Mirada Medical Limited believes your data is a precious commodity and know it is your right to total transparency and control on how we use it. We have implemented strong data privacy and security safeguards to ensure that you’re protected to the best extent we can.
We are both a Data Controller and Data Processor for the purposes of the Data Protection Legislation. A “data controller” is an entity that controls how and why personal data is processed and a “data processor” uses, handles or works with the data under the instruction of the controller, typically one of our clients.
This policy outlines what data we collect, how we use it, and the safeguards we put in place to protect it.
Contact us at dataprotection@mirada-medical.com if you have any concerns, wish to request access to the data we hold on you, or wish to uphold any of your other rights.
We review our policies and procedures annually or whenever there is a change. We will always post the latest privacy policy here.
EU Data Subjects
For the purposes of EU Representation we have an establishment in France that will serve as our contact point under Recital 80 of the GDPR. The details are as follows:
SASU Mirada Medical Europe, a company registered in France under registered number [850 071 937] having its principal place of business at Ilot Quai 8.2, Bâtiment E1, Rue d’Armagnac, Bordeaux, 33800, France
If you are an EU Data Subject you can contact our EU-based office at (insert email.fr). If a revision meaningfully reduces your rights, we will notify you.
We’re committed to your data privacy and security. As such we give you these promises:
You have the following rights over any data Mirada Medical Limited holds about you:
If you would like to exercise these rights please contact us at dataprotection@mirada-medical.com
We collect information about you in two key ways:
We use automated analytics and tracking systems for email, document management, and marketing activities so that we can protect and optimize our service and deliver relevant marketing.
We try to minimize the personal data held on you. Typically, this is restricted to:
We make it a policy not to connect any social media feeds or store any social media you may post to our systems, with the exception of private messages.
Cookies are small files placed on your computer which help our website to identify your device when you visit. Please refer to our Cookies Policy HERE to find out more.
Data is stored on encrypted systems on-premise and on hosted cloud services such as Microsoft Office 365 and AWS, in transit, and at rest. We also use Salesforce CRM to process your data.
As such, some data will either be in UK or EU data centers or on US-based servers. We ensure that the correct mechanisms and safeguards are in place to carry this out including but limited to EU Standard Contractual Clauses.
We use your data to market to you if you have consented us to or if we believe we have a legitimate interest in doing so, to fulfill contractual arrangements or for legal purposes. Calls may be recorded for information holding, quality, and training purposes. Our email, document management, and website analytics are used for information purposes and to track breaches of copyright. All our processes are mapped and are subject to various internal policies to ensure your data privacy and security.
Every email sent from Mirada Medical Limited allows you to opt-out of receiving emails from us, except for the purposes of fulfilling any contractual arrangements.
You can also send an email to dataprotection@mirada-medical.com and request to opt-out, view, export, or delete your data.
If you request for your data to be deleted, your name and email address will be added to an exceptions list and all other data removed.
We will never sell your personal data for marketing purposes to third parties. To fulfil marketing initiatives we may need to work with marketing partners or use marketing platforms such as Pardot.
We will only share information for use where agents, resellers, or suppliers are involved in the delivery of your service. In such cases we will first attempt to anonymize the data, or minimize it to the fullest extent possible
Dependant on the data you provide us and for what purpose it is provided we may need to retain your data for up to 6 years. If you wish to find out more about your specific data retention, please contact us.
If we are processing data as part of working on clients data we will delete the data we hold no more than 90 days from completion of the project or end of contract, whichever happens later. We may also de-identify image data (known as Pseudonymisation) for research purposes.