The Advanced Medical Solutions Group of Companies (‘AMS’) take the protection and security of personal data very seriously and this policy sets out our responsibilities relating to the processing and security of personal data, specifically the key points about how AMS collects, uses and discloses personal data and ensures compliance with the applicable laws and regulations throughout the world where we operate, including The General Data Protection Regulation 2016 (‘GDPR’) (the ‘Data Protection Laws’). Defined words are in the Appendix at the end of this policy.
What is personal data?
‘Personal data’ is information which relates to an individual and from which he or she can be identified either directly or indirectly through other data which AMS has or is likely to have in its possession. These individuals are sometimes referred to as ‘data subjects’.
AMS is the ‘data controller’ of the personal data we process and therefore is responsible for ensuring our systems, processes, third-party processors and Representatives comply with the Data Protection Laws in relation to the information we handle.
We have a ‘Data Privacy Manager’ who oversees compliance with the Data Protection Laws and this policy and provides guidance and advice to AMS in this respect. The Data Privacy Manager is responsible for reporting of any failures to comply with the Data Protection Laws.
Principles of Data Protection
AMS has adopted the following principles to govern our use, collection, processing and disclosure of personal data. These principles have been established to create a uniform standard across our sites worldwide taking account of the laws in the jurisdictions where we operate.
AMS’s core principles provide that personal data must:
- be processed fairly and lawfully and to the extent required under local law with valid and informed consent;
- be obtained for specific and lawful purposes;
- be kept accurate and up to date;
- be adequate, relevant andnot excessive in relation to the purposes for which it is used;
- not be kept for longer than is necessary for the purposes for which it is used;
- be processed in accordance with the rights of individuals;
- be kept secure to prevent unauthorised processing and accidental loss, damage or destruction; and
- not be transferred to, or accessed from, another jurisdiction where these core principles cannot be met unless it is adequately protected.
Collection, Use and Disclosure
At AMS the type of data we collect and process falls into one of the following categories:-
- personal data relating to subscribers to our newsletters, other promotional materials and training;
- personal data obtained and created in relation to selling surgical, woundcare and wound closure products, including personal data of Representatives and from attendance at events and conferences;
- personal data relating to job applications; and
- personal data relating to AMS Representatives.
Please be assured we do not sell your personal data to third party companies for marketing purposes.
The below tables provide a summary of how we collect and use personal data:
Subscribers to our newsletters, other promotional material, Representatives and attendees at our events
|Types of data||Collection||Use||Disclosure|
Name and business information (email address, job title, who you work for).
Additional information may be processed where it is provided by you, for example in correspondence, in connection with an event or in letting us know what products, newsletters, promotional materials, events or conferences you are interested in and when you wish to be contacted by us, or during the performance of a contract.
Our websites may also collect your device’s unique identifier, such as an IP address.
Data may be collected in our databases when you sign up for our newsletters, promotional material or provide details at events or conferences.
Data may also be collected in our CRM system when you sign up for our newsletters, promotional material or provide details at events, or where you are a Representative and we have a legitimate business interest to collect your personal data.
You can update your details at any time or amend your information or preferences or provide additional details by using the contact details below.
You will also be provided with the option to be removed from the CRM or databases with each marketing communication you receive from us.
Personal data will be used to:
– complete any request you may make;
– contact you with communications about product updates, newsletters and event invitations which we think you may be interested in;
– contact you where you are a Representative and we have a legitimate business interest to use your personal data; and
– analyse what subjects are of interest to particular users so that we can improve the content in our newsletters, and promotional material and events or conferences.
– may be transferred worldwide to our affiliates, and to service providers who support the operation of our business;
– which is shared with service providers will be limited to that which is required for providing the service and will be adequately protected;
– will not be given to other third parties, apart from in limited circumstances such as, where we run a joint seminar and you book onto it.
Open vacancy job applications
|Types of data||Collection||Use||Disclosure|
Information such as name, email address, telephone number, mobile number and country of residence.
Further information including address, date of birth and references from your CV and covering letter.
|Data may be collected in our HR database when you apply for a vacancy and stored on file.|
Personal data will be used to:
– process your job application and communicate interview dates;
– inform you if your application is of interest, and we may use the information provided for other suitable roles.
