Posted on - 29th August 2022
Mistry Medical Supplies Ltd (“We”) are committed to protecting and respecting your privacy in line with the General Data Protection Regulation “GDPR” for citizens in the EU, EEA and Switzerland.
In compliance with GDPR, we will handle your Personal Data and Sensitive Data with, which means that your data will be:
- Used lawfully, fairly and in a transparent way
- Collected only for valid purposes as explained to you in this policy
- Relevant to the purposes we have communicated to you, and limited only to those purposes
- Accurate and kept up to date
- Kept only as long as necessary for the purposes described in this policy
- Held securely
This website is not intended for use by children and we do not knowingly collect data relating to children.
Important Information and Who We Are
This policy (together with our Terms and Conditions, and any other documents referred to within), sets out the basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand how we process your Personal Data. By visiting our website www.mistrymedical.com, you are accepting and consenting to the practices described in this policy.
For the purpose of the GDPR, the data controller is Mistry Medical Supplies Ltd of Unit 2 Valley Court, Sanderson Way, Middlewich, Cheshire CW10 0GF.
Mistry Medical Supplies has appointed a person responsible for data protection. You can write to them at the following address, or in the office directly by calling 01606 838240 and asking to speak to a manager about data protection.
Data Protection Officer
Mistry Medical Supplies
Unit 2 Valley Court
How do we collect Personal Data?
We use different methods to collect the data that you provide to us.
This may be directly when you:
- Purchase products or services from us
- Speak to us in person, or over the telephone
- Correspond with us by post, phone, fax, email or otherwise
- Create an account with us on our website
- Fill in and submit forms on various pages on our website such as the contact us form
Through automated technologies and interactions via our website. As you use our website, we may automatically collect data about your equipment, browsing actions and patterns.
What is Personal Data?
Personal Data is information that can identify you either directly or indirectly. This typically comprises information such as your name, address, email address, telephone number, but can also include other information such as an IP address.
Information about health such as prescriptions, are special categories of Personal Data that require additional safeguarding measures.
What Types of Personal Data do we collect from you?
Retail and Private Customers
We collect basic contact details you give such as:
Your Title (eg. Mr, Mrs etc), full name, billing and delivery address, contact phone number and email address, payment information (bank or credit card details), which are the minimum requirements to enable us to process your order and communicate with you about your order. This is the case whether you placed it via our website, by telephone, fax, email, post or in person.
In rare circumstances, to enable you to purchase certain items of medical equipment, a copy of a doctor’s prescription, or written authorisation may be required for the sale to take place.
Trade Account Customers
When you apply for an account with us (either through our website or offline), we may collect the following Personal Data from you: Your Title, (eg Dr, Mrs, Mrs etc), full name, invoicing and delivery address, business telephone number, fax number, mobile telephone number, payment processing information (credit card details), and any further information you provide us which is required to fulfil the orders you place with us.
Where access to restricted products is required such as prescription only medicines and certain medical devices, then additional Personal Data will be required in order to open an account with us and be able purchase these items from us. This may include the following relevant information:
Professional registration numbers and bodies you are registered with, trade references, signature, registration certificates with professional and regulatory bodies such as the GMC, GDC, GPhC, RCVS or similar bodies, licenses to practice, written authorisations, requisition forms, prescribers code.
The need to process such information is a legal requirement under the Human Medicines Regulations and the European Commission Guidelines on Good Distribution Practice of Medicinal Products for Human Use (2013/C 343/01
How do we Process your Personal Data?
We will never sell your personal data.
As a customer, we use your data to:
Contact you in response to enquiries such as requests for quotations, product information etc.
Process the orders you place with us and communicate with about the order already placed if necessary such as if further information is required.
Contact you in the event of product recalls and safety alerts.
We sometimes need to share the Personal Data we process with other organisations. Where this is necessary, we comply with all aspects of the GDPR. The following examples are the types of organisations we may share your data with:
- Courier companies to enable delivery of goods to your premises
- Suppliers of some products which are made to order and delivered directly from them eg furniture.
- Government bodies and regulatory authorities such as HMRC (Her Majesty’s Revenue and Customs) or the MHRA (Medicines and Healthcare Products Regulatory Agency
- Financial organisations such as Auditors and Accountants
- The Police
We DO NOT share your information with advertising and marketing companies or similar organisations.
Rights and Access to Information
Under the GDPR you have the following rights:
To be informed about whether or not we process your Personal Data, and if so, then how we process that data.
The right to access the information we hold about you.
Rectification of your data. If you believe the data we hold on you is incorrect, then you have the right to ask us to correct this information.
Erasure of Personal Data. You have the right to ask us to erase the data we hold about you.
To restrict processing. Under certain circumstances, you may limit use of your personal data.
The right to data portability. You have the right to obtain the data we hold about you for your own purposes in machine readable format.
The right to object. You have the right to prevent your data being used in certain circumstances, for example in direct marketing.
Rights in relation to automated decision making and profiling. We do not make use of such technology.
Should exercise any of the above rights, we will respond as soon as possible within one month.
In some circumstances, our legal obligations may override your rights under data protection laws. For example, the processing of data required under the Human Medicines Regulations or European Commission Guidelines on Good Distribution Practice of Medicinal Products for Human Use (2013/C 343/01).
For more information on your rights under GDPR, visit the Information Commissioner’s Website.
Electronic data is stored securely on servers located in our office, with our website provider WNW Digital and a secure Microsoft cloud server located in Northern Europe.
Unfortunately, the transmission of information via the internet to any website is not completely secure. Although we will do our best to protect your Personal Data, we, like any other website, cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Our site may contain links to and from the websites of manufacturers, services providers, government bodies and other organisations. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
We may gather information about your general internet use by using a cookie file that is downloaded to your computer.
Such information will not identify you personally it is statistical data about our visitors and their use of our site. This statistical data does not identify any personal details whatsoever. It is used by use to analyse how visitors interact with the Website so that we can continue to develop this website and make it a better experience for our visitors.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer as cookies contain information that is transferred to your computer's hard drive. They help us to improve our website and the service that we provide to you.
We use the following cookies:
Necessary cookies: These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.
Cookies will usually increase the usability and your experience of this website, however if you wish to browse our site without using cookies, most internet browsers will give you the option to refuse to accept the cookies.
Although the browser settings are dependent on the browser that you are using on your device, you can generally choose to customise your setting under the Tools menu.
You can also opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings.
In addition, you can use the Google Analytics Opt-Out Browser Add-on to disable tracking by Google Analytics.