Privacy Policy

When you contact BresMed or visit our website, you trust us with your personal information. This Privacy Policy explains what information we collect, why we collect it, what we do with it and your choices and rights with regard to your information.

About this privacy policy

This privacy policy, together with any agreement between us, explains how we (BresMed) collect, use, share and transfer your personal data.

We think carefully about our use of personal data, and below you can find the details of what we do to protect your privacy. This policy covers, among other topics:

  • Information about your rights and our obligations
  • Clarity about our dealings with you and transparency about how we collect and use your personal data
  • Commitments on how we protect your personal data
  • Commitments on how we will facilitate your rights and respond to your questions

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you; this will ensure that you are fully aware of how and why we are using your data. This privacy policy supplements other agreements, notices and privacy policies and is not intended to override them.

Personal data is any information about you by which you can be identified. This can include information such as: your name, date of birth, email address, postal address, phone number, mobile number; debit card details; information about your device (such as the IP address, which is a numerical code to identify your device that can provide information about the country, region or city where you are based); and information relating to your personal circumstances and how you use our site and services.

Sometimes our site may contain links to third party sites and services. These sites and services have their own privacy policies. If you follow a link to a third party, you should read the privacy policy shown on their site.

Who we are and how to contact us

When you are using our website, BresMed Health Solutions Ltd is the data controller (referred to as ‘BresMed’, ‘we’, ‘us’ or ‘our’ in this privacy policy). Our registered office is Steel City House, West Street, Sheffield, S1 2GQ, United Kingdom. We also have offices in Dublin, Gurugram, Las Vegas, Manchester and Utrecht.

As the data controller, we are responsible for deciding how and why we hold and use your personal data. If you want to contact us, you can find our contact details in the ‘How to contact us for information on our use of your personal data’ section below.

When we refer to our website we mean:

What personal data we collect and how

We may collect, use, store and transfer different kinds of personal information about you that we have grouped together as follows:

  • Identity data – name, username, marital status, title, photographs, date of birth and gender
  • Contact data – email address or telephone numbers, billing address, delivery address, social media addresses
  • Professional data – your qualifications and employment history
  • Technical data – internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website
  • Profile data – feedback and survey responses
  • Usage data – information about how you use our website
  • Marketing and communications data – your preferences in receiving marketing from us and your communication preferences

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

How we collect personal data

We may collect, store and transfer personal information about you from the following sources: data you give us, data we collect when you use our services and data from third parties we work with.

Data you give to us:

  • When you use our services
  • When we deal with you on behalf of a client
  • When you provide us with the information
  • When you or your business provide services to us or our clients
  • When you visit our website
  • When you fill in forms on our website
  • When you enquire about working with us or apply to work with us
  • In certain circumstances, when you have previously worked with us
  • When you provide us with information for the purpose of us providing you with details of our services or for inviting you to events
  • When you talk to us on the phone
  • When you email or send letters to us for any reason
  • When you engage with us on social media
  • If you take part in our competitions or promotions
  • When you give us feedback, comments and service reviews
  • When you book any kind of appointment with us
  • When you send us photographs and images of yourself


Data we collect when you use our services:

Direct Interactions

You may give us your identity data and contact data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • Apply for our products or services
  • Create an account on our website
  • Subscribe to our services or publications
  • Request marketing to be sent to you
  • Give us feedback or contact us


Visitors to our website

When someone visits we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out information such as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we want to collect personally identifiable information through our website, we will be upfront about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

Cookies and similar technology

When you visit our site, we may collect personal data from you automatically using cookies or similar technology. A cookie is a small file that can be placed on your device that allows us to recognize and remember you. Please see our separate Cookie policy for more information.

Visitors to our offices

When you visit us at any of our offices, we have CCTV systems in operation for the security of clients and employees and these systems may record your image.

Posting comments on our social media accounts

When you post information on a BresMed social media feed or comment publicly on a post on one of our feeds, the information you post and your username are publicly accessible. This information can be viewed online and collected by other people. We are not responsible for the way other people use this information. When contributing to a discussion, we strongly recommend you avoid sharing any personal details, and, especially, information that can be used to identify you directly such as your name, age, address and the name of your employer. We are not responsible for the privacy of any identifiable information that you post on our social media accounts.

Data from third parties we work with:

  • Companies that introduce you to us
  • Social networks
  • Agents/agencies working on our behalf
  • Government and law enforcement agencies
  • Identity and contact data from publicly availably sources

How and why we use your personal data

We will only use your personal data where we have legal ground to do so. We determine the legal grounds based on the purposes for which we have collected and used your personal data. In every case, the legal ground will be one of the following:

  • Where we need to perform the contract we are about to enter into or have entered into with you (for example, where we have agreed to send you certain products or services, we will collect your address details to deliver materials and we may pass them to our courier)
  • Where it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests. For example, we may use your personal details to provide you with information about the services we provide, to provide industry updates and to market our services
  • Where we need to comply with a legal or regulatory obligation (for example, we pass on details of people involved in fraud or other criminal activity affecting us to law enforcement agencies)
  • Where we can collect and process your data with your consent (for example, when you tick a box to receive email newsletters)

Security of your personal data

We have appropriate security measures in place to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and are subject to a duty of confidentiality.

We have procedures in place to deal with any suspected personal information breach, and will notify you and any applicable regulator (including the Information Commissioner’s Office [ICO]) of a breach where we are legally required to do so.

