Privacy Policy

About this Policy

This Privacy Notice explains what happens with any personal data we gather from you in relation to:

  • your use of this website;
  • your use of one of our software products;
  • any customer service or other enquiries you submit to us.

We recognise our obligations under data protection legislation and we are committed to keeping your personal data safe and secure.

You should read this Privacy Notice so that you understand how we will handle your personal data.

Our aim is to only use and hold your personal data in ways that you would reasonably expect us to.

We reserve the right to amend this Privacy Notice from time to time. If we amend this Privacy Notice we will make you aware of this via updates posted on our website.

Who we are

We are Medisoft Limited, based at Jubilee House, 33 Park Place, Leeds LS1 2RY company registered number 3318478.

Our registration number with the Information Commissioner's Office is Z1829699.

If you have any questions regarding this Privacy Notice or how we process your personal data please contact us using the details below:

Data Protection Representative dpo@medisoft.co.uk

What personal data do we gather about you?

"Personal data" is any information about an individual from which that individual can be identified. It does not include data from which an individual cannot be identified, for example anonymised data.

The types of personal data we may collect, use, store and transfer in relation to you may consist of the following:

Data SubjectTypes of Personal Data
Website visitor/userIP address
A user of our software (e.g. a member of staff within a hospital)Name, address, job title, e-mail, telephone number
A patient or a Licencee of our softwareName, patient IDs, date of birth, medical records
Individual making enquiries / seeking customer service assistance (e.g. support in relation to our software)Name, address, e-mail, telephone number

How do we collect your personal data?

We may collect personal data about you from the following sources:

  • Information you provide to us via our website or when using our software;
  • Information that is provided to us by a licensee of our software, e.g. information provided by a hospital so that a user of our software may access and use the software.

How do we store your personal data and keep it secure?

We use reasonable and up to date security methods to:

  • keep your data secure;
  • prevent unauthorised or unlawful access to your personal data;
  • prevent the accidental loss of or damage to your personal data.

All personal data you provide to us is stored on our secure servers and in secure filing systems.

We have in place policies, procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction including procedures to deal with a security breach.

We will ensure your personal data is only accessible by those who need to see it for their specific role.

We will only transfer your personal data to a third party if that third party agrees to comply with our procedures and policies or if they have put in place equivalent policies and procedures of their own.

How and why we will use your personal data?

We will usually only process your personal data where:

  • the processing is necessary to comply with our legal obligations;
  • the processing is necessary for our legitimate interests or the legitimate interests of third parties.

The table below provides examples of the various ways in which we may use your personal data and which of the legal reasons we rely on when processing your personal data.

Data subject

Purpose of Processing

Legal Reason for Processing

Website visitor / userTo assist or improve the individual's use of the websiteLegitimate Interests
A user of our softwareTo provide our software for use by the Licencee/user; to administer and enforce the terms of our sofware licence

Contract

Legitimate Interests

A patient or Licencee of our softwareTo process their data when input to one of our software productsLegitimate Interests
Individual making enquiries / seeking customer service assistance (e.g. support in connection with our software)Providing details of our services / products; assisting with support issues relating to our softwareLegitimate Interests

Where the legal reason for processing is the performance of a contract with you, if you do not provide relevant personal data we will not be able to fulfil our contractual obligation(s) to you and this may have a detrimental impact on you.

We do not sell or rent personal data which you provide to us.

If you have any questions about the contents of the above table (for example, if you would like to understand what our "legitimate interests" are for any specific processing activity) please contact our Data Protection Representative.

How we keep your personal data accurate?

We will keep the personal data we store about you accurate and up to date.

We will take every reasonable step to erase or rectify inaccurate data without delay.

Please tell us if your personal details change or if you become aware of any inaccuracies in the personal data we hold about you.

We will contact you if we become aware of any event which is likely to result in a change to your personal data.

How long will we keep your personal data?

We will not keep your personal data for longer than is necessary for the purpose(s) for which we process it.

This means that data will be destroyed or erased from our systems when it is no longer required.

For guidance on how long certain data is likely to be kept before being destroyed, contact our Data Protection Representative.

What rights do you have in respect of your personal data?

