Medintel LTD Privacy Policy
Last Updated: 11 September 2023
1. Introduction
At Medintel LTD, we prioritize your privacy and are committed to ensuring compliance with global data protection standards, including GDPR, the Sunshine Act, and Loi Bertrand. This Research Privacy Policy provides clarity about the personal data we collect, the reasons behind its collection, and the methods of its use.
If you are a resident of California, please refer to our California Privacy Policy for information about your specific rights under the California Consumer Privacy Act (CCPA).
2. About Medintel LTD
Medintel LTD specializes in market research and insights within the healthcare space. We operate various divisions, including but not limited to Mr Doctor, Mr Patient Network, and Medintel Creative. We operate globally, and as such, our privacy policy aims to cover regulations in the geographies where we are active.
3. Data Collection
Identity Data: This includes your name, title, date of birth, and gender.
Contact Data: Information such as email address, postal address, and phone numbers.
Professional Data: Details about your occupation, areas of expertise, and affiliations.
Technical Data: IP addresses, browser types, and other technology-related information.
Survey Data: Responses and feedback provided during research activities.
Usage Data: Information about how you use our website and services.
Health Data: Specific health-related information, especially relevant for certain research projects.
4. Legal Framework and Compliance
We adhere to various international regulations:
GDPR: Ensuring data protection and privacy for individuals within the European Union.
Sunshine Act: Providing transparency in financial relationships between health care providers and pharmaceutical manufacturers.
Loi Bertrand: A French regulation that mandates transparency in the relationships between health professionals and the health industry.
ICO Registration
Medintel LTD is registered with the Information Commissioner's Office (ICO) in the UK, ensuring compliance with the UK's data protection regulations.
Our ICO registration number is ZB567996. If you have any concerns about our data practices that we cannot address, you have the right to report them to the ICO.
5. Purpose and Legal Basis for Processing
Your data is invaluable to us for several reasons:
Research Enhancement: Your insights drive our research capabilities, helping us refine our methodologies.
Communication: We keep you updated about our services, research findings, and other relevant information.
Compensation Processing: For those involved in our research, we ensure timely and accurate compensation.
6. Data Usage and Sharing
Your data is a cornerstone of our research framework. We pledge never to sell personal contact details. When data is sold, it's in the form of aggregated and analyzed survey results, devoid of personal identifiers. Data sharing might occur with:
Medintel LTD Affiliates: Entities within our corporate family may access the data for collaborative research and analysis.
Service Providers: Third-party entities assisting in our operations, like data analytics or customer service, might process your data, but always under our directives and the confines of strict confidentiality.
Legal Entities: In rare instances, when mandated by law or for the protection of public interest, we might disclose data to legal or governmental bodies.
7. Data Storage, Protection, and International Transfers
Your data is securely stored on state-of-the-art servers located within the EU. We've implemented stringent security protocols to safeguard against unauthorized access, alterations, or data breaches. Given our global operations, data might traverse international borders, but always within the framework of legal protections and standards.
8. User Rights
Every user has a spectrum of rights concerning their data:
Access: You can request a detailed report of all personal data we hold about you.
Rectification: If you find discrepancies in your data, you can ask for corrections.
Deletion: Under certain conditions, you can request the complete erasure of your data from our systems.
Restriction & Objection: You can limit or object to specific data processing activities.
Portability: You can ask for a transferable copy of your data for use with other service providers.
9. Data Retention
We retain your data only for durations essential to our research purposes, typically not exceeding 10 years post our last interaction. However, this period might vary based on the nature of the data and its relevance to ongoing or potential research projects.
10. Changes to the Privacy Policy
As the digital landscape evolves, so might our privacy policy. We encourage users to periodically review our policy for updates. Significant changes will be prominently communicated on our platforms.
11. Use of Cookies
Cookies are small data packets that enhance website functionality and user experience. Our platforms utilize cookies to remember user preferences, track website interactions, and deliver personalized content. For an in-depth understanding of how we use cookies, please refer to our dedicated Cookie Policy.
