This privacy policy describes how EMESO Ltd ("EMESO", "we", "us", "our") collects, uses, shares, and secures personal data from users when they use our Services (e.g. website). Please read this policy carefully.
Please read the following privacy policy carefully as it is meant to give you a clear view of how we collect, use and protect your information, as well as your rights under current laws and regulations. It also describes your data protection rights, including a right to object to some of the processing which EMESO carries out. More information about your rights, and how to exercise them, is set out in the “your rights” section below.
EMESO is the digital medicines safety platform. It aims to improve clinical efficiency and medicines safety by digitally replacing traditional solutions in healthcare settings. EMESO has been developed by a UK-based company called EMESO Ltd.
We may collect and process the following data about you:
EMESO does not sell data to third parties. We may combine personal data provided by you with information from third party sources.
EMESO uses the following sub-processors in order to deliver the functionality of the Services:
All sub-processors have entered into data processing and security terms of service with EMESO Ltd with regard to appropriate and contracted sub-processing of data.
Amazon Web Services (AWS) is used for data hosting requirements, within a data centre in the UK. AWS is compliant with healthcare information governance requirements.
All data is protected following industry best practices with regard to access controls and encryption.
However, no security measures can fully eliminate all risks. So while we strive to protect your personal data, we cannot guarantee the security of data transmission over the Internet or unauthorised access to our systems
Information that we collect will be retained for as long as needed to fulfil the purposes outlined in the sections above, in line with our legitimate interest or for a period specifically required by applicable regulations or laws, such as retaining the information for regulatory reporting purposes
Sometimes business and legal requirements oblige us to retain certain information, for specific purposes, for an extended period of time. Reasons we might retain some data for longer periods of time include security, fraud prevention, financial record-keeping, complying with legal or regulatory requirements, and ensuring the continuity of our Services
Under the Data Protection Act 2018, individuals have data subject rights, which are met as follows:
Right to be informed: This privacy notice states what data is collected, how it is used, whether it is shared, and how long it is kept.
Right of access: To access all the information that EMESO has which relates to you, a request should be made to us (contact details below).
Right to rectification: If you note any information that is inaccurate or incomplete you can make a request to us to change this is changed.
Right to erasure: You may request deletion of your personal data if there is no valid reason for us to keep processing it.
Right to restrict processing: If you wish to make a request to restrict the processing of your data, you can make a request to us.
Right to data portability: If you wish your personal data to be transmitted, you can make a request to us to action this.
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. We will inform you of relevant exemptions we rely upon when responding to any request you make
To exercise any of these rights - or get a copy of our legitimate interest balancing tests - you can get in touch with us using the details set out below. If you have unresolved concerns, you have the right to complain to a data protection authority where you live, work or where you believe a breach may have occurred.
To understand how to make a subject access request or for any further information on your rights as a data subject please contact us below or see the ICO website.
Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or notifying you of a change when you next use our Services. We encourage you to check back periodically to review the latest version. Continued usage of Services after any changes constitutes your acceptance.
You can contact EMESO by email at either cynthia.mbulu@emeso.co.uk or chandni.khanderia@emeso.co.uk.