Welcome to the FrontlineBuddy privacy notice. 

This privacy notice provides information on how Medical Creatives Ltd, trading as FrontlineBuddy collects and processes your personal data when you visit our website. 

It is important that you read this privacy notice, which contains more detailed information about our data processing.

Important information and who we are:

When we mention "FrontlineBuddy", we are referring to Medical Creatives Limited, the company responsible for processing your data.  Medical Creatives Limited is the controller responsible for this website.

We have appointed a data privacy manager. If you have any questions about this privacy notice or our data protection practices please contact the data privacy manager, whose contact details are set out below.  By using this website and corresponding with us you are agreeing to be bound by the conditions in this notice.

 

CONTACT DETAILS

Our relevant contact details in the UK are:

Full name of legal entity: Medical Creatives Limited.

Data Privacy Manager

email: admin@frontlinebuddy.com 

Website address: https://www.frontlinebuddy.com 

Postal address: Medical Creatives Ltd, C/O Cube TA, Chalfont Station Road, Little Chalfont, Amersham, HP7 9PN                                                     

Privacy is important. We have measures in place to keep the personal data we hold safe and secure.

This policy will inform you as to what personal data we process in-order to fulfil our obligations to our clients and others, what we use personal data for, what our lawful basis is and most importantly your rights.

 

We collect and have access to information about:

▪       visitors to our website, via Web server logs and Google Analytics

▪       visitors to linked websites using Google Analytics

▪       contact made with us by our clients, suppliers and our broader network

▪       for some clients, we are directly contacted by their clients, suppliers and their broader network

▪       visitors and contact via our social media such as LinkedIn, Facebook and Twitter

▪       visitors and contact to the social media of some of our clients

▪       clients who we are providing training to who are either organisations or individuals

▪       clients and visitors who complete forms and questionnaires either as on-line forms, paper questionnaires or on-line polls 

▪       email contacts where we use encryption to protect email traffic. If your email service does not support encryption, you should be aware that any emails we send or receive may not be protected in transit. We also monitor emails sent to us, including file attachments, for viruses or malicious software

 

We use this information to:

▪       administer our relationship with our clients, providing requested services, and responding to enquiries

▪       carrying out our client requested instructions on their data, systems, employees, students and affiliates, which does at times include personal data and sensitive data

▪       meeting legal or other regulatory obligations imposed on us

▪       to register and process you as a valid user of our site and services

▪       to manage your relationship with us 

▪       to enable you to receive updates and other information which may be of interest to you.

▪       to improve our website, products/services, marketing or customer relationships. 

▪       to recommend products or services which may be of interest to you.

 

 

We process information relevant to the above reasons/purposes. This may include:

▪       personal and family details

▪       goods and services

▪       financial details

▪       employment and education details

▪       Special category data- sensitive data

 

We process personal information about:

▪       customers and clients

▪       suppliers

▪       advisers, consultants

▪       complainants, enquirers

▪       employees, students and organisational affiliates 

 

We may also collect, use, store and transfer different kinds of personal data about you, including one or more of the following:

 

·      identity data.

·      contact data. 

·      financial data.

·      transaction data.

·      technical data.

·      profile data.

·      usage data.

·      marketing and communications data.

·      Special category data - sensitive data:

Special categories of personal data are those revealing physical or mental health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or armed forces background.  It also covers data concerning a person’s sex life or sexual orientation; and it covers the processing of genetic data or biometric data for the purpose of uniquely identifying a person.  When we ask you to submit sensitive data we will ask you to consent to this specifically.  

Because of the open nature of communication and the multitude of data collation systems and points we have, we cannot be responsible for sensitive and/or identifiable data that you provide in circumstances where we have not explicitly asked for this information and have not specifically sought consent and/or put protection systems in place.  We will, however, aim to do our best to protect this data in accordance with the rest of this policy.  This also could include data manifestly made public by the data subject themselves.

 

Data security and sharing:

▪       We sometimes need to share the personal information we process with the individual themselves and also with other organisations.

▪       We continually consider our own data management and where appropriate update our records and processes to keep personal data we hold and manage, safe and secure. This includes reviewing those we work with, such as domain name registration companies, Website hosting companies (servers), programmers, designers, software and hardware providers, our accountant etc. All work to consider and protect private and other data.

▪       We do not sell or otherwise share data to anybody that is not directly required to deliver the services for which the data was provided.

▪       We secure the data we have using systems that have password layers, firewalls and security software.

 

Data retention:

▪       Where we have personal data, such as, but not limited to, that of individuals in the organisations we deal with, we assume (implied consent) acceptance of our need to hold this information for so long as we are dealing with these organisations. If we stop dealing with these organisations, we will only retain information required by statute, such as for our company tax returns.

 

Data breach:

▪       We fully understand that GDPR requires that we announce, to those effected breaches within 72 hours of discovering them.

▪       This would be to those affected, and the Information Commissioners Office (ICO).

▪       We would then follow procedures in accordance with the ICO’s guidance.

 

Your data choices:

▪       You’re entitled to request access to a copy of the personal data that we hold on you. If you would like to make a request for your information, please contact: admin@frontlinebuddy.com

▪       We may apply the GDPR right of a fee for second and subsequent requests from the same data subject.

▪       You are entitled to ask for any data we hold on you, to be deleted, but please take note that we are entitled to hold personal data where we have a sensible, legal and contractual reason, such as the ability to send out an invoice or complete our tax returns. This might mean that we do not delete all the data we hold.

 

If you have any questions about how we use the data we have and the data we have access to, please email admin@frontlinebuddy.com

 

This policy was last updated on the 24th October 2021