– may be transferred to other companies within the AMS Group of Companies, and to service providers who support the operation of our business;
– will be destroyed within six months of an unsuccessful job application.
AMS will store and process personal data of Representatives where a legitimate business interest exists.
Conferences and Events: As a global organisation, AMS attends worldwide events and have marketing team members located around the world. AMS will obtain from the event organiser a delegate list of all attendees who have consented to their personal data being shared with AMS.
Personal data must be processed in line with individuals’ rights, including the right to:
- request a copy of their personal data (also known as a Data Subject Request). These requests must be made in writing by either email or letter with photographic evidence to confirm your identity and addressed to the contact details below;
- request that their inaccurate personal data is corrected;
- request that their personal data is deleted and destroyed when causing damage or distress; and
- opt out of receiving electronic communications from AMS.
Should you wish to make a request in line with your rights as an individual, please forward it to the Data Privacy Manager at the contact details below. AMS Representatives must notify or inform the Data Privacy Manager immediately if they receive a request in relation to personal data which AMS processes.
How to Make a Complaint
It is regrettable for us as at AMS if we cannot always get things right and we receive a complaint. We take all complaints seriously and can assure you we will do our best to deliver a satisfactory outcome. You should direct all complaints relating to how AMS has processed your personal data to the Data Privacy Manage at the contact details below. AMS will investigate and respond within 10 working days, this allows us time to investigate your complaint thoroughly.
AMS Representatives are required to inform the Data Privacy Manager immediately if they receive a complaint relating to how AMS has processed personal data so AMS’s complaints procedure can be followed.
Information security is a key element of data protection. AMS takes appropriate measures to secure personal data and protect it from loss or unauthorised disclosure or damage. AMS has achieved Cyber Essentials Certification which helps organisations protect themselves against common online security threats.
Transfer of Data between Jurisdictions
Personal data may be transferred between our various sites worldwide (as listed on www.admedsol.com) due to, for example, our shared IT systems and/or cross border working. We also use a number of suppliers in connection with the operation of our business and they may have access to the personal data we process. For example, an IT supplier may see our personal data when providing software support, or a company which we use for a marketing campaign may process Representatives’ personal data for us. When contracting with suppliers and/or transferring personal data to a different jurisdiction, AMS takes appropriate steps to ensure that there is adequate protection in place and that the principles are adhered to.
Requesting further information from us: Where you request further information from us by completing a form on our websites in relation to our products or events, your details will be added to our marketing database to receive marketing from AMS relevant to the products or events you have an interest in. We will collect the following data from you:
- Your name (so that we market to the right individual);
- Email address (so that we send the marketing to right place); and
- The marketing preferences indicated by you, such as the products, promotional materials, events or conferences you are interested in and how you want to be marketed.
Browsing our website:
Supervisory Authority Details
Where you believe that AMS have not taken our responsibilities with your personal data seriously, you have the right to complain to the Supervisory Authority. Their details are:
Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone number: 0303 123 113 or 01625 545 745
Data Privacy Manager Contact Details:
Data Privacy Manager, Advanced Medical Solutions Group plc, Premier Park, 33 Road One, Winsford Industrial Estate, Winsford, United Kingdom, CW7 3RT
Telephone number: 01606 545514
|“CRM”||the AMS’s client relationship management system;|
|“data”||recorded information whether stored electronically, on a computer, or in certain paper-based filing systems;|
|“data controller”||a person who or organisation which determines how personal data is processed and for what purposes;|
|“Data Privacy Manager”||the person designated as the Data Privacy Manager of AMS from time to time who can be contacted at firstname.lastname@example.org;|
|“individual” or “you”||the person whose personal data is being collected, held or processed;|
|“personal data”||please see the personal data section of this policy;|
|“process” or “processing”||any activity that involves use of personal data. It includes obtaining, recording or holding the personal data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring personal data to third parties as a result of those third parties having access to it.|
|“Representatives”||an individual who is a contact of AMS, including any employees, officers, directors and consultants (as applicable) of current, potential or former customers or suppliers, consultants, or professional advisors, and any other contact of AMS.|
This policy was last updated on 16th May 2018.