This is the privacy policy for IMV Companion Animal Ltd, trading as IMV imaging, which explains our use of personal data in relation to our business (other than use of our employee data), including in relation to:
• the various veterinary imaging and diagnostic products we supply (“Products”);
• the data services we provide in relation to the use of the Products, including via our mobile apps (“Data Services”);
• support services we provide in relation to the Products (“Support Services”); and
• through the operation of our websites at www.imv-imaging.com, imv-imaging.co.uk or any other imv-imaging website where this policy is made available (“Sites”).
IMV Companion Animal Ltd is a company incorporated in Scotland with company number SC 768408 and having its registered office at Imaging House, Phoenix Crescent, Strathclyde Business Park, Bellshill, Lanarkshire, ML4 3NJ (we, us and our). For the purposes of data protection legislation we are the controller in relation to the personal data this policy relates to.
We are committed to protecting your privacy. This policy explains how we use personal data we may obtain from or about you in relation to your use of our Services or the Sites.
Contact details
We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.
Data privacy manager: Caralynne Hill
Email address: [email protected]
Postal address: Imaging House, Phoenix Crescent, Strathclyde Business
Park, Bellshill, ML4 3NJ
Telephone number: +44(0)1506 460 023
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
To help makes things clearer we use the following terms to describe the different categories of individuals whose personal data:
Browser: means any person accessing our Sites.
Customer: means a third party to whom we supply Products and Services
Distributor: means a third party we appoint as a distributor of our Products;
Services: means Data Services and/or Support Services.
Supplier: means a third party from whom we obtain goods and/or services.
User: means an individual employee, consultant or contractor of a Customers, who is authorised to use the Data Services by that
Customer:
We reserve the right to change this privacy policy from time to time by changing it on the Sites. This privacy policy was last updated on 06/03/19.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
Contact Data: means the contact details (name, email address and telephone numbers) for the individuals we liaise with at our Suppliers and Distributors.
Cookie Data: this is the information we obtain from Browsers use of Cookies as explained in the Cookies section below.
Location Data: this the data including GPS technology information we use to determine your current location when you use our apps. You can turn off this GPS functionality at any time by turning off the location services settings on your device.
Query Data: this is the information you provide when you use the Contact section of our Sites to send a message or ask a question or to request any guidance materials or email materials we may provide on our Sites.
Registration Data: this is the email log-in and password details if you are a User.
Survey Data: this is information from surveys that we may, from time to time, run on the Sites for research purposes, if you choose to respond to, or participate in, them.
Technical Data: this is information we obtain from browsers and includes the IP address used to connect your computer to the internet, your browser type and version and your browser plug-in types and version. You cannot be identified from this information.
Usage Data includes information about how you use our website, Products and Services.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Cookies
When you interact with the Sites, we try to make that experience simple and meaningful. When you visit our Sites, our web server sends a cookie to your computer or mobile device (as the case may be).
Cookies are small pieces of information which are issued to your computer or device when you visit a website or access or use a mobile application and which store and sometimes track information about your use of the Sites. A number of cookies we use last only for the duration of your Site session and expire when you close your browser. Other cookies are used to remember you when you return to a particular Site and will last for longer.
We use only “analytical” cookies in order to:
• remember that you have visited us before; this means we can identify the number of unique visitors we receive;
• customise elements of the promotional layout and/or content of the pages of the Sites; and
• collect anonymous statistical information about how you use the Sites (including how long you spend on the Sites) and where you have come to the Sites from, so that we can improve the Sites and learn which parts of the Sites are most popular.
Most web and mobile device browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browser or mobile device. Please note, however, that by blocking or deleting cookies used on the Sites, you may not be able to take full advantage of the Sites.
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you: apply for our Products or Services; supply goods and services to us; create an account on our Sites or otherwise; request marketing to be sent to you; enter a competition, promotion or survey; or give us some feedback.
Automated technologies or interactions. As you interact with our Sites, we may automatically collect Cookie Data and Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:
Technical Data from analytics providers such as Google.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
Purposes for which we will use your personal data
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
| Purpose/Activity | Type of data | Lawful basis for processing including basis of legitimate interest |
| To deal with and respond to your comments and requests | Query Data | Consent |
| To improve user interaction and experience on our Sites as explained in the Cookies section | Cookie Data | Necessary for our legitimate interests (improving Sites and user experience) |
| To set up your account to enable us to provide our Services | Registration Data | Performance of a contract with you |
| To provide Support Services to Customers | Contact Data, Location Data, Technical Data | Performance of a contract |
| To contact Users about any changes to our Products or Services | Registration Data | Performance of a contract with you |
| To check that use of the Services is in accordance with our customer agreements | Usage Data | Necessary for our legitimate interests (checking compliance with contractual obligations owed to us) |
| For security and prevention and detection of fraud | Registration Data, Location Data | Necessary for our legitimate interests (to protect our business) |
| Market research | Survey Data | Necessary for our legitimate interests (to engage in market research) |
| To track location and time of use of our apps and submission of data | Location Data | Performance of a contract with you |
| To communicate with our Distributors and Suppliers | Contact Data | Necessary for our legitimate interests (to engage with key third parties). Performance of a contract |
| To help provide effective Sites and Services including troubleshooting and testing | Technical Data | Necessary for our legitimate interests (product testing and ensuring efficacy of our Sites) |
We share personal information in the following ways:
1. In the event that we sell or buy any business or assets, in which case we may disclose personal data to the prospective seller or buyer of such business or assets but only to the extent this is reasonably necessary and cannot reasonably be redacted.
