Clinical Training Ltd. is committed to ensuring the ways in which we collect, store and process data is transparent.
We take your data seriously, and as such undertake a number of administrative and technical procedures to ensure your data remains secure.
With regard to the Data Protection Act 1998, and the General Data Protection Regulation (EU) 2016/679, Clinical Training Ltd. is the data controller.
By continuing to navigate this website or by submitting data via the forms you are agreeing to accept our terms as outlined in the policy below.
Under current legislation you have the following rights regarding your data:
- The right to be informed
- The right of access
- The rights of rectification, erasure, restriction of processing and objecting
- The right to data portability
- Rights in relation to automated decision making and profiling
With respect to these rights we have provided the following information:The right to be informed
Below is a summary of the data we collect:
|What data is collected||How it is collected||Legal basis||Retention period||Why we collect it||Who it may be shared with|
|IP Address, browser and operating system information||Automatically||Legitimate interests||3 months||Investigating activities in breach of the Computer Misuse Act (1990).||Law enforcement services and other 3rd parties for the purposes of investigation.|
|Anonymous website usage statistics and demographic information||Automatically||Legitimate interests||Determined by Google and potentially other 3rd party providers||To allow us to monitor and improve the features and services offered by the website.||Google and potentially other 3rd parties for the purposes of improving the website.|
|Personal data entered via the contact form(s)||Website form(s)||Consent||Until deletion request||To reply to your enquiry and provide subsequent assistance.||Data will never be shared without your prior consent.|
|Personal data entered via the newsletter signup form(s)||Website form(s)||Consent||Until removal request||To keep you up to date with relevant information about our products or services.||Data will never be shared without your prior consent.|
|Personal data entered via the registration form(s)||Website form(s)||Consent||Until removal request||To allow you to login to the website and access your account.||Data will never be shared without your prior consent.|
|Personal data entered via the purchasing form(s)||Website form(s)||Contractual, legitimate interests||In line with the laws for accounting records||To fulfil your order and for our accounting records. Card details are never stored locally, and are passed directly onto the payment provider.||3rd parties who are involved in the completion of the purchase, such as payment handlers and shipping companies. In addition data may be shared with 3rd parties for the purposes of accounts auditing.|
Sharing of information
In order to provide our services and complete our contractual obligations we may need to share your data with specific 3rd party organisations. These include contractors who are involved in the provision of this website and those involved in the fulfilment of orders. Where this sharing of data occurs we will ensure that the data will be communicated securely.
Where data may need to be shared to countries outside the European Union, we will ensure additional precautions are taken.
Transmission of information
Where sensitive data is transmitted between your browser and the web servers we will ensure adequate precautions are taken, for example encryption in transit where applicable.
Storage of information
We will endeavour to keep any information we store about you secure by taking necessary technical and administrative precautions including, but not limited to:
- Access control restrictions
- Malware scanning
- Encryption of sensitive information
Do not track
Please note that we do not alter the website's data collection practices when a 'Do Not Track' signal is passed from your browser.
3rd party links
Any subject access requests must be made in writing via email or to our registered business address. These requests will be dealt with in accordance of the General Data Protection Regulation (EU) 2016/679.
We will respond within one month of receiving the request.The rights of rectification, erasure, restriction of processing and objecting
Where there is a desire to exercise these rights, please make your request in writing via email or to our registered business address.
In some cases there may be relevant legal obligations which mean we are unable to comply, for example the deletion of financial records, but where this occurs we will provide clear and concise reasoning.The right to data portability
Where you require your data to be ported to another system, please make a data subject request as outlined in the 'Right of access' section above.
With this request we will provide all data we hold about you, however we may be unable to accommodate requests for data to be in a specific format. We will not pass this information directly to a 3rd party, but to you to provide to whichever 3rd party you wish to share it with.Rights in relation to automated decision making and profiling
Your information will not be used for automatic decision making, with the exception of the completion of financial transactions.
If you have any complaints regarding our handling of your data, please contact us in writing by email or to our registered business address. In addition you can lodge an official complaint with the Information Commissioner's office - https://www.ico.org.uk.
We may update this policy from time to time in order to reflect changes to our practices or for other operational, legal or regulatory reasons.
Date revised: 23/05/2018