We think carefully about our use of personal data, and below you can find the details of what we do to protect your privacy. This policy covers, among other topics:
- Information about your rights and our obligations
- Clarity about our dealings with you and transparency about how we collect and use your personal data
- Commitments on how we protect your personal data
- Commitments on how we will facilitate your rights and respond to your questions.
Personal data is any information about you by which you can be identified. This can include information such as: your name, date of birth, email address, postal address, phone number, mobile number; debit card details; information about your device (such as the IP address, which is a numerical code to identify your device that can provide information about the country, region or city where you are based); and information relating to your personal circumstances and how you use our site and services.
Who we are and how to contact us
This means that we are responsible for deciding how and why we hold and use your personal data. If you want to contact us, you can find our contact details in the ‘How to contact us for information on our use of your personal data’ section below.
When we refer to our website we mean our website at www.bresmed.com.
What personal data we collect and how
We may collect, use, store and transfer different kinds of personal information about you which we have grouped together as follows:
Identity data – name, username, marital status, title, photographs, date of birth and gender.
Contact data – billing address, delivery address, email address or telephone numbers, social media addresses.
Technical data – internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.
Profile data – feedback and survey responses.
Usage data – information about how you use our website.
Marketing and communications data – your preferences in receiving marketing from us and your communication preferences.
If you are using our website to apply for a job with us, our Candidate Policy will apply.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
How we collect personal data
We may collect, store and transfer personal information about you from the following sources; data you give to us, data we collect when you use our services and data from third parties we work with.
Data you give to us:
- when you use our services;
- when you talk to us on the phone;
- when you use our website;
- when you email or send letters to us for any reason;
- when you engage with us on social media, your social media username, if you interact with us through those channels;
- if you take part in our competitions or promotions;
- when you give us feedback, comments and service reviews;
- when you book any kind of appointment with us; and
- when you send us photographs and images of yourself.
Data we collect when you use our services:
You may give us your Identity data and Contact data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- apply for our products or services;
- create an account on our website;
- subscribe to our services or publications;
- request marketing to be sent to you; or
- give us feedback or contact us.
Visitors to our website
When someone visits www.bresmed.com we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out information such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Cookies and similar technology
Visitors to our offices
When you come to visit us at any of our office locations we have CCTV systems in operation for the security of clients and employees. These systems may record your image during your visit.
Posting comments on our social media accounts
When you post information on a BresMed social media feed or comment publicly on a post on one of our feeds, the information you post and your username are publicly accessible. This information can be viewed online and collected by other people. We are not responsible for the way other people use this information. When contributing to a discussion, we strongly recommend you avoid sharing any personal details, and especially information that can be used to identify you directly such as your name, age, address and the name of your employer. We are not responsible for the privacy of any identifiable information that you post on our social media accounts.
Data from third parties we work with:
- Companies that introduce you to us
- Social networks
- Agents/agencies working on our behalf
- Government and law enforcement agencies
- Identity and contact data from publicly availably sources
How and why we use your personal data
We will only use your personal data where we have a legal ground to do so. We determine the legal grounds based on the purposes for which we have collected and used your personal data. In every case, the legal ground will be one of the following:
- Where we need to perform the contract, we are about to enter into or have entered into with you (for example, where we have agreed to send you certain products or services, we’ll collect your address details to deliver materials to and we may pass them to our courier).
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (for example, we will use your email address to send you information about our services that you have shown particular interest in).
- Where we need to comply with a legal or regulatory obligation (for example, we pass on details of people involved in fraud or other criminal activity affecting us to law enforcement agencies).
- Where we can collect and process your data with your consent (for example, when you tick a box to receive email newsletters).
Security of your personal data
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator (including the ICO) of a breach where we are legally required to do so.
Who we share your personal data with
We do not share your personal data with other people or organisations that are not directly linked to us except under the following circumstances:
We may share your data with other organisations that provide services on our behalf such as dealing with online payments and other forms of payment processing, ie credit card transactions and preventing fraud.
We may reveal your personal data to any law enforcement agency, court, regulator, government authority or other organisation if we are required to do so to meet a legal or regulatory obligation, or otherwise to protect our rights or the rights of anyone else.
Any organisations which access your data in the course of providing services on our behalf will be governed by strict contractual restrictions to make sure that they protect your data and keep to all data privacy laws that apply. We may also independently audit these service providers to make sure that they meet our standards.
Some of our webpages may use social plug-ins from other organisations (such as the “Facebook Recommend” function, Twitter’s retweet function, Google+ function). These other organisations may receive and use personal data about your visit to our site. If you browse our site, information they collect may be connected to your account on their site. For more information on how these organisations use personal data, please read their privacy policies
International data transfers
Whenever we transfer your personal data out of the European Economic Area (EEA), we ensure similar protection and put in place at least one of these safeguards:
We will only transfer your personal data to countries that have been found to provide an adequate level of protection for personal data.
How long we keep your personal data
Your rights with regard to the personal data that we hold about you
You can contact us with regard to the following rights in relation to your personal data:
If you would like to have a copy of or access to the personal data we hold on you or if you think that we hold incorrect personal data about you or would like your data transferring to another entity, please write to the Data Protection Officer at BresMed Health Solutions Ltd, Steel City House, West Street, Sheffield, S1 2GQ, United Kingdom. Or, email firstname.lastname@example.org. We will deal with requests for copies of your personal data or for correction of your personal data within one month. If your request is complicated or if you have made a large number of requests, it may take us longer. We will let you know if we need longer than one month to respond. You will not have to pay a fee to obtain a copy of your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
Where you have provided us with consent to use your personal data, you can withdraw this at any time.
You also have the right to ask us to delete your personal data or object to or restrict how it is used. There may be exceptions to the right to erasure for specific legal reasons which, if applicable, we will set out for you in response to your request. Where applicable, you have the right to object to processing of your personal data for certain purposes.
If you want to make any of these requests, please contact email@example.com.
We may need to request specific information from you to help us confirm your identity.
How to contact us for information on our use of your personal data
If you have any questions about how we use your personal data or if you have a concern about how your personal data is used, please contact the Data Protection Officer at BresMed Health Solutions Ltd, Steel City House, West Street, Sheffield, S1 2GQ, United Kingdom. Or, email firstname.lastname@example.org.
Complaints will be dealt with by the Data Protection Officer and will be responded to within 30 days.
If you are not satisfied with the way your concern has been handled, you can refer your complaint to the Information Commissioner’s Office.
If you have a question about anything else, please see our Contact us page.
May 2018: updated to reflect changes resulting from the General Data Protection Regulation.
March 2019: updated to reflect our change of registered office address.