LAST UPDATED: 12-Nov-2021
Here at Trudell we are committed to protecting the security and privacy of your Personal Information and ensuring that we conduct our business in compliance with laws on privacy, data protection and data security.
This Policy applies only to information we collect, process and use through our websites, including any other website maintained and controlled by us, emails we send, or other communication means as identified in this Policy (collectively the “Site”).
- what Personal Information we collect about you;
- how we use your Personal Information;
- on what basis we use your Personal Information;
- how long we keep your Personal Information;
- how we share your Personal Information with others and transferring it internationally;
- how we protect your Personal Information;
- what your rights are regarding your Personal Information; and
- what to do if you object to the processing of your Personal Information.
How We Use Information
Data privacy laws govern how a company may collect and use your Personal Information. Consistent with applicable data privacy laws, we use your Personal Information for the following purposes and on the following lawful bases:
- necessary for the performance of a contract to which you are a party: We may need to process your Personal Information for the purpose of fulfilling a contract with you or to provide a product or service you requested, including to set up, administer and manage your account with us.
- legitimate interests: We use your Personal Information to: (i) deliver, monitor the performance of and develop our products and services(our legitimate interests in running our business); (ii) provide information about our products, services, transactions, and advertisements that may be of interest to you (our legitimate interests in furthering our business and/or your legitimate interests in learning more about our products and services and respiratory health); and (iii) make our communications with you more relevant and personalized to you (our legitimate interests in furthering our business and/or your legitimate interests in receiving time and appropriate communications from us); (iv) applications for credit (our legitimate interests in furthering our business and/or your legitimate interests in receiving credit from us).
- to comply with our legal obligations and/or assert, protect or defend our legal rights: We may tend to use your Personal Information (which may include sharing it with our advisors, regulators and other enforcement bodies and/or the courts): (i) comply with laws, regulations, court orders, or other legal process; (ii) establish, exercise or defend legal claims; (iii) detect, prevent and respond to fraud, intellectual property infringement, violation of our contracts or agreements, violations of law, or misuse of our Site, products or services; and/or (iv); comply with our obligations to retain certain business records and other information for minimum retention periods.
- because you have given your consent: There are times when we or the person providing us with your Personal Information may need to obtain your consent to allow us to use your Personal Information for one or more of the purposes set out above.
Information We Collect
We collect your information when you register with us and/or create an account with us, when you subscribe to newsletters, order products, or provide us with other information actively, we collect that information for processing and use in accordance with this Policy. Depending on how you use our Site, the Personal Information we collect from you may vary.
The following are the types of Personal Information we may obtain from you about you, and we may in turn provide such information that you give us to third-party service providers:
- contact information (name, company name, job title, phone and fax number, email and address);
- information used to create an online account (username, password, security question and answer);
- biographical and/or demographic information (such as date of birth, age, gender, marital status, dependent, spousal or other family information), except for sensitive data as that term is defined by the GDPR (specifically, we will not collect data relating to your racial or ethnic origin, political opinions, religious or trade union membership, genetic data, biometric data, health data, or data concerning your sex life or sexual orientation);
- financial information (payment information, including name, billing address and payment card details (i.e. card number, expiration date and security code);
- purchase and customer service history;
- location data (IP address, country and zip/postal code) and the location of your mobile device;
- information that is obtained when you interact with any of our social media posts through Facebook, Google+, or another networking site (each a “Social Networking Site”) (such as public profile information, birthdate, current city of work, employer, school, email address);
- Personal Information contained in any content you submit to us through our “Contact Us” link.
If you use our Site to make an online purchase, your name and address and credit card information is sent directly to third-party service providers we use to manage order fulfillment and credit card processing. The service providers are not permitted to use the information you provide except for the sole purpose of order fulfillment or credit card processing on our behalf.
If you contact us, we will use your Personal Information to verify your identity and to answer your inquiries.
Information Automatically Collected from Your Device
- device and browser Information: We may collect information about your computer and/or device, including device type, IP address, device identifier, and operating system. We collect this information by using cookies or similar technologies.
