Privacy Policy

Last updated: May 2018

We understand that protecting the privacy of visitors to our website and our customers is very important and that information about you and/or your health is particularly sensitive. That’s why we treat your personal data according to the laws of England and Wales and other applicable local laws which regulate the storage, process, access and transfer of personal data including the EU General Data Protection Regulation (“GDPR”).

1. Who we are

This website is operated by A. Menarini Diagnostics Ltd (“Menarini”, “we”, “us” “our”). The data controller is A. Menarini Diagnostics Ltd (company number 2120375), Wharfedale Road, Winnersh, Wokingham, Berkshire, RG41 5RA

Menarini was established in the UK during 1987. We are market leaders in the field of diabetes diagnostics, with leading edge systems for blood glucose and blood ketone self monitoring, and HbA1c testing. Over 1 million self tests are performed on GlucoMen blood glucose meters every day across Europe.

Our goal is to work closely with all Diabetes Specialist Nurses and patients, and continue to do the right things to support the growing number of people who choose to rely on the GlucoMen Areo and GlucoMen LX systems to help manage their diabetes at home.

We are committed to continuous improvement in quality in all our activities and are certified to ISO13485. As an ISO registered company, we are proud of our commitment to our high product standards and quality of service.

To date Menarini has placed more than 600 clinical laboratory analysers of various types in the UK market, growing rapidly in the areas of Histopathology, Autoimmune disease and near patient systems.

2. Contact us

If you have any questions or concerns about privacy or would like to exercise your rights in relation to your personal information, please send anemail to our Data Protection Officer or write to us at the address above.

If you are not satisfied with the way Menarini handles your data or responds to your requests, you may also complain to your local Data Protection Authority.

3. Personal information we collect

We may ask you to provide some personal information such as:

  • Full name;
  • Address;
  • Email address;
  • Date of birth;
  • Telephone numbers; and
  • Health information (including your diabetes and information regarding your meter).

Some information is compulsory for us to provide the service you have requested. We will always notify you if providing the information is compulsory or optional.

In order to undertake website optimisation, we will also automatically collect information about the devices you use to access our website, which may include your IP address. For further information, please see section 4.a) below.

4. How and why we use your personal information

Menarini collects personal information from you to perform our business operations, provide you with and improve products and services, and personalise your experience.

We also may use the data to communicate with you, for example, informing you about your account and providing product information. If you have registered your warranty for lifetime upgrades to your meter you have provided your consent to receive such information when meter upgrades become available. We will only share your data where we have a proper reason to do so e.g. in case of request by UK regulatory authorities.

Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only:

  • where we have your consent to do so,
  • where we need the personal information to perform a contract with you, or
  • where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (e.g. in some cases for fraud prevention, network and information systems security).

In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

The following sections advise of the reason(s) we may process your personal information and list the ways that we may use your personal information:

Legitimate Interest

  • Browsing public pages on our website
  • Notifying you of your order status and any issues relating to your order
  • Undertake website administration and personalisation
  • Managing network and data security
  • Provide customer services to you
  • Processing and responding to complaints received from you
  • Contacting you for a Welcome Call to introduce you to the product
  • Subscribing to the GlucoMen Warranty

Legal obligation/legitimate interest

  • Contacting you with product safety updates

Consent

  • Registering your interest in products or services
  • Product upgrade offers
  • Contacting you to undertake customer satisfaction surveys, invite you to review a product, invite you to enter a competition or for market research

Fulfilment of a contract

  • Processing your order
  • Creating, updating or managing your GlucoMen online account and registering associated products

Further information regarding the processing of personal information that we undertake can be found below, however if you have questions about, or need further information concerning, the legal basis on which we collect and use your personal information, please contact us using the contact details provided above in section 2.

a) Browsing public pages on our websites

If you browse public pages on our websites, i.e. content that you can access without being logged in to an account you may have with us, we collect and process only non-sensitive information about you.

In particular, we will not collect any health related information about you when you browse public pages on our websites. We will however process your personal information to the extent required to deliver the public content you request from us e.g. to format it for your browser. We will also process your personal information to meet our legitimate interests to protect the security of our website systems and to measure the audiences for the various types of content provided. To do this, we use:

Cookies. A cookie is a small text file that is placed onto your system by our web server. As a rule, our cookies are only used for the length of your session. We use cookies to improve user-friendliness. You can review and delete or disable cookies at any time via the settings in your browser, in this case you may lose settings you have made for a website. Please refer to our Cookie Policy for more information.

Google Analytics. Google Analytics, is a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyse how users use the public content on our website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google Analytics Cookies may exist up to two years, if you do not delete them earlier.

