Protecting the personal data of customers and visitors is very important to Duomed UK. Therefore, we make every effort to ensure data protection and to comply with the provisions of the General Data Protection Regulation (GDPR) whenever we process your personal data.
In more concrete terms, Duomed UK will always handle personal data for specific purposes in accordance with the law. We shall take the necessary steps to never request more personal data than is required for the purpose in question and furthermore not to retain such personal data for longer than is necessary. Finally, Duomed UK implements technical and organisational measures to ensure appropriate security for the protection of personal data.
2. Duomed UK
Duomed UK specialises in developing medical technology for hospitals:
- Duomed UK supports you with a specialised portfolio of medical products, software, services, and accessories in selected medical domains in an effort to find a comprehensive solution that is tailor-made to your requirements.
- Duomed UK helps you correctly install, maintain, and repair the equipment if so required. Solutions are integrated into your IT platform.
In this context, Duomed UK comes into contact with personal data belonging not only to our own employees and job applicants, but also those of customers. Duomed UK is responsible for this data and for handling it in a manner consistent with applicable legal requirements.
3. Personal data
According to legislation currently in force, personal data shall mean any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
We define the processing of personal data as any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of data.
Examples of personal data are the name, address, or email address, but also includes your IP address.
3.1 Which personal data do we process?
Duomed UK shall only process your identification information (first name, surname, telephone number, email address) in order to communicate via email, via the contact form on the website, or directly with one of our employees when we contact them by telephone. For job application purposes, we shall also process data about your education, training, and profession. We may also process your video recordings for camera security purposes.
3.2 Why do we process your personal data?
Duomed UK shall only use your personal data for communication in the context of a professional relationship.
3.2.1 Invoicing and administration
Duomed UK collects invoicing and administrative information to fulfil its administrative obligations, such as charging for services provided to the customer or maintaining our statutory accounting records. Duomed UK is required by law to retain such personal data for 7 years.
3.2.2 Recruitment and job applications
We collect data from people who apply to us, spontaneously or otherwise, in connection with recruitment. This can be done via the job section at www.duomed.com, or through LinkedIn messages, emails, or other clear actions in which an applicant indicates an interest in applying for a job.
Such personal data shall be deleted within 1 month after the application if the applicant is not recruited . If the person is hired, these data shall be included in the personnel files and shall be retained for up to five years after the termination of the employment contract. If the person is not hired, but has an interesting profile, said candidate shall be kept in the pool of pre-qualified candidates for one year provided the candidate has consented to the same.
3.2.3 Requests for information
The personal data that we collect via www.duomed.com or via email@example.com, firstname.lastname@example.org, email@example.com and firstname.lastname@example.org are used to answer your questions appropriately and accurately.
This information is entered into our customer system so that we can offer you even better service in the future.
In order to fully process your requests for information, we store your personal data for this activity as long as you are a customer of our company. If you are not a customer of Duomed UK, we shall delete this information six months after replying to your question.
3.2.4 In order to maintain contact with you
We believe it is very important to have good relationships and communication with all our customers. Therefore, we shall contact you to keep you informed of relevant offers/promotions and of innovation and novelties that you may find interesting.
For the processing of personal data under this activity, Duomed UK shall use its legitimate interest. If you receive this communication from us, you may at any time notify us that you no longer wish to receive it.
3.2.5 Camera security
Duomed UK has installed security cameras at specific locations for the protection of the physical safety of visitors and employees. These cameras do not always save the images, but in some cases only display the current image. Duomed UK collects this data on the basis of its legitimate interest in ensuring the everyone’s safety.
The image recordings are stored for a maximum of 30 days. As may logically be expected, cameras without storage will not store images.
3.3 Do we pass your personal data on to third parties?
Duomed UK shall not pass personal data on to other parties, which may use the same for their own purposes. Duomed UK is part of the Duomed Group ; your personal data may be shared with other members of the Duomed Group in order to ensure better service.
Duomed UK also uses a number of processors, which means that these parties are only permitted to process your data for the purposes specified by us. Under no circumstances shall they process your personal data for their own purposes.
Duomed UK shall take the necessary steps to process your personal data solely within the European Economic Area.
4. What rights do you have and how can you exercise them?
4.1 Access to your personal data.
You have the right to access all personal data concerning you that we process. You may also receive a copy of this data, which we shall send to you on paper or digitally. You can request this by sending an email to our DPO at email@example.com.
4.2 Rectification of your personal data.
You have the right to request that we rectify your personal data if they are incorrect or incomplete. You may also request that we temporarily stop using your personal data until they are rectified or completed. You can request this by sending an email to our DPO at firstname.lastname@example.org.
4.3 Withdrawing your consent.
You have the right to withdraw your consent at any time. You can request this by sending an email to our DPO at email@example.com.
4.4 Erasure of your personal data.
Attention: We are not obliged to erase your personal data if we are required or permitted to retain them on the grounds of a legal obligation.
4.5 Data portability of your personal data.
You have the right to receive your personal data in a universally readable format such as a text file or other digital file.
4.6 Objection to the processing of your personal data.
If you feel that we are not using your personal data in an appropriate manner, you may object to such processing operations, for example where such processing is carried out for purposes relating to newsletters, marketing, or other processing operations that are not required in the context of our professional relationship. You can request this by sending an email to our DPO at firstname.lastname@example.org.
4.7 Lodging a complaint with the supervisory authority
If you are not satisfied with the manner in which your personal data is processed, you may lodge a complaint with the competent data protection authority. This is the Data Protection Authority in the UK. For more information, please visit https://ico.org.uk/