12. Contact Us
Should you have questions about this policy or Medintel LTD's information collection, use, and disclosure practices, or if you wish to request the deletion of your data, please contact our Data Protection Officer at dpo@medintelgroup.com.
This PRIVACY NOTICE FOR CALIFORNIA RESIDENTS supplements the information contained in the Privacy Policy of Medintel Ltd (collectively, “we,” “us,” or “our”) and applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”). In the event of a conflict between this Privacy Statement and the Privacy Policy, this Privacy Statement shall control with respect to the personal information of California residents.
1. Information We Collect
We have collected the following categories of personal information from consumers within the last twelve (12) months:
| Type | Description | YES/NO |
|---|---|---|
| A. Identifiers | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. |
YES |
| B. Personal information categories |
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. |
YES |
| C. Protected classification characteristics |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information. |
YES |
| D. Commercial information |
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
NO |
| E. Biometric information |
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. |
NO |
| F. Internet or other similar network activity |
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. |
YES |
| G. Geolocation data |
Physical location or movements. |
NO |
| H. Sensory data |
Audio, electronic, visual, thermal, olfactory, or similar information. |
YES |
| I. Professional or employment information |
Current or past job history or performance evaluations. |
NO |
| J. Non-public education information |
Education records directly related to a student maintained by an educational institution or party acting on its behalf. |
NO |
| K. Inferences drawn from other personal information |
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
NO |
Note: Certain information that we collect identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, except for publicly available information, deidentified or aggregated consumer information and information excluded from CCPA scope (such as health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data) (“personal information”).
2. Categories of Sources
We obtain the categories of personal information listed above,
Directly from you – for example, from your registration, your personal account information, documents you send to us and your participation in market research studies.
Indirectly from you – for example, through your interactions with our website and social platform (see our cookie policy) or
Information from third parties that interact with us in connection with our Services – for example, third party sources used to verify and validate your registration information
3. Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following business purposes:
To fulfil or meet the reason for which the information is provided.
To provide you with information, products or services that you request from us.
To provide you with email alerts, survey invitations and other notices concerning our services, events or news, that may be of interest to you. These communications may be conveyed through a variety of channels, subject to applicable law, including emails and may contain advertisements and other promotional materials from third party sponsors.
To provide our partners with engagement effectiveness metrics and minimal personal data for performance assessment purposes.
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including incentives payment for your participation in marketing research studies.
To improve our website and present its contents to you.
For testing, research, analysis and product development.
As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
As described to you when collecting your personal information or as otherwise set forth in the CCPA.
To evaluate or conduct a business combination, such as a merger or sale.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice
4. Sharing Personal Information
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
Category A: Identifiers
Category B: Personal information categories
Category C: Protected classification characteristics
Category F: Internet or other similar network activity
Category H: Sensory data
Please note: We do not share names or specific identifiers with third parties unless it's a regulatory requirement, such as compliance with regulations like the Sunshine Act.
We disclose your personal information for a business purpose to the following categories of third parties, as more comprehensively detailed in our Privacy Policy:
Our partners, including certain health care companies with which we have a relationship;
Service providers; and
Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.
5. Sale of Information
Medintel LTD does not engage in the sale of Personal Information.
6. Your Rights and Choices
Access to Specific Information and Data Portability Rights.
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
The categories of personal information we collected about you.
The categories of sources for the personal information we collected about you.
Our business or commercial purpose for collecting or selling that personal information.
The categories of third parties with whom we share that personal information.
The specific pieces of personal information we collected about you in a readable format (also called data portability request).
If we sold or disclosed your personal information for a business purpose, two separate lists disclosing specifics on: (a) sales, identifying the personal information categories that each category of recipient purchased; and (b) disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Deletion Request Rights.
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service providers to:
Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act.
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights.
To exercise the access, data portability, and deletion rights described above, please submit a request to us by emailing us at: dpo@medintelgroup.com.
The verifiable consumer request must:
Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period.
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format.
We endeavor to respond to a verifiable consumer request within 28 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable.
We do generally do not charge a fee to respond to your verifiable consumer request. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.