Google is certified under the US-EU Privacy Shield and we have agreed with Google a data processing agreement to ensure they operate Google Analytics on our behalf. We also use the IP-anonymisation feature of Google Analytics. If you visit the website from within states that form part of the European Economic Area, your IP address will be truncated before it leaves the European Economic Area. Only in exceptional cases (e.g. a failure of the EU based systems) will the whole IP address be first transferred to a Google server in the USA and truncated there.

Google will use this information on our behalf for the legitimate interest based purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.

You may opt-out from Google Analytics with effect for the future by downloading and installing the Google Analytics Opt-out Browser Add-on for your current web browser (does not work with all mobile devices / browsers). Or you can deactivate Google Analytics on mobiles and other devices by clicking the following opt-out link: Click here to opt-out of Google Analytics.

Note: Google Analytics is only active on the public pages of our websites, i.e. not on pages of our websites that you access when logged into your account.

Social Plugins, Shariff. We use social plugins (“Plugins”) provided by the social networks Facebook and Google +1 as well as by the microblogging platform Twitter. The respective services are operated by Facebook Inc., Google Inc., and Twitter Inc. (each an “Operator”).

· Facebook’s (facebook.com) Operator is Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94304, USA. Its Plugins are identifiable by a Facebook logo (white letter f on blue background or a thumb up icon) or the notice “Facebook Social Plugin”. For a full list of all Plugins, please see http://developers.facebook.com/plugins. Facebook’s privacy notice is available at https://www.facebook.com/policy.php.

· The Operator of Google+ (plus.google.com) is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. Its Plugins are labelled with the Google logo, the Google +1 logo or with the addition “Google Social Plugin” as can be reviewed at http://plus.google.com. Google’s relevant privacy notice may be loaded at https://developers.google.com/+/web/buttons-policy.

· Twitter’s (twitter.com) Operator is Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. Its Plugins are identified by the Twitter logos and an overview is available at https://twitter.com/about/resources/buttons. Twitter’s privacy notice is available at https://twitter.com/privacy.

We have implemented the “Shariff” solution to protect your privacy when you visit our website. Shariff ensures that no data is transferred to the Operator when you load a page of our website. Only after you activate the Plugin of your choice and thus consent to the data transmission, will your browser make a direct connection to the Operator’s servers. Shariff replaces the Operators’ customary “Share” buttons and protects your surfing behaviour from being tracked by the Operator. For further information, please see the popup information next to the activation toggles visit the Shariff developer (https://github.com/heiseonline/shariff).

Once you activate a Plugin, we have no influence on the data gathered by it. For the information on the purpose and scope of data collection and procession by the respective Operators, as well as your rights in this respect and settings options for protecting your privacy, please visit the Operators’ privacy policies linked above.

Services. We may use third party applications and content tools on certain Menarini Diagnostics Websites to provide additional information to you, e.g. Google Maps. When you interact with them, these third parties may receive your personal information including your IP address. We will clearly indicate where we use
such third party services so that you can decide whether or not to use them.

b) Registering for and using an account

To use non-public content on our websites and to register your product, you will first need to create an account, and then log in to your account.

We use accounts wherever we process sensitive data such as in particular your health related personal information. We also use accounts wherever we process your personal information with your consent. This is because accounts allow us to better protect your personal information in access controlled systems and to establish your identity in order to obtain and manage your consents.

When you register for an account, we will collect your personal contact details as detailed above in section 3.

Within your account, Menarini processes your personal information as follows:

For regulatory reasons we will have to establish your real name and identity upon account creation. You will then be able to manage, change or withdraw your consents given within your account settings. You may also withdraw your consent by contacting us at the address above. You may withdraw your consent at any time, however this will not affect the lawfulness of our consent based processing before such withdrawal. We will separate required consents that we need to be able to provide a service to you from other consents that do not have a service dependency.

As required for the establishment, exercise or defence of legal claims. We may process your personal data as required to prepare or protect against legal claims; including litigation, anti-fraud measures, and technical and organisational measures to protect our networks and technology against attacks.

For research. We may process your personal information for scientific research purposes or statistical purposes in accordance with applicable law, provided it is proportionate to the aim pursued, respects the essence of the right to data protection and provides for suitable and specific measures to safeguard your fundamental rights and interests. As a rule, we will still ask for your consent when we would like you to participate e.g. in a study.

c) Order or registering for services and products e.g. ordering consumables, subscribing to the GlucoMen Warranty

Access to online services and products is limited to account holders only because the provision of these services involves health data that we consider to be sensitive and that we want to protect.

