At 4T Medical Ltd, we are committed to protecting and respecting your privacy.
- Who are we?
- How do we collect information from about you?
- What data do we collect about you?
- What data is collected by others?
- How will we use the information about you?
- What legal bases are we relying on to process your personal data?
- Who has access to your information?
- How do we store and protect your data?
- Data retention and disposal
- What happens to your data if our business changes hands?
- How can you control your data?
- Your rights
- Links to other websites
- How to contact us
- If you have a complaint
1. Who Are We?
4T Medical is a limited company registered in England and Wales under company number 07932878, whose registered address is Suite G12, Blenheim House, Cambridge Innovation Park, Denny End Road, Waterbeach, Cambridge, CB25 9GL, UK.
The Data Protection Lead for 4T Medical Ltd is Laure Tordjmann. You can contact the Data Protection Lead by writing to 4T Medical, Suite G12, Blenheim House, Cambridge Innovation Park, Denny End Road, Waterbeach, Cambridge, CB25 9GL, UK, or sending an email to info @ 4tmedical.com
2. How Do We Collect Information About You?
We obtain personal and business information about you when you:
- register with us on our online shop
- place an order for products or services or
- when you provide it to us. For example:
- when using our contact form
- when you send us an email
- when you contact us by phone and/or post
- when you sign up for our e-newsletter
- when you request information about our products and services at exhibitions or
- during general account management
We also collect information when you voluntarily complete customer surveys and provide feedback or when you communicate with us via social media.
In certain circumstances, we need to verify you are a business or obtain missing information we require to provide you with a service. When required, we will obtain information about you from certain publicly accessible sources, such as Companies House, Royal Mail's Postcode and Address Finder, social media, your website (if you have one) and medical registers.
We will only process data that is necessary for administrative and business purposes.
Website usage information is collected using cookies – see below.
3. What Data Do We Collect about you?
As customers or potential customers you may be a sole-trader or part of a general or limited partnership. In all these cases you will be treated as an individual from a data protection perspective.
We collect both personal and business data as follows:
Information you provide to us such as:
- your business name
- job title
- business address
- telephone number
- email address. e.g. email@example.com
- business website address
- business social media accounts.
- contact name
- email address. e.g. firstname.lastname@example.org
- medical pin numbers
- training and insurance certificates
Information about the products and services we provide to you including for example:
- the products you’ve ordered;
- any 4T Medical training courses you have attended, and
- any feedback you give to us, including by phone, email, post or when you voluntarily complete customer surveys.
Information to improve your experience on our website
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. This also saves you from re-entering information when you return to the site.
Most web browsers can be set to: prevent you from receiving new cookies; notify you before accepting cookies or disable cookies altogether. Details about this can normally be found in the ‘Help’ facility provided with your browser.
If you do not want your visits to our website to be monitored in this way you can disable certain cookie functions as described below:
- If you wish, you can usually adjust your browser so that your computer does not accept cookies. If you do this, you will still be able to browse around the site but certain functions will not be available.
- Alternatively you can adjust your browser to tell you when a website tries to put a cookie on your computer. How you adjust your browser to stop it accepting cookies or to notify you of them, will depend on the type of Internet browser programme your computer uses.
If your computer uses Microsoft Windows Explorer or Mozilla Firefox, you will need to follow these instructions after clicking onto this link www.allaboutcookies.org .
- Go to the heading "Manage Cookies".
- Click onto the option you prefer, either stopping cookies being installed, or notifying you of them.
- From the list provided, click onto the programme, which your computer uses. If this is not shown on the list, click on the "help" heading on the bar at the top of this page, search for information on "cookies" - an explanation of how to delete cookies will appear, then follow these instructions.
All Cookies used by and on our site are used in accordance with current Cookie Law.
Before Cookies are placed on your computer or device, you will be shown a Cookie pop-up requesting your consent to set those Cookies. By giving your consent to the placing of Cookies you are enabling us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of our site may not function fully or as intended.
Your browser also generates other information, including which language the site is displayed in, and your Internet Protocol address ("IP address"). An IP address is a set of numbers which is assigned to your computer during a browsing session whenever you log on to the internet via your internet service provider or your network (if you access the Internet from, for example, a computer at work). Your IP address is anonymised as soon as technically feasible at the earliest possible stage of the collection network. We log your anonymised IP address in order to collect traffic data about visitors to our website.
4. What Data Is Collected by Others?
If you make a payment using your credit or debit card, your card information is not held by us, it is collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions.
5. How Will We Use The Information About You?
We may use your data for the following purposes:
- Providing and managing your Account;
- Processing your orders;
- To carry out our obligations arising from any contracts entered into by you and us;
- To verify our Account holders are trained professionals;
- To understand your views and comments on the services we provide;
- To personalise and tailor our products and/or services for you, for example we may recommend other products we think may be of interest to you;
- To help answer your questions and solve any issues you may have;
- To help us understand more about you as a customer, the products and services you offer, so we can serve you better;
- To conduct occasional market research;
- To send you marketing communications, if you agree, about other products, services and offers from 4T Medical Ltd that we think may be of interest to you.
With your permission and/or where permitted by law, we may also use your information for marketing purposes which may include contacting you by email and/or telephone and/or text and/or post with information, news and offers on our products and/or services.
We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the General Data Protection Regulation (GDPR).
We may compile statistics about the use of our site including data on traffic, usage patterns, user numbers, sales, and other information. All such data will be anonymised and will not include any personal identifying data, or any anonymised data that can be combined with other data and used to identify you. We may from time to time share such data with third parties such as prospective investors, suppliers, partners, and advertisers. Data will only be shared and used within the bounds of the law.
