Target Medical Solutions Limited (“Target Medical”) is a Medical Agency (registered with MEDCO) offering a broad range of medical reporting and administration services to firms of solicitors and insurers acting for private individuals and clients in the pursuit of claims for compensation for personal injury and medical negligence throughout England and Wales.
For our suppliers (including experts) and clients of our customers we will process your personal data in the role of Data Processor. We also process data of our employees and staff.
As an essential part of our business, we collect and manage client, staff and non-client data. We are committed to ensuring that your personal data is stored and processed securely. In doing so, we observe the UK Data Protection legislation, GDPR in operation since 25 May 2018 and are committed to protecting and respecting clients’ and non-clients’ privacy and rights, and act in a fair, transparent and accountable manner.
This privacy notice explains how we will collect, manage, store, use and share any personal data you provide via our website, email or networks, or through instructions from your solicitor or insurer or their agent. It describes the ways in which we collect, manage, process, store, use and share personal data about you or your clients as a result of you instructing us to act for you or your client, or have control over the use of your data. It also applies to our staff employed by us and how we manage their data.
If you have any questions regarding our use of your data, please contact our Data Protection Officer, Rebecca Reid, Managing Director at email@example.com
Alternatively, you can write to our Data Protection Officer at; Rebecca Reid, Target Medical, Equinox House, Staveley Road, Stanley Industrial Estate, Skelmersdale, WN8 8DZ
We are registered with the Information commissioners Office (“ICO”). We would appreciate the opportunity to deal with any concerns you have before you approach the ICO so please contact Rebecca Reid directly. If we are unable to resolve it with you, you do however have a right to lodge a complaint with the Information Commissioner’s Office who may be contacted at Wycliffe House, Water Lane, Wilmslow SK9 5AF or https://ico.org.uk.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us
This privacy notice may change from time to time and, if it does the up-to-date version will be available on our website and becomes effective immediately. Please take the time to read this privacy notice.
2. What information do we collect about you?
We may collect, or be provided with, and process information about you, your personnel or clients through various means including:
In the course of carrying out work for you, or your business, in which case we will process any of your client personal data as a Data processor as defined by the Data Protection legislation.
This shall include via our website, by email or other electronic correspondence, by telephone, by networking, or otherwise through providing our services or operating our business.
The personal data you give us may include:
- your name and title and date of birth
- contact information, including telephone number, postal address and email address
- information relating to your location, preferences and/or interests
- photographic identification
- with regards to your clients, their personal data including special categories of personal data
- the content of any enquiry submitted onto our website
- any other personal data we collect, for example any customer or client reference or identification numbers which may be given to you, in the context of providing our services or in the course of operating our business
Each time you visit our website, we may automatically collect information about web usage information (e.g. IP address) and information about your visit, to and from our website. We may ask you for information if you report a problem with our website.
The personal data described above may relate to any of the following categories of person-our customers and your clients, our prospective customers, and those who submit enquiries through our website, and our employees and staff.
When you visit our website, cookies will be used to collect information about you such as your Internet Protocol (IP) address which connects your computer or mobile device to the Internet, and information about your visit such as the pages you viewed or searched for, pages response times, download errors etc. We do this so that we can measure our website’s performance and make improvements in the future. Cookies are also used to enhance this website’s functionality and personalisation, which includes sharing data with third party organisations. You can control this by adjusting your cookies settings. We refer you to our Cookies Policy on our website for more information on this.
4. How we use your information
We may use your information for the following purposes:
- to respond to any query that you ask of us
- to manage our relationship with you or your business and its customers or clients which will include maintaining a database of information)
- to complete our contractual obligations to you, including, if relevant to you, as your employer
- where it is necessary for our legitimate interests and your interests and rights do not override it
- where we need to comply with a legal or regulatory obligation
- to send you relevant information on our services and events, that may be of interests to you using the contact details you have provided you have given us consent to do so and recognising that you can withdraw your consent to marketing activities at any time using the unsubscribe link on our marketing emails
- to help us ensure that our website is up to date and how to improve it
- to comply with any other professional, legal and regulatory obligations which apply to us or we have in place
as necessary to prevent illegal activity
5. Legal bases for processing your information
We will rely upon the following legal bases under Data Protection Legislation for processing your personal data:
- Performance of, or entering into a contract
- Compliance with a legal obligation to which we are subject
- Where we have a legitimate interest in doing so as a service provider (data controller)
- Where processing of special category data is necessary in the context of establishing, pursuing and defending legal claims
- In certain circumstances, where we have express consent to do so. Where we rely upon consent we will explain that it may be withdrawn at any time.