When you use online ordering e.g. to order medical consumables, medical devices or subscribe to a service e.g. GlucoMen Warranty, you need to create a personal account and log in to gain access.

Once logged in, you will be required to register your product and we may have to undertake further processing of your personal information in order to fulfil our contract with you.

d) Participate in surveys

If you consent to participate in one of our surveys, we will process your submitted input for service improvement, research or marketing purposes. Unless otherwise stated in the respective survey, you will participate on an anonymous basis and we will not be able to relate your input to you personally but will only assess it on an aggregate basis together with the input of others.

Surveys that rely on your personal information will be marked accordingly. You are always free to consent or to not participate; your refusal to participate will not have a negative impact on the scope of your services, unless otherwise stated in the invitation to the survey.

e) Communicate with us by telephone, e-mail, webforms or otherwise in respect of our products and services or during the purchasing of any such products

If you communicate with us by telephone, e-mail, webforms or similar, we will process your contact details and the personal information you give to us even if you do not have an account with Menarini. We will process such information only to the extent required to answer your enquiry, and will delete the information when no longer required as evidence unless you have consented for us to use your data for other purposes, of which its purpose will be specified at time of you giving us consent.

f) Complain about our services and products

When we receive a complaint about a product or service from a person we create a file containing the details of the complaint, including the identity of the complainant. It may contain health related information. We will only use the personal information we collect to process the complaint.

We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for ten years from the date that the last product of its type was placed on the market. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.

5. Retention periods

We retain personal information we collect from you where we have a genuine business need to do so, for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements.

When we have no ongoing business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6. Security

Menarini takes appropriate technical and organisational measures to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. To ensure the confidentiality of your data, Menarini uses industry standard firewalls and password protection. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential and we ask you not to share this password with anyone.

7. Who receives your information

Menarini shares your personal information with your consent and further as necessary in relation to the above purposes, as required by applicable laws, court orders, or government regulations. Menarini may use group internal and external providers and agents e.g. for IT systems operation and maintenance or to fulfil business transactions, such as providing customer services, or sending communications. In all these cases, access to unencrypted data is restricted to those who have a need to know. Menarini will not sell or otherwise transfer your personal information to any third parties for their own use.

We also share data with our company’s subsidiaries and affiliates globally, or store that data with them when required to by law or to respond to a legal process, to respond to a complaint or security request.

8. Transfers to other countries

If we transfer your information to other EU countries for reason of data processing or storage, we will protect that information as described in this Privacy Statement. In particular, we will base such data transfers on adequate standards such as data protection clauses approved by the European Commission. We will not transfer your data outside of the UK / EU.

9. Your Rights and how to exercise them

You may, in accordance with applicable data protection law, request the following from Menarini :

  • Right of access: request access to your personal information we process, obtain a copy of such data, and have inaccurate data rectified or completed;
  • Right to rectification: to have your personal information corrected if it is inaccurate/have incomplete personal information completed
  • Right to erasure: to have your personal information erased or its processing restricted (each to the extent that one of the grounds provided for by statutory law applies). We are obliged to retain some of your personal data for regulatory reasons under the EU In Vitro Diagnostics Directive, for ten years from the date that the last product of the type used by you was placed on the market.
  • Right to restriction of processing: to restrict processing of your personal data
  • Right to data portability: to electronically move, copy or transfer your personal information in a standard form
  • Right to object: to object to processing of your personal information
  • Right to withdraw consent
  • Rights relating to automated individual decision making, including profiling. We do not use such processes without your prior consent.

You can exercise your rights by visiting your online account or contacting us at the address above (see section 2). You can adjust your privacy preferences, manage your consents, and amend your data. These choices do not apply to mandatory service communications that are part of certain Menarini services.

If you do not have an account or have difficulties or other enquiries, please approach us or our data protection officer using the above contact details (see section 2 above).

10. Privacy of Children

Our website is directed at an adult audience. We do not knowingly collect any personally identifiable information from anyone we know to be a child without the prior, verifiable consent of his or her legal representative.

11. Updates to Privacy Statement

We keep this Privacy Statement under regular review and we will place any updates on this website in response to changing legal, technical or business developments. When we update this statement, we will take appropriate measures to inform you. When we change any processing that is based on consent, we will ask you for a new consent. We encourage you to periodically review this page for the latest information on our privacy practices.

12. Third Party Resources

This Privacy Statement does not apply to third party sites to which our website may link, where we do not control the content or the privacy practices of such third parties. We will tell you when you follow a link to such a third party site.

Berkshire website design company