General Data Protection Regulation and Pharmacy Medical
General Data Protection Regulation or GDPR as we are sure you are by now aware is a regulation introduced by the European Union to strengthen the rights of it’s citizens and residents and serves to harmonise laws regarding the protection of data across the EU. The regulation makes it more transparent what information organisations hold on them, how that data is collected, what it is used for and how the collection can be modified or stopped.
Here at Pharmacy Medical we have, as required by the legislation put in place even more stringent controls and measures designed to further improve and reinforce the security of the limited amount of information collected.
Our company does not collect data to sell on to other parties. Any data we collect, and store is done so purely for contractual purposes because we need this information to be able to trade with.
For example: –
- Names and addresses.
These are required to identify an individual or company for us to record, perhaps a quotation, and invoice. These would also be required to know where an order is to be delivered and so we have a record should we need to contact them regarding the item they have purchased.
- Bank details
These may be required to enable us to pay a company or individual and we would store the following details only:
Bank, Sort code and account number.
- VAT and company registration number.
These again are stored for regulatory and accountancy reasons to allow us to verify a company with which we trade or have traded, is a registered company and is also vat registered.
- Email address(s).
Email addresses are stored to enable us to contact an individual or company to communicate with them regarding the transaction or about the product or service we provide (or have provided).
- Images and drawings.
Drawings supplied by customers are stored to facilitate the quotation for and subsequent manufacture of parts and products. From time to time images may also be kept which have been supplied to us to better understand a drawing.
Who we share information with.
We pass on customers information for a carrier to be able to contact the customer and deliver to them. This information will include: –
Their name and address for the actual delivery. Email address so the carrier can provide information regarding the delivery and a telephone number to contact the customer should it become necessary.
- Our accountant.
Aa a part of our legal requirement to provide accounts we employ an accountancy firm. For them to complete our accounts accurately and correctly we submit a record of our trading. These records will contain the trading details and individual details or all the companies and individuals with which we have traded.
- Government departments.
When required by Government and regulatory bodies to do so we provide the information so requested. Information regarding the companies and individuals with which we trade may be passed to these departments as necessary.
- Payment card details.
To take payments for our goods and services we use secure card processing companies (sage pay, pay pal, world pay). Our website incorporates a card detail capture which is secure and to which we have no access. We encourage customers to use our online payment method as this is a secure method and we do not have sight of their card details. However, should the customer prefer to give their card details over the telephone we input these details directly into the secure portal and do not hold a paper or electronic record ourselves.
Whilst we take all reasonable precautions to protect information we hold, we cannot be held responsible for information shared as outlined above once it has left our safekeeping.
Should you require knowledge or information about what we hold about you please contact us. We will alter or delete any information excluding that required for legal purposes.