- location data: If you have enabled access to your location on your mobile device, we may collect location information, including precise and imprecise location derived from your IP address.
- information and statistics on site usage: We may collect technical data about your use of our Site and how you interact with digital advertisements and promotions, including content viewed or downloaded, time spent on pages, links clicked, promotional emails opened, features used, and dates, times and durations of interactions. We collect this information using cookies and similar technologies, including technologies provided by third parties.
This information is automatically transmitted to us in order to provide you with the service and related features, to enhance the functionality, and features of the Site and to prevent and eliminate misuse and malfunction.
Third Parties That Provide Us with Your Personal Information
As set out above, we may receive your Personal Information from third parties, including:
- consistent with our ability to provide services, we use service providers all over the world, including providers of web servers, cloud storage systems, customer relationship management services, email services, content management services to help us deliver our products and services; and
- affiliates (namely an entity that directly or indirectly controls, is controlled by, or is under common control with Trudell).
How We Share Information
In addition to sharing your information with Trudell affiliates, where appropriate to provide the services, we may disclose your Personal Information to third parties as follows:
- consistent with our ability to provide services, we use affiliated and unaffiliated service providers all over the world, including web servers, cloud storage systems, customer relationship management services, email services, content management services, to help us deliver our products and services.
- in any reorganization or sale of our company or assets, your data may be transferred, subject to the acquirer and its affiliates accepting the commitments made in this Policy and compliance with applicable law;
- as otherwise specifically described in this Policy or permitted by applicable law; and
- In all other circumstances, only with your consent.
How Long We Keep Your Personal Information
We keep your Personal Information only so long as we need it to provide the Site and its services and for the purposes described in this Policy. Retention periods can vary based on the type of information and how it is used. Our retention periods are based on criteria that include legally mandated retention periods, pending or potential litigation, our intellectual property or ownership rights, contract requirements, operational directives or needs, and historical archiving. When we no longer need to use your Personal Information and there is no need for us to keep it to comply with our legal or regulatory obligations, resolution of disputes and enforce our agreements, we’ll remove it from our systems.
Privacy of Minors
We do not knowingly collect information from individuals under the age of 18. To access or use the Site, you must be at least 18 years of age otherwise you may not use the Site. If you have reason to believe that a child under the age of 18 has provided us with Personal Information without parental consent, please contact us. If we become aware that a child has provided us with Personal Information without parental consent, we will remove such information.
Regardless of where you access the Site, the information collected as part of that may be transferred to and maintained on servers location in Canada, the United States, the United Kingdom or the European Economic Area (EEA) for the purposes described in this Policy. The privacy protections and the rights of authorities to access your information in these countries may not be the same as in your home country.
Where necessary, appropriate safeguards are implemented for transfers of data, including standard contractual clauses approved by the European Commission which can be found at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_en.
After the decision of the European Court of Justice in the Schrems II case, in which the Court found that the US/EU Privacy Shield does not afford sufficient protection for personal data when transferred to the United States, we have been monitoring the instances in which personal data is transferred from the EEA or the UK to the United States to establish whether any such transfer presents a significant risk to your rights and freedoms even when done under the relevant standard contractual clauses. If it does, we commit to making necessary changes.
For the time being, no additional safeguards have to be implemented for transfers between the EEA and the UK. No transfer restrictions apply for transfers from the UK to the EEA, and no transfer restrictions for transfers from the EEA to the UK will apply until 30 June 2021 or until an adequacy decision is adopted for the UK. We are keeping track of developments and will be implementing any safeguards for such transfers, if any become necessary. However, a draft adequacy decision for the UK has already been published.
Your Rights Regarding Your Personal Information
- Right to Be Informed: You have the right to ask us whether we process your Personal Information and if we do, you have the right to request access to your Personal Information that we process, together with the following information: (i) the purposes of the processing; (ii) the categories of Personal Information we process; (iii) the recipients of your Personal Information; (iv) the anticipated retention period of your data where possible, or the criteria used to determine the retention period; (v) your right to request rectification or erasure of your Personal Information, or restriction of the processing of such data; (vi) your right to file a complaint with a supervisory authority; and (vii) whether we use your Personal Information to make automated decisions that have legal or other similar effects on you.
