Privacy policy

MER-EUROPE B.V. (MER)

PRIVACY POLICY

Introduction
We, Medical Engineering Resources, Europe (MER) store personal data from our followers and other interested parties, which, under the General Data Protection Regulation (GDPR) makes us a Data Controller. This Privacy Policy tells you about the data we keep and how we protect it. We recommend that you read this Policy carefully and contact us should you have any questions or concerns. Our contact details are:

Address:
MER-Europe B.V.
Tussenklappen WZ 21
9649 EC Muntendam
The Netherlands

Email: info@mer-europe.com

Telephone +31 (0)598 634 420


Type of information we collect and how we collect it

The type of personal information we collect:
• Name, company address, work email address, work phone numbers (direct landline and/or  mobile).
• In a very few cases we collect home addresses of followers who have asked us to do so (for example, followers who have retired).

We do not hold personal financial information. 

We collect your information if you become an MER follower, if you register for an MER event, if you provide your details for follow up after a ‘live’ event (e.g. a tradeshow), if you register to receive the e-newsletter, if you fill in a contact or consent form, or if you provide a clear affirmative action that we can store your data.

Using your personal data: the legal basis and purpose
The legal basis for holding your information is highlighted in red.

MER followers:
• To perform our contract with you.
• Where we have your consent to contact you. You may withdraw this consent at any time.
• For our own legitimate interests, and where we believe our communications are also in your business interests. For example, if you attend, or have attended, one of our events in the past, we will store your personal data to inform you of events coming up in the future. Any marketing information will be strictly limited to MER business. 

Sharing personal data
In general, we treat all personal data as confidential and do not share it with any third party.
There is one exception:
• We occasionally receive enquiries from interested third parties who are seeking assistance to complete a job, or find a solution to a problem, in relation to our industry. We supply the business contact details of MER followers who might be able to help and potentially gain business. 

Storing and securing personal data
Your personal information is securely stored in a number of ways:
• Online marketing platform. The service provider is GDPR compliant. Storage servers are located in the USA. The company complies with the EU-US Privacy Shield Framework. Access to the platform is secured by username and password.
• MER website and databases. These are held locally on professional servers in a secure and climate controlled office in The Netherlands, security-alarmed property.

In the event of a data breach to MER website, our procedure is as follows:
• Contact our website development agency as soon as a breach is identified. The agency will act accordingly to secure the database and rectify the breach.
• Alert those who may be affected by a breach as soon as possible. 

How long will we keep your personal data for?
The following criteria are used to determine how long we store your data.
• We will store your data for as long as you engage with MER (e.g. attend events, open/ respond to communications) plus a cooling-off period of 6 months. When the time periods above have expired, your data will be moved to a Suppression List. This is a list of those who:
• Did not give positive consent to be contacted by any means in the lead-up to GDPR, and those who actively withheld consent.
• Those identified above as having ceased to engage with MER over the given time period. The Suppression List will contain minimal information to ensure that we continue to comply with personal data preferences. You have the right to erasure (the right to be forgotten) and can ask to be removed from our data bases and Suppression List verbally or in writing. See the section on ‘Your rights in relation to personal data’ below. 

Your rights in relation to personal data
Under GDPR you have certain rights regarding your information. These are:
• To request access to your information.
• To ask us to update, complete or correct your data.
• To object to processing of your personal data, ask us to erase your information, or to restrict its use.
• To move, copy or transfer your personal data.
• To complain to the Information Commissioner’s Office (ICO) at ico.org.uk 

Contact us
Please use the contact details at the beginning of this policy document.