We will process your or your client’s data as a Data Processor.
6. Sharing your information
We may share your details with third parties instructed by us in accordance with your instructions to enable us to fulfil our contractual obligations to you and/or your clients in the course of your matter, or as part of your contract of employment. We will only share your personal data in accordance with Data Protection legislation.
We may disclose your information to third parties when (a) you specifically request this, or it is necessary to provide our services to you, for example disclosure to expert medical providers, (b) if we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation, or (c) we consider that other companies products or services may be of interest to you, e.g. for your rehabilitation.
7. Your information rights
Under the terms of Data Protection legislation, you have the following rights to access information held about you. This privacy notice fulfils our obligation to tell you about the ways in which we use you or your clients’ information as a result of you using our services.
You have the right to ask us for a copy of any personal data that we hold about you. This is known as a “Subject Access Request”. Except in exceptional circumstances (which we would discuss and agree with you in advance), you can obtain this information at no cost after 25th May 2018. We will send you a copy of the information within 30 days of your request.
To make Subject Access Request, please write to our Data Protection Officer, Rebecca Reid, Target Medical, Equinox House, Staveley Road, Stanley Industrial Estate, Skelmersdale, WN8 8DZ
You also have the right to:
- Request the correction of the personal data we hold about you if you consider that it is inaccurate
- Request the transfer of personal data to you or a third party
- Request the erasure of your personal data. However we may not be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable at the time of your request
- Request the restriction of processing of your personal data. This may be the case if you want to establish the data’s accuracy or where the use of personal data is unlawful but you do not want us to erase it
- Object to processing of your personal data where we relying on a legitimate interest and there is something about your particular situation that makes you want to object to processing on the grounds that you feel it impacts on your fundamental rights and freedoms.
Where you exercise your rights to request erasure, or request a restriction in processing, or object to processing we may still need to keep basic contact information about you if you are already are or will be a customer as we will need that for contractual purposes.
8. How long will we retain your personal data for?
We will only retain your personal data for as long as is reasonably necessary to fulfil the purpose we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period we consider the amount, nature and sensitivity of the personal data, the potential risk of harm of unauthorised use or disclosure of your personal data, the purpose for which we process your data and whether we can achieve these purposes through other means.
We will ensure that any third parties that we use to provide services in satisfaction of any contract between us will keep your data and that of your clients stored on their systems for as long as is necessary to provide the services to you and to comply with applicable legal requirements.
Following completion of any contract between us we may also need to retain your personal data for legal and regulatory purposes, including pursuing any outstanding invoices, or for HMRC audit purposes following payment of an invoice.
Target Medical will typically retain information for a period of 6 years from conclusion of our work. This is due to regulatory reasons, and/or limitation periods and/or complaints procedures, and to ensure our business records are adequate to maintain the requisite levels of insurance to protect our clients and non-clients.
9. Overseas transfers
None of the information that we collect process or store as a result of this website is transferred outside of the European Economic Area (EEA). This includes information that is exchanged with any third party organisation as described above.
10. Data privacy and security
At Target Medical, we maintain a comprehensive data management work programme, which includes processes for ensuring that data protection is a key consideration of all new and existing IT systems that hold personal data. Where any concerns, risks or issues are identified, we conduct relevant impact assessments in order to determine any actions that are necessary to ensure optimum privacy.
We also maintain an active information security work programme which seeks to protect the availability, confidentiality and integrity of all physical and information assets. Specifically, this helps us to:
- Protect against potential breaches of confidentiality;
- Ensure all IT facilities are protected against damage, loss or misuse;
- Increase awareness and understanding of the requirements of information security, and the responsibility of our colleagues to protect the confidentiality and integrity of the information that they handle; and
- Ensure the optimum security of this website