Effective Date: [1st July 2024]
At Merlin Health, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your personal data when you use our services or visit our website. By using our website, you agree to the practices outlined in this Privacy Policy.
We may collect and process the following types of personal information:
Personal Information: Name, email address, phone number, billing address, and other details necessary to prepare and issue your medical certificate.
Payment Information: Details provided for payment, such as credit or debit card information, processed securely via third-party payment processors.
Automatically Collected Information: Information about your device, browser type, IP address, and website usage data collected via cookies and other tracking technologies.
We process your personal data based on the following lawful grounds under GDPR:
Consent: When you voluntarily provide information to use our services.
Contract: When processing is necessary to fulfill a contract (e.g., providing medical certificate services as requested).
Legal Obligation: When required to comply with legal obligations (e.g., tax reporting).
Legitimate Interests: To improve our services and website experience, where this interest does not override your rights and freedoms.
We use your data for the following purposes:
To provide and deliver the services you request, including preparing and issuing medical certificates.
To manage and verify your account or order.
To communicate with you regarding your order, service requests, or account.
To improve our website and customer experience.
To comply with legal obligations or resolve disputes.
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Once your information is no longer required, we securely delete or anonymize it.
We do not sell or trade your personal data. However, we may share your information with third parties in the following circumstances:
Service Providers: Trusted third-party providers that help us deliver services (e.g., payment processing, email communication).
Legal Compliance: When required to comply with legal obligations (e.g., responding to a court order).
Business Transfers: In the event of a merger or acquisition, your data may be transferred to the new entity.
If your personal data is transferred outside the UK or European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data.
We employ appropriate security measures to protect your personal data from unauthorized access, disclosure, or destruction. Our website uses SSL encryption to secure transactions and sensitive information. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.
You have the following rights under GDPR regarding your personal data:
Right to Access: Request a copy of the personal data we hold about you.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure: Request deletion of your data in certain circumstances (e.g., when it is no longer necessary).
Right to Restrict Processing: Request that we limit the processing of your personal data.
Right to Object: Object to the processing of your personal data for specific purposes.
Right to Data Portability: Request your personal data in a structured, commonly used format for transfer to another service provider.
To exercise these rights, please contact us at info@merlinhealth.co.uk.
If you are concerned about how we handle your personal data, you have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office (ICO). Visit their website at https://ico.org.uk or call 0303 123 1113 for more information.
We use cookies and similar tracking technologies to enhance your browsing experience on our website. You can manage your cookie preferences through your browser settings.
We do not knowingly collect personal data from children without appropriate parental consent. If you believe we have collected personal information from a child without consent, please contact us so we can delete the data.
Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites, and we encourage you to review their privacy policies before sharing any personal data.
We may update this Privacy Policy from time to time. When changes are made, we will update the effective date at the top of this page. We recommend that you periodically review this policy for the latest information on our privacy practices.
If you have any questions or concerns about this Privacy Policy or how we process your personal data, please contact us at:
Email: info@merlinhealth.co.uk