Privacy
Policy

This Privacy Notice explains what happens with any personal data we gather from you in relation to:

• Your use of this website;
• Your use and/or licensing of our various software products (“Software“);
• Any customer service or other enquiries you submit to us.

We recognise our obligations under data protection legislation and we are committed to keeping your personal data safe and secure.

You should read this Privacy Notice so that you understand how we will handle your personal data.

Our aim is to only use and hold your personal data in ways that you would reasonably expect us to.

We reserve the right to amend this Privacy Notice from time to time. If we amend this Privacy Notice we will make you aware of this via updates posted on our website.

We are CareScribe Ltd, based at 33b Springmeadow Lane, Uppermill, Oldham, OL3 6HW, company registered number 11309937.
Our registration number with the Information Commissioner’s Office is ZA775354.

If you have any questions regarding this Privacy Notice or how we process your personal data please contact us using the details below:

Data Protection Representative
[email protected]

“Personal data” is any information about an individual from which that individual can be identified. It does not include data from which an individual cannot be identified, for example anonymised data.

The types of personal data we may collect, use, store and transfer in relation to you may consist of the following:

We may collect personal data about you from the following sources:

• Information you provide to us via our website;
• Information that is provided to us by your university, e.g. so that a user of our Software may access and use the Software;
• Information you provide when licensing or using our Software.

We use reasonable and up to date security methods to:

• Keep your data secure;
• Prevent unauthorised or unlawful access to your personal data;
• Prevent the accidental loss of or damage to your personal data.

All personal data you provide to us is stored on our secure servers and in secure filing systems.

We have in place policies, procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction including procedures to deal with a security breach.

We will ensure your personal data is only accessible by those who need to see it for their specific role.

We will only transfer your personal data to a third party if that third party agrees to comply with our procedures and policies or if they have put in place equivalent policies and procedures of their own.

We will usually only process your personal data where:

• The processing is necessary to comply with our legal obligations;
• The processing is necessary for the performance of a contract, e.g. a Software licence agreement;
• The processing is necessary for our legitimate interests or the legitimate interests of third parties;
• The processing is necessary for the exercise or defence of legal claims.

The table below provides examples of the various ways in which we may use your personal data and which of the legal reasons we rely on when processing your personal data.

We will keep the personal data we store about you accurate and up to date.

We will take every reasonable step to erase or rectify inaccurate data without delay.

Please tell us if your personal details change or if you become aware of any inaccuracies in the personal data we hold about you.

We will contact you if we become aware of any event which is likely to result in a change to your personal data.

You have the right to:

• Request access to any personal data we hold about you;
• Request for any inaccurate personal data which we hold about you to be rectified;
• Request to have your personal data erased;
• Request to have the processing of your personal data restricted (for example, if you think the personal data we hold about you is inaccurate you can ask us to stop processing it until we will either correct it or confirm it is accurate);
• Request the transfer of your personal data to another data controller;
• Object to certain types of processing, including processing based on legitimate interests, automated processing (which includes profiling) and processing for direct-marketing purposes; and
• Withdraw consent to the processing of your personal data (where the legal reason for the processing of your personal data was your consent).

If you wish to exercise any of the rights set out above, you must make the request in writing to our Data Protection Representative. Please note some of these rights are restricted in some circumstances.

We do not conduct automated decision making (including profiling) in connection with your personal data.

Our personnel who need to access your personal data will view it in order that we can provide our services to you.

All of our personnel have received data protection training and understand the need to keep your personal data confidential and to use it only for legitimate purposes.

In addition to our own personnel, other personnel from our service providers may process your personal data on our behalf (for example, third party hosting companies; external software developers who assist us to further develop the Software).

We may disclose your personal information to third parties:

• If we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
• If we or substantially all of our assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets; and
• If we are under a duty to disclose or share your personal data in order to comply with legal obligations or to protect the rights, property or safety of others.

If your personal data is provided to any third parties you are entitled to request details of the recipients of your personal data or the categories of recipients of your personal data.

We carry out due diligence on our service providers / other third parties and make sure we have a contract with them which satisfies the requirements of data protection legislation.

Apart from the situations referred to above, we will not disclose your personal data to a third party without your consent unless we are satisfied that they are legally entitled to access your personal data.

We will not transfer your personal data outside the UK/ EEA unless such transfer is compliant with data protection legislation.

This means that we cannot transfer any of your personal data outside the UK/ EEA unless:

• The UK ICO or EU Commission has decided that another country or international organisation ensures an adequate level of protection for your personal data;
• The transfer of your personal data is subject to appropriate safeguards, which may include binding corporate rules or standard data protection clauses adopted by the UK ICO or EU Commission; or
• An exception applies (including if you explicitly consent to the proposed transfer).

Our website uses cookies to distinguish you from other users of our website. These cookies sometimes process personal data. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website.

For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy which can be found at www.carescribe.io.

If you have any issues with our processing of your personal data and would like to make a complaint, you may contact us via our Data Protection Representative or the Information Commissioner’s Office on 0303 123 1113.

This Privacy Notice was last updated on 15.01.2021.