2. If we or substantially all of our assets are acquired by a third party, in which case personal data we hold as explained in this privacy policy may be part of the transferred assets to the extent this cannot reasonably be redacted.
3. We may disclose your personal information if we are under a duty to disclose or share your personal data in order to comply with any legal obligation.
4. We may disclose personal information if we believe that such action is necessary to prevent fraud or cybercrime or to protect the Sites or rights, property or personal safety of any person.
5. We may disclose your personal information to a third party we engage with who provides IT and systems administration services, and to professional advisors (such as lawyers, bankers and insurers) who provide professional services to us (“Third Party Providers”). All disclosures or transfers of personal data to any Third Party Provider will only be for specific agreed purpose and shall be in accordance with applicable data protection legislation.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our Third Party Providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at [email protected] we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
The Sites may, from time to time, make chat rooms, message boards, news groups and/or other public forums available to its users. Any information that is disclosed in these areas becomes public information and you should exercise caution when using these and never disclose your personal information.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:
Promotional offers from us
We may use your Account, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you have requested information from us or purchased goods or services from us or if you provided us with your details when you entered a competition or registered for a promotion, or submitted a form on our website and, in each case, you have not opted out of receiving that marketing.
Third-party marketing
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
Opting out
You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of [a product/service purchase, warranty registration, product/service experience or other transactions].
We share your personal data within our Company group. This will involve transferring your data outside the European Economic Area (EEA).
Many of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
• Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
• Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
The Sites may, from time to time, contain links to external sites. We are not responsible for the privacy policies or the content of such sites.
We place great importance on the security of all personally identifiable information associated with our users. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal information under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to personal information. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it. You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via the Sites whilst it is in transit over the internet and any such submission is at your own risk.
It is advisable to close your browser when you have finished your user session to help ensure others do not access your personal information if you use a shared computer or a computer in a public place.
Information that you submit via the Sites is sent to and stored on secure servers located in the United Kingdom and Ireland. This is necessary in order to process the information. Information submitted by you may be transferred by us to our other offices and/or to the third parties mentioned in the circumstances described above (see Information sharing), which may be situated outside the European Economic Area (EEA) and may be processed by staff operating outside the EEA. The countries concerned may not have similar data protection laws to the EEA. Where we transfer your information we will take all steps required by data protection legislation to ensure that your privacy rights continue to be protected.
How long we will store your personal data
We only store your information for as long as is necessary for the purpose it was obtained or for any additional purpose we have explained to you. We also implement policies to regularly audit the personal data we hold to ensure we do not retain any personal data for longer than we are entitled to.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Under data protection legislation there are various rights which can apply in respect of information held about an individual. These rights are as follows:
➢ Access to information: You have the right to request a copy of the information we hold about you. If you would like a copy of some or all of your personal information, please email us at [email protected].
➢ Ensuring accuracy of information: We want to make sure that your personal information is accurate and up-to-date. You may ask us to correct or complete information that is inaccurate or incomplete.
➢ Right to erasure: You may have a right to erasure, which is more commonly known as the ‘right to be forgotten’. This means that in certain circumstances you can require us to delete personal information held about you.
➢ Ability to restrict processing: You may also have the right to require us to restrict our use of your personal information in certain circumstances. This may apply, for example, where you have notified us that the information we hold about you is incorrect and you would like us to stop using such information until we have verified that it is accurate.
➢ Right to data portability: You may have the right to receive personal data we hold about you in a format that enables you to transfer such information to another data controller (e.g. such as another service provider).
➢ Review by an independent authority: You will always have the right to lodge a complaint with a supervisory body. The relevant authority in the UK is the Information Commissioner’s Office.
➢ Preventing direct marketing: We do not sell your data. From time to time, we may send emails containing information about new features and other news about us. This is considered direct marketing. You have the right to stop us from contacting you for these purposes. We will always inform you if we intend to use your personal data for such purposes, or if we intend to disclose your information to any third party for such purposes. You can usually exercise your right to prevent such marketing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at [email protected].
➢ Objecting to other uses of your information: You may also have the right to object to our use of your information in other circumstances. In particular, where you have consented to our use of your personal data, you have the right to withdraw such consent at any time. You may do this by contacting us at [email protected].
Keeping us up to date
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Contacting us
Please submit any questions, concerns or comments you have about this privacy policy or any requests concerning your personal data by email to [email protected]