top of page
final logo.png

1. Introduction

This GDPR Policy outlines the procedures and guidelines that The Medic Life LTD follows to ensure compliance with the General Data Protection Regulation (GDPR). GDPR is a comprehensive European Union (EU) data protection law that governs the processing of personal data of individuals within the EU and European Economic Area (EEA). This policy applies to all employees, contractors, and third parties who handle personal data on behalf of The Medic Life LTD.

 

2. Scope

This policy applies to all personal data collected, processed, stored, or transmitted by The Medic Life LTD, regardless of the format or medium.

 

3. Principles

The Medic Life ltd adheres to the following principles concerning the processing of personal data:

  • Lawfulness, fairness, and transparency

  • Purpose limitation

  • Data minimization

  • Accuracy

  • Storage limitation

  • Integrity and confidentiality

  • Accountability

 

4. Data Collection and Processing

  • Only collect personal data that is necessary for specified and legitimate purposes.

  • Obtain explicit consent from individuals before processing their personal data, unless an alternative legal basis applies.

  • Clearly communicate the purposes for which personal data is collected and processed.

  • Regularly review and update personal data to ensure accuracy and relevance.

  • Implement appropriate security measures to protect personal data from unauthorized access, disclosure, alteration, or destruction.

 

5. Data Subject Rights

  • Respect individuals' rights regarding their personal data, including the right to access, rectify, erase, restrict processing, and data portability.

  • Provide mechanisms for individuals to exercise their rights and respond to requests in a timely manner.

  • Ensure that individuals can withdraw consent to data processing at any time, where applicable.

 

6. Data Security

  • Implement technical and organizational measures to ensure the security of personal data.

  • Conduct regular risk assessments and address any vulnerabilities promptly.

  • Train employees and contractors on data protection best practices and security protocols.

  • Encrypt personal data during transmission and storage where appropriate.

  • Maintain an incident response plan to address data breaches and notify relevant authorities and individuals as required by law.

 

7. Data Transfers

  • Ensure that any transfers of personal data outside the EU/EEA comply with GDPR requirements, including the use of appropriate safeguards such as standard contractual clauses or binding corporate rules.

 

8. Third-Party Processing

  • Only engage third-party processors who provide sufficient guarantees of GDPR compliance.

  • Enter into written agreements with third-party processors that outline their responsibilities and obligations regarding data protection.

  • Monitor third-party processors' compliance with GDPR requirements and take corrective action where necessary.

 

9. Data Retention

  • Retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law.

  • Regularly review and delete unnecessary or outdated personal data.

 

10. Compliance Monitoring and Enforcement

  • Designate a Data Protection Officer (DPO) responsible for overseeing GDPR compliance and serving as a point of contact for data protection authorities and individuals.

  • Take appropriate disciplinary action against employees or contractors who violate GDPR policies and procedures.

 

11. Policy Review and Updates

  • Regularly review and update this GDPR Policy to reflect changes in applicable laws, regulations, and business practices.

  • Communicate any updates to employees, contractors, and third parties as necessary.

 

12. Conclusion

The Medic Life LTD is committed to protecting the privacy and security of personal data in accordance with GDPR requirements. All employees, contractors, and third parties are expected to comply with this policy and take responsibility for safeguarding personal data in their possession.

By using our website or services, you consent to the collection, use, and disclosure of your information as described in this GDPR Policy.

General Data Protection Regulation Policy
bottom of page