Privacy Policy

How we protect and handle your personal data

Last Updated: September 21, 2025

Effective Date: September 21, 2025

1. Introduction

Shemiricom ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website and healthcare technology services.

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Personal Information

  • Contact details (name, email address, phone number, postal address)
  • Professional information (job title, company, healthcare facility)
  • Communication preferences and marketing consent
  • Account information for our services

2.2 Technical Information

  • IP address and browser information
  • Website usage data and analytics
  • Cookies and similar tracking technologies
  • Device information and operating system details

2.3 Healthcare Data

  • Data generated by our healthcare devices (with appropriate consent)
  • Clinical information relevant to device usage
  • Patient outcome data (anonymized and aggregated)

3. How We Use Your Information

We use your personal data for the following purposes:

  • Service Delivery: To provide our healthcare technology solutions and support services
  • Communication: To respond to inquiries, provide updates, and deliver customer support
  • Product Development: To improve our devices and develop new healthcare solutions
  • Compliance: To meet regulatory requirements and maintain quality standards
  • Marketing: To send relevant information about our products and services (with your consent)
  • Analytics: To understand website usage and improve user experience

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: Where you have given explicit consent for specific processing activities
  • Contract: To fulfill our contractual obligations to provide services
  • Legitimate Interest: For business operations, security, and service improvement
  • Legal Obligation: To comply with regulatory and legal requirements
  • Vital Interests: To protect health and safety in emergency situations

5. Data Sharing and Disclosure

We may share your information with:

  • Healthcare Partners: NHS trusts and healthcare providers using our services
  • Technology Partners: Third-party service providers supporting our operations
  • Regulatory Bodies: When required by law or regulation
  • Research Organizations: For anonymized research and development (with appropriate consent)

We do not sell your personal data to third parties for marketing purposes.

6. Data Security

We implement comprehensive security measures to protect your data:

  • End-to-end encryption for data transmission
  • Secure data storage with regular backups
  • Access controls and authentication systems
  • Regular security audits and penetration testing
  • Staff training on data protection and security
  • Incident response procedures and breach notification protocols

7. Data Retention

We retain your personal data for as long as necessary to:

  • Provide our services and fulfill contractual obligations
  • Comply with legal and regulatory requirements
  • Resolve disputes and enforce our agreements
  • Support ongoing healthcare research and development

Specific retention periods vary based on data type and legal requirements, typically ranging from 7-25 years for healthcare-related data.

8. Your Rights

Under UK GDPR, you have the following rights:

  • Access: Request copies of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data (subject to legal obligations)
  • Restriction: Request limitation of processing activities
  • Portability: Request transfer of your data to another service
  • Objection: Object to certain types of processing
  • Automated Decision-Making: Rights regarding automated processing and profiling

9. Cookies and Tracking

Our website uses cookies to enhance your experience and provide analytics. We categorize cookies as:

  • Necessary: Essential for website functionality
  • Analytics: Help us understand website usage
  • Marketing: Support personalized content and advertising

You can manage your cookie preferences through our cookie banner or browser settings. For more details, see our Cookie Policy.

10. International Transfers

We primarily process data within the UK and EU. Any international transfers are subject to appropriate safeguards including:

  • Adequacy decisions by the UK government
  • Standard contractual clauses
  • Binding corporate rules
  • Explicit consent where required

11. Children's Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children without appropriate parental consent and healthcare provider oversight.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes through our website or direct communication.

13. Contact Information

For questions about this Privacy Policy or to exercise your rights, contact us:

Data Protection Officer
Email: [email protected]
Phone: +44(0)836067236
Address: 5 Griffiths Plaza West, Kevin S49 1YZ, United Kingdom

14. Regulatory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your data appropriately:

Information Commissioner's Office
Website: ico.org.uk
Phone: 0303 123 1113