- Right to Rectification: You have the right to request correction of your Personal Information if such information is inaccurate. If wish to access, correct, update or request deletion of your Personal Information, you can do so at any time by contacting us using the contact details provided under the “How to Contact Us” section.
- Right to Erasure: You have the right to request deletion of your Personal Information if (i) the Personal Information is no longer necessary for the purpose of which it was originally collected or processed; (ii) if we process your information on the basis of consent, and you withdraw your consent; (iii) if we process your Personal Information for our legitimate business interest, you object to the processing of your Personal Information, and there is no overriding legitimate interest to continue this processing; (iv) if we have processed your Personal Information unlawfully; (v) the Personal Information must be erased to comply with a legal obligation.
We are not required to erase your Personal Information to the extent that we need to process it: (i) to exercise the right of freedom of expression and information; (ii) to comply with a legal obligation; (iii) for the performance of a task carried out in the public interest or in the exercise of official authority; or (iv) for the establishment, exercise of defense of legal claims.
- Right to Restrict Processing: You have the right to request that we restrict the processing of your Personal Information in the following circumstances: (i) when you contest the accuracy of your Personal Information, for the period of time we need to verify the accuracy of your Personal Information; (ii) when the Personal Information has been unlawfully processed and you oppose the erasure of it, but instead request that we restrict the use of the Personal Information; (iii) when we no longer need the Personal Information, but you need us to keep it in order to establish, exercise or defend a legal claim; or (iv) if you object to the processing of your Personal Information for our legitimate business interests, for the period of time we need to verify whether our legitimate grounds override yours interests.
- Right to Data Portability: You have the right to receive Personal Information you provided to us when: (i) the processing of the Personal Information is based on your consent or is necessary for the performance of a contract between you and us; and (ii) the processing of your Personal Information is carried out by automated means.
- Right to Object: You have the right to object to the processing of your Personal Information if it is for direct marketing purposes or to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing materials (such as postal marketing or telemarketing), you may by contacting us using the details provided under the “How to Contact Us” section.
- Right to Withdraw Consent: You have the right to withdraw consent if the lawful basis we rely on to process your Personal Information is your consent. If you would like to revoke your consent, contact us using the details provided under the “How to Contact Us” section.
- Right to File Complaint with Local Data Protection Authority: We will use our best efforts to address and settle any requests or complaints brought to our attention – in the UK, this is the Information Commissioner’s Office (https://ico.org.uk). In addition, you have the right to complain to your local data protection authority if your privacy rights are violated.
If you would like to exercise your rights regarding your Personal Information, you can exercise these rights by contacting us using the details provided under the “How to Contact Us” section.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We will respond to all requests within thirty (30) days. Notwithstanding the foregoing, we reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolution of disputes and enforce our agreements.
Email Communication and Advertising
We use the email address communicated by you during the registration for communication in the context of the Site or in order to send you marketing communications for our own similar goods or services. You can always object to the use of your address for marketing purposes. When we use your email address for marketing purposes, we will clearly point out to you that each time you can object to this use at any time.
Trudell Medical UK Limited is the controller of your Personal Information.
The information about you that we collect, process and use/or use through the Site is controlled by Trudell Medical UK Limited, and its affiliates, Trudell Medical International, TMI Medical Distribution Inc.
How to Contact Us:
If your questions, concerns, or complaints have not been resolved to your satisfaction, you may contact our Privacy Officer:
Trudell Medical UK Limited
By email: privacy [at] trudellmed.co.uk.com
By mail: 40 Bank Street, Canary Wharf, London E14 5DS
We may revise this Policy from time to time by posting an updated version on the Site, along with information on any material changes. The revised Policy will be effective immediately and any modifications will apply only to the Personal Information we collect after the posting. If we make a change that we believe materially reduces your rights or increases your responsibilities, we will notify you by email (sent to the email address specified in your account) or by means of a notice on this website prior to the change becoming effective. We may provide notice of changes in other circumstances as well. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of the Site is subject to the most current effective version of this Policy.