At Richardson Healthcare, we are committed to protecting and respecting your privacy.
Please read this policy carefully to understand our practices regarding your data and how we will treat it. We recommend that, from time to time, you visit our website to review this policy to stay up to date with any changes to it.
What establishes our data protection obligations to you?
- Richardson Healthcare is required to process your data in accordance with the law.
- The Data Protection Act 1998 (DPA) implements the EU Data Protection Directive 1995 (EU Directive 95/46/EC).
- From 25 May 2018, the General Data Protection Regulation 2016 (EU Regulation 2016/679) will come into force; it replaces the DPA.
What data does Richardson Healthcare collect and process about you?
To sell products to its customers, Richardson Healthcare will process data about its customers employees, such as your full name, company e-mail address, and landline and/or mobile phone numbers.
How does Richardson Healthcare collect this data?
Information that you give to us and what we do with it
This is data that you provide to us, for example by corresponding with us to purchase our products by phone, e-mail, post or otherwise. This data would relate to purchasing of our products, or any other communications relating to the supply of our products to you.
We process your data because you have given your consent, for example you have provided it to us when you or your company made an application to purchase our products.
As a representative of your employer, other than to provide you with pricing, product information, order acknowledgements, invoices, credit memo’s or to pursue our legitimate interests, your data will not be processed in any way.
As an employee of our customer, we keep your data for the duration that you are employed by our customer in a role that requires you to receive pricing, product information, order acknowledgements, invoices, credit memo’s or other documentation relevant to the pursuit of our legitimate interests.
As a manufacturer, Richardson Healthcare works with third parties (including, for example, our sub-contractors in delivery services, credit reference agencies) to provide and maintain delivery services or credit facilities.
We will notify you if we receive information about you from third parties.
Information we collect when visiting our website
In line with our information security standards, we monitor website behaviour through Google Analytics. We collect information about how each visitor uses our site. These are then used to compile reports and to help us improve our site. Information is collected in an anonymous form, including:
1. The number of visitors to the site;
2. Where visitors have come to the site from;
3. The pages visited.
Richardson Healthcare wants to provide you with the best possible service. We are always looking for ways to improve. This includes improving our website so that it provides the information that you need, on a regularly updated basis and in an easily accessible way.
To improve and keep our website up-to-date, we collect information about your visit and we may share some of this information with our third-party data analytics service providers to help us assess and improve our website. When this website data is shared with third parties, it will be provided as anonymised, aggregated data with data no longer identifiable.
Information that we may collect from your visit includes your device’s Internet protocol (IP) address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, the full Uniform Resource Locators (URL), click stream to, through and from our site (including date and time), services you viewed or searched for, page response times, and length of visits to certain pages.
The cookies we use are Google Analytics _utma, _utmb, _utmc and _utmz
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit Google Analytics Opt-out Browser Add-on
For what purposes does Richardson Healthcare collect and use your data?
Richardson Healthcare processes the data held about you in the following ways:
1. To help us distribute our products to your company;
2. To provide you with updates and alerts, such as order acknowledgements and/or delivery information related to orders you have placed;
3. To administer and improve our website and other communications with you;
4. To enable compliance with statutory and legal obligations;
5. To detect and prevent fraud;
6. To respond to any complaint that you might make;
7. To contact you in an emergency;
8. To answer general enquiries that you may make.
Richardson Healthcare will not process your data:
1. To conduct market research (unless required by a regulatory body, or where we have your permission or are permitted to do so by law) or for marketing purposes;
2. To pass it to a third party for that party’s or any other party’s purposes;
3. To sell it to a third party.
When does Richardson Healthcare disclose data?
To fulfil our statutory obligation as a manufacturer and seller of medical devices, it may be necessary for Richardson Healthcare to share your data with others, including:
1. Our ISO 13485 regulatory body;
2. Our third-party business partners and subcontractors;
3. Analytics providers that assist us with improvement of our website;
4. Credit reference agencies and other companies and organisations for the purpose of fraud prevention and credit risk reduction;
5. Government agencies and independent regulatory bodies;
6. And as might be required by law, including compliance with any court order or legal obligation.
In the event that Richardson Healthcare (or substantially all of its assets) were to be acquired by or merged with a third party, the data held by us about our customers would be included amongst the assets transferred or shared. If we were to sell or buy any business or assets, we may disclose data held by us to the prospective seller or buyer under strict confidentiality terms.
When entering into any agreements that involve the sharing or disclosure of data, Richardson Healthcare requires that these third parties comply with our data protection and information security policies or have substantially similar policies of their own in place.
Where does Richardson Healthcare store your data?
Richardson Healthcare has put in place appropriate technical and organisational measures to prevent accidental loss, damage or destruction of your data, and to protect your data against unauthorised, or unlawful use or theft. We put in place strict confidentiality agreements, including data protection obligations, with our third-party service providers and data processors.
Your data may be transferred outside the European Economic Area (EEA), where processing activities such as technical support, storage and backup may be provided. When this data is sent outside the EEA, we shall ensure its secure transfer and that appropriate safeguards are in place for the processing of your data in accordance with this policy and the requirements set out in the GDPR.
What are your rights?
The GDPR provides you with a number of rights in relation to your data. These include rights to the rectification or erasure of your data, and to restrict or object to its processing.
If you find that any of the data that we hold about you is inaccurate, incomplete or contains errors, please notify us in writing and we shall undertake to make the appropriate corrections at the earliest opportunity.
Should you wish to have some or all of your data erased, we will endeavour to do so although there may be instances where legitimate interests or the performance of our statutory obligations prevent us from doing so. The erasure of your data could result in an inability to provide you with some or all of our services.
Restriction or Objection
If you wish to object to or restrict how your data is processed by us, you can do so by writing to us. Please see our contact details below. Please be aware that such requests could result in an inability to provide you with some or all of our services.
You also have the right to data portability and to make a data subject access request.
You may request that Richardson Healthcare provide the data that we hold about you to another data controller in a structured, commonly used and machine-readable format.
You may request to be told whether or not data about you is being processed by Richardson Healthcare. If your data is being processed, you are entitled to receive a response from us that provides you with a description of that data, the purpose for which it is processed, the recipients or category of recipients to whom that data is disclosed (including any recipients located outside the EEA), the source of the data, and information about its retention and storage. A copy of the data that is undergoing processing shall be provided to you.
To make such requests, it is advisable to do so in writing and to address this communication to our Data Protection Officer, Richardson Healthcare Ltd, 310 Centennial Avenue, Elstree, WD6 3TJ. You can also email us here.