Iuvo Limited Privacy Statement
At Iuvo Limited we take your Privacy seriously. This Statement is part of our General Data Protection Regulation Policy. It explains when and why we collect personal information, how we use it, and the conditions under which we may disclose it to others and how we keep it secure.
Who We are?
Iuvo Limited is a specialist information technology software and service provider with 20 years’ experience in providing Secure Electronic Messaging and Integrated Information Transfer solutions for the UK Healthcare industry. Iuvo develop, deploy and support “state-of-the-art” Software solutions and Services. We provide both on site solutions and hosted bureau services.
For the purposes of the General Data Protection Regulation (GDPR) the data controller is Iuvo Limited, registered under registration number 3533792. Our registered office is at Carleton House, 266 – 268 Stratford Road, Shirley, Solihull, West Midlands, UK. B90 3AD.
How do we collect information from you?
We obtain information about you when you contact us about our products and services, through our Contracts and Agreements and when you visit our website.
What type of information is collected from you?
We may collect and process the following information about you:
- Your name, job title, company name, business address, email address and telephone number.
- Information that you provide by filling in forms on our website. This includes information regarding which of our products and services you are interested in.
- If you contact us, we may keep a record of that correspondence.
- We may also ask you to complete surveys that we use for quality management and research purposes, although you do not have to respond to them.
- Details of your visits to our website including, but not limited to, traffic data, location data, IP addresses, web browser type, list of referring site and your activity on our site.
- Information gathered by the use of cookies in your web browser.
Why we collect your data and how it will be used?
We collect your data to enable us to provide information on our products and services, to administer your account, and to enable us to support the products and services purchased from us.
We may use your information internally within our company to enable us to:
- process an enquiry that you have made;
- process orders that you have submitted;
- to carry out our obligations arising from any contracts between us;
- to enable us to fulfil our legal obligations;
- seek your views or comments on the products & services we provide;
- notify you of any developments or changes to our products & services;
- send you business related communications, which we believe may be of interest to you. These may include information about other Iuvo products and services;
- process a job application.
We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
The legal basis we rely on:
The GDPR law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
Legitimate Interest:
We require your personal data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not impact your rights, freedom or interests.
Consent:
In specific situations, we can collect and process your data with your consent. For example, when you complete a “Request Form” on our website or when you complete a survey we have emailed you to obtain feedback on the services we have provided you.
Contract:
If you become a customer we need your personal data to comply with our contractual obligations. For example, we shall require your personal details to manage your account.
Who has access to your information?
Your information is only accessible to authorised Iuvo employees in the performance of their duties and by Iuvo Limited in complying with Government Legislation.
We will not share, sell, or rent your information to any third parties. With the exception that we may pass your information to our third party service providers, agents subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf.
We will not release your information to third parties, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
What are your rights with regard to your personal data?
As a data subject, you have the following rights under the GDPR:
- The right to be informed about our collection and use of personal data;
- The right of access to the personal data we hold about you
- The right to rectification if any personal data we hold about you is inaccurate or incomplete
- The right to have your data deleted – we only hold your personal data for a required time, as explained above but if you would like us to delete it sooner, please contact us.
- The right to restrict / prevent the processing of your personal data;
- The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);
- The right to object to us using your personal data for particular purposes; and
- Rights with respect to automated decision making and profiling.
If you have any cause for complaint about our use of your personal data, please contact us using the details provided below. We will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.
All requests for a copy of the information Iuvo Limited hold about you should be made in writing to the Data Processing Officer, Iuvo Limited, 6 Windsor Court, Clive Road, Redditch, Worcestershire, B97 4BT, or by email to DPO@iuvo.co.uk or via facsimile to 01527 61922.
Upon receipt of the written request, we will provide a response to you within 30 working days. Any update information provided by you will be applied to our systems within 5 working days and confirmation will be sent out to you confirming this has been done.
Security precautions in place to Safe-guard your information
When you give us personal information, we take steps to ensure that it’s treated securely. All our customer and supplier sensitive information is stored using full disk 256-bit AES encryption with TPM 1.2 hardware + PIN authentication.
Any information which you provide to us using any unsecure method (Internet, Postal Services etc.) cannot be guaranteed to be 100% secure during its transmission and you do so at your own risk. Once we receive your information, we will ensure it is stored on our systems in line with our General Data Protection Regulations (GDPR) Policy.
Where we have given (or where you have chosen) a password which enables you to access certain parts of our hosted solutions, you are responsible for keeping this password secure and confidential. Your password must not be shared with anyone.
Transferring your information outside of Europe
We do not transfer any data outside of the United Kingdom.
Review of this Policy
We keep this Policy under regular review. This Policy was last reviewed on 22nd May 2024 and updated in October 2021.
Date last reviewed: 20/12/2023