information. This data, and the reason for collecting it is as follows:
- Activity in our IT networks – in order to protect our website and IT systems and valuable company information from both intentional and unintentional, internal and external, data loss or other cyber-threats.
In exceptional cases, we may process your data for the protection of a vital interest of yourself or another person.
We share your information with other parties to help us to run our business effectively, and we also make use of certain third parties as a means of storing and securing your information. Given the fact that we leverage global resources, this means that we make use of such businesses to help process or store your data who may be based either outside of the UK or outside of the EU.
We ensure that we have appropriate contractual arrangements in place with all of our key suppliers. Our contracts ensure that our suppliers establish appropriate levels of data security and allow the supplier the right to receive, process and store the data as we so direct.
We may share categories of your personal data listed above with certain service providers or third parties such as:
- IT providers for the purposes of system development and technical support;
- auditors and consultants to verify our compliance with external and internal requirements;
- statutory bodies, law enforcement agencies and litigants, as per a legal reporting requirement or claim; and
- a successor or business partner to Osler in the event that it sells, divests or sets up a collaboration/joint venture for all or part of its business.
We assess each item of data stored and develop a specific policy to govern how long the information is going to be retained. Each policy takes into account any statutory reason for retaining information (such as the statute of limitations), any events that would identify data for subsequent destruction (such as an unsuccessful recruitment outcome), and any reasonable timeframe for holding data for digital or physical security reasons.
Data protection legislation gives you the following rights in relation to your personal information held:
- you can ask what personal information is held and be provided with a copy of it;
- if personal information held about you is incorrect, you can ask for it to be corrected;
- you can ask for your personal information to be deleted or for the processing of your personal information to cease in certain circumstances;
- you can request that certain types of personal information held about you is sent to you or another organisation, in a format that can be read electronically;
- you can withdraw your consent for us to process your personal information, in circumstances where that processing is based on having received your consent; and
- you can make a request to restrict the processing of your personal information in certain circumstances.
Exercising your rights is subject to certain restrictions under data protection legislation. For further information about exercising your rights, or to exercise your rights, you should write to us using the contact details in section 12.
If you have elected to receive information about our products or services and wish to opt-out of receiving such information, then you can do so by sending an email to firstname.lastname@example.org. You should clearly state on all communications: your name, username (if any), registration details (if any) and the name of this website.
We take data security very seriously indeed. We apply appropriate privacy and security measures which are intended to ensure, as far as reasonably possible, the security and integrity of all our information including your personal data, as follows:
- We limit the amount and type of data collected and processed to what is absolutely necessary for the required purpose of having the data;
- We ensure that data is stored, transferred and disclosed using secure means, and where applicable with suitable levels of encryption;
- We have contractual agreements with third party data processors, who we have vetted to ensure that they handle and store the data appropriately, and who are contractually required to adhere to appropriate security standards and policies;
- Where appropriate, we use anonymization and pseudonymisation;
- We follow our established data retention, accuracy and destruction policies;
- We have active monitoring and information security safeguards on our website and the Osler IT networks to prevent, detect and address any potential security threat.
If you are unhappy at any stage with how Osler is using your personal information, you have the right to contact Osler's Data Protection Officer in the first instance or to lodge a complaint with the Information Commissioner's Office (ico.org.uk).
If you have any questions about how your personal information is used, or to exercise your rights, please feel free to contact us at the following address:
Data Protection Officer
Osler Diagnostics Limited
King Charles House
Park End Street
If such a request places Osler or our affiliates in breach of our obligations under applicable laws, regulations or codes of practice, then we may not be able to comply with your request, but you may still be able to request that we block (i.e. your right to object) the use of your personal information for further processing.
If you are dissatisfied with the way in which Osler has processed your personal data, you can contact our supervisory body, the Information Commissioner's Office. Please write to the following address:
Information Commissioner's Office
Telephone: 01625 545 745