The GDPR (General Data Protection Regulation) comes into effect on 25th May 2018 allowing you to have more transparency and control of how your information is stored, used and managed. Healthmed Supplies currently abide by UK Data Protection Laws and are strengthening their policies to ensure conformity with the new GDPR Law.
We are passionate about protecting our customers and employees privacy.
This Policy applies to both Healthmed Supplies and when also referred to as HMS and forms part of Healthmed Supplies Terms and Conditions of contract and any employee contracts.
Unless stated otherwise any records or information stored by Healthmed Supplies are stored for a maximum of 8 years for VAT and HMRC purposes (to be calculated from January of the existing year). This would not include any ongoing investigations whether criminal or internal investigations.
If you do not agree with the terms mentioned within this document we kindly ask that you do not access or utilise our services.
1. HOW YOUR INFORMATION IS USED, STORED AND SHARED
Healthmed Supplies have put in place strict processes for how your information is shared and disclosed, however we cannot not control how customers or third parties use this information.
Account Set up, Order Requests and Quotes
In order for us to complete your account set up request, order request or quote we will require some or all of the following information from you:
- Contact name, email address and telephone number
- Company name, address, telephone number and vat number
- Accounts payable contact name, address, email address and telephone number
- Bank name, address, account number and sort code
- Delivery name and address
Transfer to Third party providers
We may use third parties to assist with our services. These providers are only authorised to use your information for the intended purpose and for no other reason.Before we transfer personal Information to a third party that is acting as an agent, we will ascertain that the third party safeguards personal information consistent with this policy. Should we receive information that an agent is using or disclosing personal information contrary to this policy, we will take reasonable steps to prevent or stop the use or disclosure.
Drug and Alcohol Testing
If HMS have completed onsite Drug and alcohol testing onsite for a customer we will retain the following information for a maximum period of 2 years (providing there is no requirement to maintain this information):
- DONOR NAME AND SIGNATURE
- COMPANY REPRESENTATIVE NAME AND SIGNATURE
- COMPANY NAME
This information is stored within the customers own private file within a locked cabinet. Once the 2 years has passed the above information will be destroyed. Only authorised personnel have access to this locked cabinet, the key is supervised. If HMS have attended to complete your drug and alcohol testing all of the drug and alcohol initial test paperwork is left with the designated person.
Healthmed do not keep any copies of laboratory results. Once they have been sent to the authorised person within your company they are destroyed by shredding and deleted from our email server. A log is kept for 2 years by HMS which includes the sample serial reference number and the donor’s initials.
Laboratory results are only accessed by authorised personnel within HMS and at our third party laboratory which are accessed by a designated username and password.
Website Access (www.healthmedsupplies.co.uk)
Healthmed Supplies may collect information from visitors to our website; this may include date, time, duration of visit and pages viewed. You will see that we don’t currently process orders online, therefore you will never be asked to input any personal information onto our website.
Submitting email enquiries via our online ‘Contact us’
If you chose to contact us via our website you will be asked to insert the following information; Name, email address and message. Once completed this information is sent to us so that we can assist with your enquiry. Providing this information is at your own discretion and you may refuse to provide this information, however we will be unable to assist with your enquiry.
Contacting HMS by telephone, e-mail or in person
Upon contacting HMS we will ask for your name, company name and contact telephone number. This information is used for the purpose of your enquiry so that we can contact you if required. Please note it is HMS’s policy to not provide prices over the telephone, this information is given by email only. Providing this information is at your own discretion and you may refuse to provide this information, however we will be unable to assist with your enquiry.
2. DATA INTEGRITY
We will not process personal information in a way that is not for what is was intended unless we have been subsequently authorised by that person. We will take all reasonable steps to ensure that the personal information we hold is relevant and accurate for its intended use.
Healthmed Supplies will not disclose or share employees or customer’s information to third parties without due cause. In the cases where HMS collects personal information from other persons, it takes measures to respect the privacy preferences of the identifiable person. Examples of when HMS may seek information from others include without limitation; recruitment and HMRC purposes.
At the time that HMS collects personal information from you we will inform you of the purpose for which the personal information is being collected and how it is used by us.
HMS will not disclose personal information to third parties except in accordance with this Policy and as disclosed at the time of the collection of the Information. By ordering from us you are doing so in confidence that your information is being treated with the strictest of security and that we use all preventative methods to ensure that your information is protected. Healthmed Supplies will remain transparent with how your information is used.
HMS will not disclose personal information to a third party or use it for any purpose other than that for which it was originally collected or subsequently authorised by you, except as required by law, court order and for anti fraud and security reasons.
HMS takes security of data seriously. HMS will take all reasonable precautions to keep your Personal Information secure. All personally identifiable information is subject to restricted access to prevent modification, unauthorised access or misuse. All computers are password protected which are reviewed and changed on a monthly basis (or sooner if necessary).
When information is required to be destroyed this is done so by shredding (paper), deletion from email, including any sent and deleted items and also deletion from computers including any back up and deleted folders. HMS maintains information for 8 years from the current January for VAT and HMRC purposes, any information which is no longer required is destroyed when required and is not kept for longer than its purpose or necessary. Drug and alcohol test information is stored for 2 years; after this time has passed (since its completion) it will be destroyed (providing there is no requirement to maintain this information).
HMS cannot guarantee that information (during transmission through the internet or whilst stored on our system or otherwise in our care) will be absolutely safe from intrusion by others. HMS does not accept any responsibility for loss arising from unauthorised access to/or interference with, any internet communications by any third party, or from the transmissions of any viruses. Should this occur HMS will notify the relevant authorities and customers who are affected.
Should you receive an email from us which you think may be spam please notify us as soon as possible so we can investigate further. Do not open the email or any attachments if you are unsure. HMS has no responsibility for emails which are opened and received in error which subsequently may cause virus or malware.
Please always be mindful of who you share your information with, whether it be personal or financial. If you are unsure please always call us first to authenticate the person who has called or emailed you.
Any emails sent or received by Healthmed Supplies may be subject to disclosure under The Freedom of Information Act 2000. All emails are internally monitored and all email accounts are password protected.
Access and your Rights
To request a copy of any personal information HMS hold about you please contact us at [email protected] an administration fee of £15.00 may apply for this service.
Please note information requests are subject to any exemptions provided by law, you may have the right to request access to your personal information and also to update, delete, consent, correct or withdraw this information.
Please use the same email address for requesting to unsubscribe from our marketing emails and services.
We will conduct periodic internal audits of our ongoing adherence to this Policy, and will promptly seek to remedy any instances of non compliance brought to our attention.
Healthmed Supplies encourages its employees and customers to raise any concerns that they may have about the way that we protect or use your information.
Data Protection Officer
As per the UK GDPR Guidelines Healthmed Supplies do not require a Data Protection Officer. However should you have any questions please do not hesitate in contacting us.
Should you have any questions or concerns please do not hesitate in contacting us at [email protected]
You have a right to complain to ICO (Information Commissioners Office) if you feel there is a problem with the way HMS have handled your data.
Should you have any questions please do not hesitate in contacting us.