You have the right to:

  • request access to any personal data we hold about you; 
  • request for any inaccurate personal data which we hold about you to be rectified;
  • request to have your personal data erased;
  • request to have the processing of your personal data restricted (for example, if you think the personal data we hold about you is inaccurate you can ask us to stop processing it until we will either correct it or confirm it is accurate); 
  • request the transfer of your personal data to another data controller;
  • object to certain types of processing, including processing based on legitimate interests, automated processing (which includes profiling) and processing for direct-marketing purposes; and 
  • withdraw consent to the processing of your personal data (where the legal reason for the processing of your personal data was your consent).

If you wish to exercise any of the rights set out above, you must make the request in writing to our Data Protection Representative. Please note some of these rights are restricted in some circumstances.

Automated decision-making

We do not conduct automated decision making (including profiling) in connection with your personal data.

Who will have access to the data we hold?

Our personnel who need to access your personal data will view it in order that we can provide our services to you.

All of our personnel have received data protection training and understand the need to keep your personal data confidential and to use it only for legitimate purposes.

In addition to our own personnel, other personnel from our service providers may process your personal data on our behalf (for example, third party hosting companies).

We may disclose your personal information to third parties:

  • if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • if we or substantially all of our assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets; and
  • if we are under a duty to disclose or share your personal data in order to comply with legal obligations or to protect the rights, property or safety of others.

If your personal data is provided to any third parties you are entitled to request details of the recipients of your personal data or the categories of recipients of your personal data.

We carry out due diligence on our service providers / other third parties and make sure we have a contract with them which satisfies the requirements of data protection legislation.

Apart from the situations referred to above, we will not disclose your personal data to a third party without your consent unless we are satisfied that they are legally entitled to access your personal data.

Transferring your data outside the European Economic Area (EEA)

We will not transfer your personal data outside the EEA unless such transfer is compliant with data protection legislation.

This means that we cannot transfer any of your personal data outside the EEA unless: 

  • the EU Commission has decided that another country or international organisation ensures an adequate level of protection for your personal data; 
  • the transfer of your personal data is subject to appropriate safeguards, which may include binding corporate rules or standard data protection clauses adopted by the EU Commission; or
  • an exception applies (including if you explicitly consent to the proposed transfer).

Cookies

Our website uses cookies to distinguish you from other users of our website. These cookies sometimes process personal data. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website.

Any information collected by this website (such as your name and email address if you are able to log in) is stored securely and confidentially and is never passed on to any other bodies except as necessary for the operation of this service. 

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information about the people visiting the site. You can find out more information about cookies on BBC Webwise.

This website complies with the new EU law on the use of cookies which came into effect on 26 May 2011 (with compliance required by 26 May 2012). This means that we explain all the cookies utilised by the website and provide information about how to disable them if you wish. More information about the new law can be found on the ICO (Information Commissioner's Office) website.

The table below explains the cookies we use and why.

Cookie

Name

Purpose

Google Analytics

_utma
_utmb
_utmc
_utmz

These cookies are used to collect information about how visitors use our site. We use the information to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come from and the pages they visited. If you do not accept their use, it will not affect your ability to use this website. More information about these cookies can be found on the Google website.

Google Translate

googtrans

If you use the Google Translate tool in the top right of the website, this records the language you have selected.

Site cookie acceptance

acceptCookies

This cookie is used to record if a user has accepted the use of cookies on the website and once you have accepted means you won’t be asked again each time you visit the site.

Logging in

loginID

If you have an account on the website and log on with your email address and password the website uses a cookie to ensure you stay logged in throughout your visit. This is automatically deleted when you log off or close your browser.

Administrator edit function

tinymcePasteText

This cookie is only used if you are a website administrators and edit a page on the website.

PHP session

PHPSESSID

This is a cookie used by the technology (PHP) that runs this website. It does not store any information about you and is automatically deleted when you close your browser. The website would not work without it so it is classed as "strictly necessary" under the new law.

Turning cookies off

Browsers allow you to change your settings to prevent cookies from being used if you wish. Doing this will mean you will be unable to log in to this website or use some of its functionality. Use the links below to find out how to do this for the most common browsers.

Right to make a complaint

If you have any issues with our processing of your personal data and would like to make a complaint, you may contact us via our Data Protection Representative or the Information Commissioner's Office on 0303 123 1113.

This Privacy Notice was last updated on 24/8/2018.