This Policy aims to provide you with information on how we collect and process your personal data through this website and otherwise through our dealings with you.
This website is operated by Clinical Services International Limited (registered and incorporated in England and Wales, with company number 06662194, and registered office at 50 Sloane Avenue, London, SW3 3DD, United Kingdom), together with CSI Clinical Services International GmbH (registered and incorporated in Germany, with company number HRB227536 Berlin, whose registered office is at c/o Cormoran GmbH, Am Zirkus 2, 10117 Berlin, Germany) (referred to as “we”, “us” or “our” in this Policy). Together, we are the data controller responsible for your personal data.
If you have any questions about this Policy, including any requests to exercise your legal rights, please contact us using the details set out below (see ‘How to contact us’ below).
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). A data subject is the individual who the personal data relates to.
We may collect and use the following kinds of personal data about you (some of which is subject to you choosing to provide us with it):
We collect and use this personal data to provide products and services to you. If you do not provide personal data that we ask for, it may delay or prevent us from providing such products and services to you.
This website is not intended for children and we do not knowingly collect data relating to children
We use different methods to collect data from and about you including through:
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
The table below explains what we use your personal data for and why.
|What we use your personal data for||Our reasons|
To efectively perform our contract with you
For our legitimate interests i.e to make sure we can deliver the best service to you and respond to you when you need us.
|Preventing and detecting fraud against you or us||For our legitimate interests or those of a third party, i.e to minimise fraud that could be damaging for you and/or us|
|Activities necessary to comply with professiona, legal and regulatory obligations that apply to our business, e.g under health and safety law or rules issued by our professional regulator||
To comply with our legal and regulatory obligations
For our legitimate interests or those of a third party, i.e to minimise fraud and to prevent consumers registering more than one membership in order to exploit our services.
|Gathering and providing information required by law or relating to audits, enquiries or investigations by regulatory bodies.||To comply with our legal and regulatory obligations|
|Ensuring business policies are adhered to, e.g. policies covering security and internet use||For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you|
|Operational reasons, such as improving efficiency, training and quality control||For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service to you at the best price|
|Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product range or other efficiency measures||For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service to you at the best price|
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||
For our legitimate interests i.e. to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy.
In certain circumstances where you have given your consent
|Preventing unauthorised access and modifications to systems||
For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for you and/or us
To comply with our legal and regulatory obligations
|Updating and enhancing customer records and our service provided to you||
To perform our contract with you or to take steps at your request before entering into a contract
To comply with our legal and regulatory obligations
For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products or services
Special category person data includes personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership; genetic and biometric data (when processed to uniquely identify an individual); and data concerning health, sex life or sexual orientation.
We do not anticipate that we will collect any such data. However, if we do process special category personal data, we will also ensure we are permitted to do so under data protection laws.
You may receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing. You may also receive such marketing communications from us if you have consented to it.
You have the right to opt out of receiving marketing communications at any time. Please contact us if you wish to do or elect to unsubscribe directly.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We may share personal data with:
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.
We may also need to:
If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).
All staff at Clinical Services International adhere to our confidentiality policy. It is their legal obligation to keep all information confidential unless there is a safety risk.
In addition we only disclose personal information when we have your express permission. The only time we can share details without your consent is if it is required by the law.
Every person has the right to withdraw consent for details to be shared at any point.
A carer or representative may be able to give consent if the individual is unable to do so themselves for whatever reason.
The law requires us to pass on certain personal details when a court order is issued.
Personal data may be shared with our affiliated company, CSI Clinical Services International GmbH, located in Germany (see above: ‘Who we share your personal data with’).
Under UK and European data protection laws, we can only transfer your personal data to a country or international organisation abroad in certain circumstances. We will ensure that where your personal data is transferred abroad, it does so in accordance with applicable laws. This may include an adequacy decision being in place in relation to the country that is in receipt of your personal data or we may have in place appropriate safeguards to protect your personal data, including the use of approved Standard Contractual Clauses and/or Data Transfer Agreements, where deemed safe. Alternatively a specified transfer exception may apply.
We will keep your personal data while you have an account with us or we are providing products and services to you. Thereafter, we will keep your personal data for as long as is necessary.
We will not keep your personal data for longer than necessary. Different retention periods apply for different types of personal data. When it is no longer necessary to keep your personal data, we will delete or anonymise it.
For example, we may monitor how many times you visit the website, which pages you go to, traffic data, location data and the originating domain name of your internet service provider. This information helps us to build a profile of our users and provide all the features of our website. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.
We use the following cookies:
We will ask for your permission to place cookies or other similar technologies on your device, except where they are essential for us to provide you with a service that you have requested and/or the functioning of the website.
At any time, you can prevent cookies from being set on your browser. It may be necessary to refresh the page for the updated settings to take effect. For instructions on how to block, delete or disable any cookies, please consult your browser’s ‘Help’ or ‘Support’ section. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our website.
For a list of the specific cookies we may collect, please contact us.
You have the following rights in relation to your personal data, which you can exercise at any time:
|Acess||The right to be provided with a copy of your personal data|
|Rectification||The right to require us to correct any mistakes in your personal data|
|Erasure (also known as the right to be forgotten)||The right to require us to delete your personal data—in certain situations|
|Restriction of processing||The right to require us to restrict processing of your personal data in certain circumstances, e.g. if you contest the accuracy of the data|
|Data portability||The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations|
The right to object:
—at any time to your personal data being processed for direct marketing (including profiling);
—in certain other situations to our continued processing of your personal data, eg processing carried out for the purpose of our legitimate interests.
|Not to be subject to automated individual decision making||The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you|
If you would like to exercise any of those rights, please:
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We have appropriate security measures to prevent personal data from being accidentally lost, used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We also have security procedures in place as well as technical and physical restrictions to access to ensure the your personal data is safeguarded at all times.
We have procedures in place to deal with any data security breach. We will notify you and any applicable regulator of a data security breach where we are legally required to do so.
Please contact us if you have any query or concern about our use of your information (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.
You also have the right to make a complaint at any time to your local supervisory authority for data protection issues, in the UK this is the Information Commissioner’s Office (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach a third party so please contact us in the first instance.
We may change this Policy from time to time. Please ensure that you regularly check this Policy for any changes that may affect you.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
You can contact us by post, email or telephone if you have any questions about this Policy or the information we hold about you, to exercise a right under data protection law or to make a complaint.
Our contact details are shown below:
|Our contact details|
Clinical Services International, 50 Sloane Avenue, London
SW3 3DD, United Kingdom
CSI Clinical Services International GmbH, c/o Cormoran GmbH, Am Zirkus 2, 10117 Berlin, Germany
|Telephone number:||+44 (0)203 954 0517|