DIMEC® Limited (“We”) are committed to protecting and respecting your privacy. We work to an Information Governance Statement of Compliance & registered with the Information Commissioner’s Office (ZA271671).
This policy and any other documents referred to on it sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of GDPR, we are the data controller of any personal data of the information we collect about you.
Information we may collect from you
Information that you provide to us including via forms on our App. We are not able to see your repeat drug history downloaded from your GP; only you can see this. This information is only collected so as to pair your phone with your GP record. We may also ask you for information when you report a problem with our App.
If you contact us, we may keep a record of that correspondence.
Details of your visits to our App including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.
Where we store your personal data
We use 256-bit encryption for all transactions ensuring all data is secure using systems above the industry standard.
Uses made of the information
We use information held about you in the following ways: To ensure that your medicines are downloaded from your GP record and pairing has been successful. To carry out our obligations arising from any contracts entered into between you and us. To allow you to participate in interactive features of our service, when you choose to do so. To notify you about changes to our service.
Disclosure of your information
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may disclose your personal information to third parties:
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
If DIMEC® Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce any agreement between us or to protect the rights, property, or safety of DIMEC® Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.
As per GDPR requirements, we will supply all requested information within one month of receiving the request.
More information on our GDPR commitments can be found here: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/
Research and your data
There may be instances where we use anonymised data to feed back into the NHS. This is a standard practice amongst NHS service suppliers. More information can be found here:
To see a copy of our Data Protection Impact Assessment (DPIA), please contact us using the details below.
Complaints Whilst we pride ourselves on our excellent customer service, we appreciate that sometimes things don’t always go to plan. We make every effort in these circumstances to ensure any problems are resolved quickly and satisfactory. If, however, you would like to make a formal complaint about any of our services, please forward this to firstname.lastname@example.org with the subject of ‘Complaint:’.