The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) replaces the Data Protection Regulation (Directive 95/46/EC) from 25 May 2018. The Regulation aims to harmonise data protection legislation across EU member states, enhancing privacy rights for individuals and providing a strict framework within which commercial organisations can legally operate. Even though the UK has expressed its intention to leave the EU in March 2019, the GDPR will be applicable in the UK from 25th May 2018.
Your new rights under the GDPR are set out in this notice but will only apply once the GDPR becomes law on 25th May 2018.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Who controls your personal data?
The Data Controller is Tamir Spiegel Ltd T/A Vision Vet, a company registered in the UK: Company Number 07073282.
Registered office: 139 Wilbraham Road, Fallowfield, Manchester, M14 7DS.
The Data Controller’s data protection representative is the Data Manager.
You can contact them at email@example.com.
What is personal data?
Personal data is data that can identify you as an individual. The personal data we collect or receive may include the following as applicable:
Telephone and mobile numbers
The information we use and where we get it from:
All the information we use will have been provided by you or your referral vet. Tamir Spiegel Ltd supplies a range of veterinary ophthalmology services and CPD courses/congresses.
We may obtain your personal data from the following sources:
You (e.g. via enquiry forms, orders or marketing subscriptions)
Conversations on the telephone or email
Our websites and software applications e.g. enquiry form or online chat service
Referral from your own veterinary surgeons
We collect the personal data from the following types of people to allow us to undertake our business:
- Prospective and existing customers
- Supplier contacts to support our services
- Employees and business consultants
You may have contacted us directly (e.g. purchasing a CPD course) or we may have your details from our research / information already in the public domain or from referral from your own veterinary surgery. We are able to process your data if we have a legal basis for doing so.
How we will use your personal data:
The processing of your personal information may include:
Collecting and storing your personal data
Notifying you of potential new products, services and offers
To market our products and services
For the purposes of backing up information on our computer systems
Processing and storing referral registration form, clinical history, emails and lab work.
Why we process your personal data and our legal justification for doing so:
There are five legal bases for processing data but we will rely on (1) that the processing is necessary for the performance of a business transaction with you, (2) compliance with legal obligations, (3) that we have a legitimate interest in processing your personal data or (4) consent to our processing of your data, and (5) processing referral form, clinical history, emails and lab work.
1. Entering into and performing a contract with you:
In order to provide our products and services, we may enter into a contract with you and/or a third party. In order to enter into a contract, we will need certain information, for example your name and address. A contract will also contain obligations on both your part and our part, and we shall process your data as is necessary for the purpose of those in order to process your order on your behalf.
2. Compliance with legal obligations (regulatory and statutory obligations):
We must comply with a number of statutory provisions when providing our products and services, which necessitate the processing of personal data, which amongst other things requires us to:
- Verify your business details
- Maintain records for specific periods
Where we engage in a contract with a business or person to supply our products or services, there are other statutory obligations that must be complied with including, tax, HMRC reporting requirements, and any other law or regulation.
We are also required to comply with statutory and regulatory obligations relating to business generally, for example complying with tax, bribery, fraud/crime prevention and data protection legislation, and co-operating with regulatory authorities such as HMRC or the Information Commissioner’s Office.
3. Our legitimate interests (carrying on the commercial activity of the provision of products and services):
In providing our products and services, we will carry out some processing of personal data which is necessary for the purpose of our legitimate interests, which include:
- Retaining records of our dealings and transactions and where applicable, use such records for the purposes of establishing compliance with contractual obligations with customers or suppliers
- Addressing any query or dispute that may arise including establishing, exercising or defending any legal claims
- Protecting our reputation
- Maintaining a backup of our system, solely for the purpose of being able to restore the system to a particular point in the event of a system failure or security breach
4. Consent to our processing of your data:
We may process your personal data on the basis that you have consented to us doing so for a specific purpose, for example, if you have purchased from us previously you may have consented to our processing of the data that has been provided for the purpose of informing you of new products, services or offers considering your suitability either by previous choice of products purchased or by business type. In other cases, you may have provided your written or verbal consent to the use of your data for a specific reason such as receiving marketing updates on some of our additional services.
5. Processing referral form, clinical history, emails, lab work and sending referral report to your own veterinary surgeons:
To provide a referral service we will be receiving clinical history, registration form, emails and lab work to allow Vision Vet to provide the best clinical work for your animals and we will inform your veterinary surgeon about our finding for continuation of clinical work with your own veterinary surgeons.
You may withdraw your consent to our processing of your personal information for a particular purpose at any stage. Withdrawal of consent will not have any effect on the lawfulness of any processing based on consent before its withdrawal.
Who we share personal data with:
2. Collier and Brock veterinary surgery:
153 Whitletts Road
If you do not wish to provide us with necessary data:
There may be circumstances where we require you to provide data which is necessary for us to meet statutory or contractual obligations or perform our services. If you do not wish to provide us with information, we request then please notify us. However, please be aware that as a result we may be unable to provide you, or the party you represent, with a service, and in some cases, this may result in a breach of the contract we have with you or a third party you represent.
Data Security and Confidentiality:
It is our policy to ensure, in so far as is reasonably practicable, that our systems and records are secure and not accessible to unauthorised third parties in line with contemporary practice.
Changes to this Privacy Notice:
This Privacy Notice is regularly reviewed and may be updated from time to time to reflect changes in our business, or legal or commercial practice.
- We take the protection of your personal data very seriously and it is important that you know your rights within that context, which include rights to:
- Request a copy of the personal data that we hold about you. If you would like to make a request for information, please contact firstname.lastname@example.org
- Object to our processing of your data where that processing is based upon legitimate interest and there are no compelling grounds for the continued processing of that data
- Request that we restrict processing of your data in certain circumstances
- Request that data is erased where the continued use of that data cannot be justified. Object to any decision, which significantly affects you, being taken solely by a computer or via another automated process
- Withdraw your consent to our processing of your personal data for a particular purpose at any stage.
- Request that direct marketing by us to you is stopped.
If you are dissatisfied about any aspect of the way in which your data is processed you may, in the first instance refer the matter to: email@example.com