6. What Legal Bases Are We Relying On To Process Your Personal Data?
Our use of your personal data will always have a lawful basis, either because it is necessary for our performance of a contract with you, because you have consented to our use of your personal data (such as by subscribing to e-newsletters), or because it is in our legitimate interests.
This table sets out our legal basis for each of the processing activities in section 5 above.
|Activity||Legal Basis for Processing|
|Providing and managing your Account||Contractual|
|Processing your orders||Contractual|
|To carry out our obligations arising from any contracts entered into by you and us||Legal obligation**|
|To verify users are trained professionals||Legal obligation**|
To understand your views and comments on the services we provide
|To personalise and tailor our products and/or services for you||Legitimate interests*|
To help answer your questions and solve any issues you may have
Contractual (enquiry = contractual)
|To help us understand more about you as a customer, the products and services you offer, so we can serve you better||Legitimate interests*|
|To conduct occasional market research||Legitimate interests*|
To send you marketing communications, if you agree, about other products, services and offers from 4T Medical Ltd that we think may be of interest to you
Under the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR), we send emails on the basis of the existing customer (soft opt-in) exemption.
In each case where we have identified legitimate interests as the legal basis for our processing, we have conducted a legitimate interests assessment
4T Medical is the exclusive UK and Ireland distributor for a growing number of beauty and aesthetics brands. We provide high quality products that are scientifically credible and well proven. It is important therefore for us to understand our customer needs through research and your views and comments to tailor our products and services to you.
We consider that this use of your data is what you would reasonably expect, has minimal privacy impact and is justified from a commercial interests’ perspective.
We accept that this means we take extra responsibility for considering and protecting your rights and interests.
You have the right to object to our processing under legitimate interests at any time.
In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal obligations, a court order, or a governmental authority.
7. Who Has Access To Your Information?
4T Medical Ltd will not share your information with any third parties for marketing purposes.
We may share your information with our third party providers and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. These may include payment processing, delivery of goods, generating invoices, our CRM system and marketing such as to send out e-newsletters via Mailchimp, or carry out customer surveys via Survey Monkey. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.
You have the right to withdraw your consent to us using your personal data at any time, and to request that we delete it.
8. How Do We Store And Protect Your Data?
We take the security of your data very seriously from the outset. Our web address is HTTPS. (HyperText Transport Protocol Secure) This is the protocol used to access a secure Web server. We use https:// as the prefix to our Web address rather than the common http://, so that your session is managed by a security protocol and the transmission of data is encrypted to and from the Web server.
Secure certificates (SSL Certificates) are in place. These are small data files that digitally bind a cryptographic key to an organisation’s details. These allow secure connections from a web server to a browser. SSL is used to secure the transfer of your data to our server.
Our server is protected by a firewall. Log in details are securely shared internally between employees.
Your personal data is held on our CRM system and the server is based in the US. We rely on transfers here on the basis of an adequacy decision. The US has partial adequacy and our CRM provider, Capsule CRM, is certified to the Privacy Shield principles.
Some or all of your data may be stored outside of the European Economic Area (“the EEA”) (The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein). You are deemed to accept and agree to this by using our website and submitting information to us. If we do store data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under GDPR.
9. Data Retention And Disposal
We keep your personal data for no longer than is necessary for the purposes for which it is being processed. This is to reduce the risk that it will become inaccurate, out of date or irrelevant.
We ensure that your personal data is securely disposed of when no longer needed or you unsubscribe.
10. What Happens To Your Data If Our Business Changes Hands?
11. How Can You Control Your Data?
When you submit personal data via our site, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our e-newsletters and at the point of providing your details). Please read the next section, for a summary of your rights.
12. Your Rights
You have the following rights under the GDPR, which this Policy and our use of personal data have been designed to uphold:
How do I find out what information you hold about me?
You have the right to request a copy of the personal information that we hold about you. If you would like a copy of some or all of your personal information, please contact us using the details in ‘How to contact us’ below.
Please include your name, phone number, postcode and last product ordered to validate your request. We will provide the information to you within 30 days.
There is no charge for this service.
How do I correct any details that you hold about me that are incorrect?
We want to make sure that your personal information which we hold is accurate and up to date. You may ask us to correct or remove any information you think is inaccurate. Please contact us using the details in ‘How to contact us’ below.
Please include your name, phone number, postcode and last product ordered to validate your request. We will action the requested correction without delay.
How do I remove my details from your database?
To remove your information from our database, Please contact us using the details in ‘How to contact us’ below.
Please include your name, phone number, postcode and last product ordered to validate your request. If we no longer need to hold your personal information for legal, contractual or vital interests’ purposes, we will action this without delay and erase all your information. An email confirmation will be sent to you.
What can I do if I object to your processing my data for marketing purposes?
You have a right to object to us processing your personal data for marketing purposes. You can notify us of this using the details in ‘How to contact us’ below.
We will stop processing your data as soon as we receive your objection.
Automated decision making
No automated decision making or profiling is used in relation to our customers’ data.
What can I do if I wish to restrict processing my data?
You have a right to restrict our processing your personal data and ask us just to store it. You can notify us of this using the details in ‘How to contact us’ below.
13. Links To Other Websites
14. How To Contact Us
15. If You Have A Complaint
You have a right to lodge a complaint with the Information Commissioners Office if you are not satisfied with how we are handling any concerns that you have with your data. You can contact them here https://ico.org.uk/concerns/