At Regulis we work with clients to support them in the European and Global regulatory area. Our sole focus is the world of registration, vigilance and compliance, specifically for pharmaceuticals, biotechnology products, medical devices and cosmetics. In order to do this effectively we will need to collect and process personal data. This document explains how we go about this important aspect of our business and in a way that you would expect protects personal data and privacy whilst recognising the requirements of the latest legislation.
Please read this document carefully as it contains important information for you.
Why we collect personal data
Regulis needs to collect and process personal data so that we can:
- deliver agreed services to our clients;
- ensure the effective running of the business;
- meet our legal obligations e.g. financial records, and;
- carry out our own marketing to develop and grow the business.
Regulis collects personal data directly. For example, from our clients, consultants and associates in the course of our normal business activities. In order to process the personal data we collect, we confirm that at least one of the reasons below are true:
- we have obtained the necessary consent from you in an appropriate manner as required;
- the personal information collected is necessary to the development and delivery of a contract or agreement to supply specific services to a client;
- the information is needed to comply with a legal obligation faced by the company; or
- it is carried out for a legitimate interest of the business, such as our marketing activities.
The data protection legislation allows businesses to process personal data where they have a legitimate business interest. Businesses that rely on this option are responsible for ensuring that the processing of that personal data does not put the individual or their rights at risk. Regulis believes it can rely on such interests in a number of situations. Examples of what we believe are a legitimate interest are to:
- Protect our business from any possible legal actions;
- Maintain an on-going relationship with clients, suppliers, and consultants; and
- Carry out marketing to subscribers obtained via our website.
We have carried out legitimate business assessments (LIAs) as outlined in the guidance issued by the Information Commissioner’s Office (ICO). We will review these assessments as part of our annual review on our approach to protecting personal data.
Where Regulis has sought your specific consent to process your personal data, you have the right to withdraw that consent at any time simply by contacting us as described in the subsequent section entitled ‘How we recognise your rights’.
What personal data we collect
Regulis typically collects from you, clients and others the full range of standard personal identifying data sets, such as:
- name, job title and company name;
- contact information including email addresses;
- demographic information such as postcode, preferences and interests;
- website usage data;
- other information relevant to client enquiries and;
- where appropriate standard employment related personal data.
What we do with personal data
Regulis uses the personal data it collects, processes and retains to:
- provide our clients the services we have been commissioned to carry out;
- invoice our clients for the services provided;
- pay our suppliers for goods and services received;
- meet our legal obligations as a private limited company;
- maintain our internal records;
- improve the products and services we provide;
- contact you in response to a specific enquiry;
- send you promotional emails about special offers or other information which we think you may find interesting using the email address which you have provided;
- send you promotional mailings or to call you about products, services, offers and other things we think might be relevant to you; and
- contact you via email, telephone or mail for market research purposes.
Where a client has provided us with personal data to carry out a specific task on their behalf, Regulis will only use that personal data for that task, and only retain the personal data whilst that specific task is active.
How we protect, store and dispose of personal data
Regulis protects personal data that it collects, processes, stores and retains by:
- employing a level of security at our facilities and on our equipment appropriate to the data protection risk;
- only using software products from reputable providers;
- carrying out all of our banking activities via our on-line account;
- disposing of all confidential paper waste using a cross-cutting shredding machine; and
- putting in place all reasonable organisational steps to ensure the integrity of such personal data.
Regulis will only keep personal data for as long as you are one of our clients. After you stop being a client, Regulis may keep personal data longer for one of the following reasons:
- to maintain records so as to meet any legal obligations that apply to it; and
- to try to resolve any issues that may arise, such as queries or complaints.
Regulis will carry out a data cleansing exercise every year to remove any personal data that it no longer needs.
How we recognise your rights
As a data subject you have certain rights. If you wish to access any of these rights, then please contact Regulis either via our enquiries email address (firstname.lastname@example.org)
It would be helpful to use the heading ‘subject access request’ in the subject field or by writing to us at:
First Floor, St Peters’ House
Please mark any correspondence ‘subject access request’.
How to complain
If you are unhappy with how Regulis has used your personal data please get in touch using the email@example.com email address or by writing to the address above. You also have the right to complain to the Information Commissioner’s Office, whose contact details are on their website:
If you have agreed that we can use your information for marketing purposes, you can easily change your mind, via one of these methods:
- send an email to firstname.lastname@example.org
- write to us with your preferences (our address is as above)
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
Any personal information we hold about you is stored and processed under our data protection policy, in line with the Data Protection Act 2018.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from our system.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.