PRIVACY NOTICE - CUSTOMERS, SUPPLIERS AND OTHER BUSINESS PARTNERS
This privacy notice describes how Compliance Xchange Limited ("Compliance Xchange", "we" or "us"), whose registered office is located at Hanson’s Bank, Spurgrove, Frieth, Henley-on-Thames, RG9 6PB United Kingdom, collect and process personal information about you, how we use and protect this information, and your rights in relation to this information.
This privacy notice applies to:
This privacy notice applies to current, past and prospective customers, suppliers and other business partners who are individuals, as well as employees and representatives of corporate customers, suppliers and other business partners.
For information on how we use your personal data to respond to enquiries please continue reading below.
Personal information is information, or a combination of pieces of information that could reasonably allow someone to be identified.
1. PERSONAL INFORMATION WE USE
We collect personal information from you directly (e.g. when you meet in person with one of our employees or associates) as well as from other sources as described below.
1.1 Personal information we collect directly from you
The categories of personal information that we collect directly from you are:
(a) personal details (e.g. name, title)
(b) contact details (e.g. business phone number, business email address, business address and any other contact details you provide us)
(c) professional details (e.g. place of work, professional title and specialism)
(d) enquiries and expressions of interest
(e) any other information you provide to us or one of our associates.
1.2 Information we collect about you from other sources
We may also collect information about you from public sources (including the websites of your employer or institution and social medial sites)
The categories of information that we collect about you from these other sources are:
(a) personal details (e.g. name, title)
(b) contact details (e.g. business phone number, business email address, business address)
(c) professional details (e.g. place of work, professional title and specialism)
(d) relevant professional history (e.g. CV, biography, publications, congress activities, education, associations with institutions, conflicts of interest information, experience in clinical trials).
1.3 Other information we use about you
Other information we use about you includes information generated by Compliance Xchange, including the history of our relationship with you such as previous communications with us, information about the interactions you have with us and our associates, details of previous services you have been provided with, or projects or activities on which you have worked with us, and details of your attendance at Compliance Xchange run congresses, training sessions, and other meetings.
We combine the information we collect from you directly with information collected from other sources and/or generated by us in our databases that record our relationship and interactions with you.
2. HOW WE USE YOUR PERSONAL INFORMATION AND THE BASIS ON WHICH WE USE IT
We use your personal information for the following purposes:
(a) to communicate with you with respect to past, current or prospective products or services;
(b) to identify opportunities, determine your suitability for and invite you to attend and participate at congresses, training and other meetings that may be relevant to you;
(c) for business planning and management including to manage our human and financial resources and to monitor compliance with anti-bribery legislation;
(d) to exercise our legal rights where it is necessary to do so, for example to detect, prevent and respond to fraud claims, intellectual property infringement claims or other legal claims
We must have a legal basis to process your personal information. In most cases the legal basis will be one of the following:
(a) to comply with our legal obligations and to cooperate with regulators and law enforcement bodies as described above
(b) for the performance of a contract that we have with you or to take steps to enter into such a contract at your request
(c) that you have actively consented to our use of your personal data for the purpose of sending you information about our services
(d) to meet our legitimate interests, in particular in relation to business management, to identify opportunities to work with you. When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms.
3. YOUR RIGHTS OVER YOUR PERSONAL INFORMATION
You have certain rights regarding your personal information, subject to certain exceptions in accordance with applicable law. These include the following rights to:
If you would like to discuss or exercise such rights, please contact us at the details below.
We encourage you to contact us to update or correct your information if it changes or if the personal information we hold about you is inaccurate.
We will contact you if we need additional information from you in order to honour your requests.
4. INFORMATION SHARING
We will share your personal information with third parties under the following circumstances:
5. INFORMATION SECURITY AND STORAGE
We implement technical and organisational measures to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the ongoing integrity and confidentiality of personal information. We evaluate these measures on a regular basis to ensure the security of the processing. We will keep your personal information for the duration of our relationship with you and/or as long as you work in a field relevant to our products and business activities. If you no longer have a relationship with us and no longer work in a relevant field, we will only retain your personal information for a period of time that enables us to:
We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.
6. CONTACT US
Compliance Xchange Limited is the controller responsible for the personal information we collect and process.
If you have questions or concerns regarding the way in which your personal information has been used, please contact us using the contact details below:
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to the data protection authority of the UK (the Information Commissioner's Office: https://ico.org.uk/) or your local data protection authority if you are based outside the UK.
7. CHANGES TO THE POLICY
You may request a copy of this privacy notice from us using the contact details set out above. We may modify or update this privacy notice from time to time. If we change this privacy notice, we will notify you of the changes by way of a banner on our Website. Where changes to this privacy notice will have a fundamental impact on the nature of the processing or otherwise have a substantial impact on you, we will give you advance notice so that you have the opportunity to exercise your rights (e.g. to object to the processing).
[REVISED NOVEMBER 2020]