Who we share your personal data with

We do not share your personal data with other people or organizations that are not directly linked to us except under the following circumstances:

  • We may share your data with other organizations that provide services on our behalf such as dealing with online payments and other forms of payment processing, i.e. credit card transactions and preventing fraud
  • We may share your data with other affiliated organizations that co-host events with BresMed, such as registration information, details of the event and contact details to receive marketing information on the companies involved
  • We may reveal your personal data to any law enforcement agency, court, regulator, government authority or other organization if we are required to do so to meet a legal or regulatory obligation, or otherwise to protect our rights or the rights of anyone else
  • We may reveal your personal data to any other organization that buys, or to which we transfer all, or substantially all, of our assets and business. If this sale or transfer takes place, we will use reasonable effort to make sure that the organization we transfer your personal data to uses it in line with our privacy policy

Any organizations that access your data in the course of providing services on our behalf will be governed by strict contractual restrictions to make sure that they protect your data and keep to all data privacy laws that apply. We may also independently audit these service providers to make sure that they meet our standards.

Some of our webpages may use social plug-ins from other organizations (such as the ‘Facebook Recommend’ function, Twitter’s retweet function, Google+ function). These other organizations may receive and use personal data about your visit to our site. If you browse our site, information they collect may be connected to your account on their site. For more information on how these organizations use personal data, please read their privacy policies

International data transfers

Data we collect may be transferred to, stored and processed in any country or territory where one or more of our BresMed group companies or service providers are based or have facilities. While other countries or territories may not have the same standards of data protection as those in your home country, we will continue to protect personal data that we transfer in line with this privacy policy.

Whenever we transfer your personal data out of the European Economic Area (EEA), we ensure similar protection and put in place at least one of these safeguards:

  • We will only transfer your personal data to countries that have been found to provide an adequate level of protection for personal data
  • We may also use specific contracts with our service providers that are based in countries outside the EEA. These contracts give your personal data the same protection it has in the EEA
  • Where we use service providers in the United States, we may transfer personal data to them if they are part of the Privacy Shield scheme, which requires them to provide a similar level of protection of your personal data to what is required in the EEA
  • Where we use service providers outside the EEA or UK, we may transfer your personal information from your home country to the US (or other countries) based on the following legal bases:
    • Legitimate business interests: we could not provide our services or comply with our legal obligations without transferring your personal information to that country
    • Our use of standard contractual clauses (also known as ‘model clauses’) where appropriate

How long we keep your personal data

We only keep your personal data for as long as we need to (this will be dependent on the type of relationship we have with you). How long we need your personal data depends on what we are using it for, as set out in this privacy policy. For example, we may need to use it to answer your queries about a service we have provided and, as a result, may keep personal data while you are still using our services. Job applicant data may be stored to enable us to check repeat applications, show reasons for hiring decisions and/or to notify candidates of future relevant job opportunities. We may also need to keep your personal data for accounting purposes. If we no longer need your data, we will delete it or make it anonymous by removing all details that identify you. If we have asked for your permission to process your personal data and we have no other lawful grounds to continue with that processing, and you withdraw your permission, we will delete your personal data. However, if you unsubscribe from marketing communications, we will keep your email address to ensure that we do not send you any marketing in future.

Your rights with regard to the personal data that we hold about you

You can contact us with regard to the following rights in relation to your personal data:

  • If you would like to have a copy of or access to your personal data we hold or if you think that we hold incorrect personal data about you, or would like your data transferring to another entity, please write to the Data Protection Officer at BresMed Health Solutions Ltd, Steel City House, West Street, Sheffield, S1 2GQ, United Kingdom (or email: We will deal with requests for copies of your personal data or for correction of your personal data within 1 month. If your request is complicated or if you have made a large number of requests, it may take us longer. We will let you know if we need longer than 1 month to respond. You will not have to pay a fee to obtain a copy of your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
  • Where you have provided us with consent to use your personal data, you can withdraw this at any time
  • You also have the right to ask us to delete your personal data or object to or restrict how it is used. There may be exceptions to the right to erasure for specific legal reasons, which, if applicable, we will set out for you in response to your request. Where applicable, you have the right to object to processing of your personal data for certain purposes.

If you want to make any of these requests, please contact We may need to request specific information from you to help us confirm your identity.

How to contact us for information on our use of your personal data

If you have any questions about how we use your personal data or if you have a concern about how your personal data is used, please contact the Data Protection Officer at BresMed Health Solutions Ltd, Steel City House, West Street, Sheffield, S1 2GQ, United Kingdom (email:

Complaints will be dealt with by the Data Protection Officer and will be responded to within 30 days.

If you are dissatisfied with the way your concern has been handled, you can refer your complaint to the ICO.

If you have a question about anything else, please see our Contact us page.

Changes to the Privacy Policy

If we decide to change our privacy policy, we will post the changes here. If required by law, we will obtain your permission or give you the opportunity to opt out of any new uses of your data.

Changes to this privacy policy to date

  • May 2018: updated to reflect changes resulting from the General Data Protection Regulation
  • March 2019: updated to reflect our change of registered office address
  • January 2020: annual review to ensure content is up to date
  • March 2021: updated sections on data sharing with affiliated companies and international transfer
By continuing to browse or by clicking "Accept All Cookies" you agree to the storing of first and third-party cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.
Cookie Policy
Accept All Cookies
By continuing to browse or by clicking "Accept All Cookies" you agree to the storing of first and third-party cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.
Cookie Policy
Accept All Cookies