Privacy Policy
This Privacy Policy applies between you, Dr XXX, and Russell Regulatory Consultants. Russell Regulatory Consultants takes the privacy of your information very seriously. This Privacy Policy applies to our use of any and all personal data collected by us or provided by you in relation to our mutual interest.
Please read this Privacy Policy carefully.
Definitions and Interpretation
1. In this Privacy Policy, the following definitions are used:
Personal data Collectively all information you submit to Russell Regulatory Consultants. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws;
Data Protection Laws Any applicable law relating to the processing of personal data, including but not limited to, the GDPR, and any national implementing and supplementary laws, regulations, and secondary legislation;
GDPR The UK General Data Protection Regulation;
We or us Russell Regulatory Consultants
You Dr XXX
2. In this Privacy Policy, unless the context requires a different interpretation:
a. The singular includes the plural and vice versa;
b. References to sub-clauses, clauses, schedules or appendices are to sub-clauses, clauses, schedules or appendices of this Privacy Policy;
c. A reference to a person includes firms, companies, government entities, trusts and partnerships;
d. “Including” is understood to mean “including without limitation”;
e. Reference to any statutory provision includes any modification or amendment of it;
f. The headings and sub-headings do not form part of this Privacy Policy.
Scope of this Privacy Policy
3. This Privacy Policy applies only to the actions of Russell Regulatory Consultants and with respect to the information we currently hold on you (your name and title, speciality, email address, CV and LinkedIn information). It does not currently extend to any other company, including any client of ours who may wish to engage your services in the future.
4. For the purposes of the applicable Data Protection Laws, Russell Regulatory Consultants is the “data controller”. This means that Russell Regulatory Consultants determines the purposes for which, and the manner in which, your personal data is processed.
How we collect personal data
5. We collect personal data in the following ways:
a. Personal data is given to us by you; and b. From publicly available resources, e.g. your LinkedIn profile to determine your area of speciality.
Personal data that is given to us by you
6. Russell Regulatory will collect your personal data when you are in contact with us via email, LinkedIn, telephone, Teams or through any other means; in each case, in accordance with this Privacy Policy. Personal data that is collected automatically
7. We collect personal data automatically via cokies. If this were to change in due course, you would be notified by email.
Basis for processing
8. When we process your personal data, we are required to have a lawful basis for doing so. There are various different lawful bases on which we may rely, depending on what personal data we process and why.
9. Please see the below for more information on the lawful basis that we may rely on:
consent: where you have given us clear consent for us to process your personal data for a specific purpose
contract: where our use of your personal data is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
legal obligation: where our use of your personal data is necessary for us to comply with the law (not including contractual obligations)
legitimate interests: where our use of your personal data is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal data which overrides our legitimate interests)
Keeping personal data secure
10. We will use technical and organisational measures to safeguard your personal data, for example:
a. We store your personal data on secure applications, which are encrypted, and password protected.
11. Technical and organisational measures include measures to deal with any suspected personal data breach. If you suspect any misuse or loss or unauthorised access to your personal data, please let us know immediately by contacting us via this email address: [email protected].
12. If you would like detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses, and many other breaches, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
Personal data Retention
13. Unless a longer retention period is required or permitted by law, we will only hold your personal data on our systems for the period necessary to fulfil the purposes outlined in this Privacy Policy or until you request that the personal data be deleted.
14. Even if we delete your personal data, it may persist on backup or archival media for legal or regulatory purposes.
Your rights
15. You have the following rights in relation to your personal data:
a. Right to be informed – the right to be informed about the collection and use of your personal data.
b. Right to access – the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update, or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive”. Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
c. Right to correct – the right to have your personal data rectified if it is inaccurate or incomplete.
d. Right to erase – the right to request that we delete or remove your personal data from our systems.
e. Right to restrict our use of your personal data – the right to “block” us from using your personal data or limit the way in which we can use it.
f. Right to data portability – the right to request that we move, copy, or transfer your personal data.
g. Right to object – the right to object to our use of your personal data including where we use it for our legitimate interests.
h. Right to Avoid Automated Decision-Making – the right to not be subject to a decision based solely on automatic processing of your personal data.
16. To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your personal data (where consent is our legal basis for processing your personal data), please contact us via this email address: [email protected].
17. If you are not satisfied with the way a complaint you make in relation to your personal data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner’s Office (ICO). The ICO’s contact details can be found on their website at https://ico.org.uk/.
18. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during the period for which we hold it. Referral to other companies
19. We will share your personal data Medical Device companies wishing to engage your services in order to perform our contract with you. We have no control over the Privacy Policies of such companies and so are not responsible for the content of their Privacy Policies. You are advised to read the Privacy Policies of other companies, prior to agreeing terms with them.
Transfer of your personal data out of the UK and EEA
20. We may transfer your personal data to the following which are located outside the United Kingdom (UK) and European Economic Area (EEA). Where we transfer your personal data outside of the UK and the EEA, we will only do so for the purposes mentioned in this Policy and any contract that we have entered into with you or the entity that you are representing.
21. Countries outside of the UK and the EEA do not have the same data protection laws as the UK and EEA. Therefore, when making such a transfer of data, we will always rely on a safeguard mechanism under the UK GDPR and/or the EU GDPR. We will only transfer your personal data to a country which the European Commission or the UK authorities have given a formal adequacy decision/regulation that confirms this third-country provides an adequate level of data protection similar to those which apply in the UK and EEA. If the third-country does not have an adequacy decision awarded to it, any transfer of your personal information will be subject to entering into the European Commission’s Standard Contractual Clauses (the SCCs) which are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data.
22. Transfers of personal data from the UK to the EEA shall be done on the basis of the adequacy regulation awarded to the European Union by the UK pursuant to the withdrawal of the UK from the European Union. Transfers of personal data from the EEA to the UK shall be done on the basis of the adequacy decision awarded by the European Commission to the UK in June 2021, and notwithstanding this, by entering into the SCCs for any such transfers of personal data.
23. We will not otherwise transfer your personal data outside of the UK and the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
Cookies
24. Please read this Cookies Policy carefully as it contains important information on how we use cookies on our Site.
Cookies
25. A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you visit and use our Site. We use cookies on our Site. These help us to recognise you and your device and store some information about your preferences or past actions.
26. For example, we may monitor how many times you visit the Site, which pages you go to, traffic data, location data and the originating domain name of your internet service provider.
27. This information helps us to grow our business and provide more tailored content for you.
28. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.
29. For further information on cookies generally, including how to control and manage them, visit the guidance on cookies published by the UK Information Commissioner’s Office, www.aboutcookies.org or www.allaboutcookies.org.
Consent to use cookies and changing settings
30. We will ask for your consent to place cookies or other similar technologies on your device, except where they are essential for us to provide you with a service that you have requested (e.g. to enable you to put items in your shopping basket and use our check-out process).
31. You can withdraw any consent to the use of cookies or manage any other cookie preferences by using our privacy dashboard on the Site.
Our use of cookies
32. The table below provides more information about the cookies we use and why:
|
The cookies we use |
Purpose |
Essential |
Consent Required |
|---|---|---|---|
|
Session_Cookie |
To maintain user session and allow access to secure areas of the website. |
Yes |
No |
|
Cart_Cookie |
To store items in the shopping cart. |
Yes |
No |
|
Analytics_Cookie |
To collect anonymous data on website usage for improving user experience. |
No |
Yes |
|
Preferences_Cookie |
To remember user preferences (e.g., language, currency). |
No |
Yes |
How to turn off all cookies and consequences of doing so
33. If you do not want to accept any cookies, you may be able to change your browser settings so that cookies (including those which are essential to the services requested) are not accepted. If you do this, please be aware that you may lose some of the functionality of our Site.
34. For further information about cookies and how to disable them please go to the guidance on cookies published by the UK Information Commissioner’s Office, www.aboutcookies.org or www.allaboutcookies.org. General
35. You may not transfer any of your rights under this Privacy Policy to any other person. We may transfer our rights under this Privacy Policy where we reasonably believe your rights will not be affected.
36. If any court or competent authority finds that any provision of this Privacy Policy (or part of any provision) is invalid, illegal, or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of other provisions of this Privacy Policy will not be affected.
37. Unless otherwise agreed, no delay, act, or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
38. This Agreement will be governed by and interpreted according to the laws of England and Wales . All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the courts of England and Wales.
Changes to this Privacy Policy
39. Russell Regulatory Consultants reserve the right to change this Privacy Policy as we may deem necessary from time to time or as may be required by law. You will be notified via email of any changes to the policy and it is your responsibility to raise any concerns regarding this to us immediately (Contact: [email protected]) or you will be deemed to have accepted the altered terms of the Privacy Policy.
This Privacy Policy was updated on 15/01/2024.