PRIVACY NOTICE

PRIVACY NOTICE - CUSTOMERS, SUPPLIERS AND OTHER BUSINESS PARTNERS

This privacy notice describes how Compliance Xchange Limited ("Compliance Xchange", "we" or "us"), whose registered office is located at Hanson’s Bank, Spurgrove, Frieth, Henley-on-Thames, RG9 6PB United Kingdom, collect and process personal information about you, how we use and protect this information, and your rights in relation to this information.


This privacy notice applies to:

This privacy notice applies to current, past and prospective customers, suppliers and other business partners who are individuals, as well as employees and representatives of corporate customers, suppliers and other business partners.

For information on how we use your personal data to respond to enquiries please continue reading below.

Personal information is information, or a combination of pieces of information that could reasonably allow someone to be identified.

 

1. PERSONAL INFORMATION WE USE

We collect personal information from you directly (e.g. when you meet in person with one of our employees or associates) as well as from other sources as described below.

1.1 Personal information we collect directly from you

The categories of personal information that we collect directly from you are:

(a) personal details (e.g. name, title)

(b) contact details (e.g. business phone number, business email address, business address and any other contact details you provide us)

(c) professional details (e.g. place of work, professional title and specialism)

(d) enquiries and expressions of interest

(e) any other information you provide to us or one of our associates.

1.2 Information we collect about you from other sources

We may also collect information about you from public sources (including the websites of your employer or institution and social medial sites)

The categories of information that we collect about you from these other sources are:

(a) personal details (e.g. name, title)

(b) contact details (e.g. business phone number, business email address, business address)

(c) professional details (e.g. place of work, professional title and specialism)

(d) relevant professional history (e.g. CV, biography, publications, congress activities, education, associations with institutions, conflicts of interest information, experience in clinical trials).

1.3 Other information we use about you

Other information we use about you includes information generated by Compliance Xchange, including the history of our relationship with you such as previous communications with us, information about the interactions you have with us and our associates, details of previous services you have been provided with, or projects or activities on which you have worked with us, and details of your attendance at Compliance Xchange run congresses, training sessions, and other meetings.

We combine the information we collect from you directly with information collected from other sources and/or generated by us in our databases that record our relationship and interactions with you.


2. HOW WE USE YOUR PERSONAL INFORMATION AND THE BASIS ON WHICH WE USE IT

We use your personal information for the following purposes:

(a) to communicate with you with respect to past, current or prospective products or services;

(b) to identify opportunities, determine your suitability for and invite you to attend and participate at congresses, training and other meetings that may be relevant to you;

(c) for business planning and management including to manage our human and financial resources and to monitor compliance with anti-bribery legislation;

(d) to exercise our legal rights where it is necessary to do so, for example to detect, prevent and respond to fraud claims, intellectual property infringement claims or other legal claims

We must have a legal basis to process your personal information. In most cases the legal basis will be one of the following:

(a) to comply with our legal obligations and to cooperate with regulators and law enforcement bodies as described above

(b) for the performance of a contract that we have with you or to take steps to enter into such a contract at your request

(c) that you have actively consented to our use of your personal data for the purpose of sending you information about our services

(d) to meet our legitimate interests, in particular in relation to business management, to identify opportunities to work with you. When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms.


3. YOUR RIGHTS OVER YOUR PERSONAL INFORMATION

You have certain rights regarding your personal information, subject to certain exceptions in accordance with applicable law. These include the following rights to:

  • access your personal information. There may be some exceptions, which means you may not always receive all the information we process about you;
  • rectify any inaccurate information we hold about you;
  • erase your personal information except in certain circumstances for example if it is necessary for us to process your personal information to comply with a legal obligation (as described in section 2 above) or for the establishment, exercise or defence of a legal claim;
  • restrict our use of your personal information in certain circumstances;
  • object to our use of your personal information in certain circumstances where we use your personal for our legitimate interests (as described in section 2 above); and
  • lodge a complaint with your local data protection authority (the Information Commissioner's Office in the UK: https://ico.org.uk/).

If you would like to discuss or exercise such rights, please contact us at the details below.

We encourage you to contact us to update or correct your information if it changes or if the personal information we hold about you is inaccurate.

We will contact you if we need additional information from you in order to honour your requests.


4. INFORMATION SHARING

We will share your personal information with third parties under the following circumstances:

  • Law enforcement agencies, courts, regulators (including appropriate medicines regulatory authorities in the European Union), government authorities or other third parties. We will share your personal information with these parties only in order to comply with a legal or regulatory obligation, or to support a legal or criminal investigation or otherwise to protect our rights or the rights of any third party.


5. INFORMATION SECURITY AND STORAGE

We implement technical and organisational measures to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the ongoing integrity and confidentiality of personal information. We evaluate these measures on a regular basis to ensure the security of the processing. We will keep your personal information for the duration of our relationship with you and/or as long as you work in a field relevant to our products and business activities. If you no longer have a relationship with us and no longer work in a relevant field, we will only retain your personal information for a period of time that enables us to:

  • Maintain records for business management and planning;
  • Maintain records to evidence our compliance with our legal obligations described in section 2 above;
  • Comply with record retention requirements under the law;
  • Defend or bring any existing or potential legal claims; and/or
  • Deal with any complaints from you regarding our products or services.

We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.


6. CONTACT US

Compliance Xchange Limited is the controller responsible for the personal information we collect and process.

If you have questions or concerns regarding the way in which your personal information has been used, please contact us using the contact details below:

  • Email: info@compliance-xchange.com
  • Telephone: +44(0)7866 264357
  • Post: Privacy Officer, Compliance Xchange Limited, 99A Aylesbury Road, Bierton, Aylesbury, HP22 5BT United Kingdom

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to the data protection authority of the UK (the Information Commissioner's Office: https://ico.org.uk/) or your local data protection authority if you are based outside the UK.


7. CHANGES TO THE POLICY

You may request a copy of this privacy notice from us using the contact details set out above. We may modify or update this privacy notice from time to time. If we change this privacy notice, we will notify you of the changes by way of a banner on our Website. Where changes to this privacy notice will have a fundamental impact on the nature of the processing or otherwise have a substantial impact on you, we will give you advance notice so that you have the opportunity to exercise your rights (e.g. to object to the processing).

 

[REVISED NOVEMBER 2020]

Share by: