Indigo Medical
Privacy Policy

Who we are and what we do
Indigo Medical are an agency who provide our clients with services including documentation review, organising meetings for healthcare professionals, and the development of learning materials for use internally or with the wider healthcare community.

R2R Holdings Limited, trading as Indigo Medical, is registered in England and Wales with the company number 05355332. You can contact us:
By phone: +44 (0)1908 410 383
By email: info@indigomedical.co.uk
In writing: 2nd Floor, Vega House, Eastlake Park, Fox Milne, Milton Keynes MK15 0DF

Why we have a privacy policy
As part of our business it is necessary to collect and process information such as names and contact details (known as personal data). Your personal data are protected by legislation such as the General Data Protection Regulation (GDPR) in the EU and UK Data Protection Act 2018 in the UK.
We take the management of your personal data very seriously and this privacy policy is provided to inform you on how we use the information that you provide us.

Why we need your personal data
We require personal data to conduct our business including the following examples:

  • Setting up and using consultancy contracts between healthcare professionals and ourselves or our clients
  • Organising the attendance at medical meetings such as those that provide healthcare professionals with continuing medical education, or that support the internal training needs of our client’s employees
  • Process job applications
  • Compliance with a law, process or regulatory requirement

The information that we collect and use
This varies depending on the intended use of the information, but we will only collect and process the information that we require to conduct our business. This includes the following examples:

  • Name
  • Email address
  • Postal address
  • Telephone number
  • Job title and place of work
  • Curriculum vitae
  • Bank payment details

Some personal data are legally considered to be sensitive and are subject to additional safeguards. Sensitive data include: race, ethnic origin, genetics, health, sexual orientation, criminal convictions.

We do not normally collect or process such data except in specific circumstances. Examples of health information we require include when we ask for allergy information to ensure that your dietary needs are met at a catered event, or if you have mobility restrictions that impact on your travel and accommodation arrangements.

How information is collected
We may collect data several ways, including by:

  • Email
  • Verbally
  • Event registration forms
  • Transferred to us via our clients or other third parties
  • Hardcopy (e.g. a business card or CV)
  • Publicly available records (e.g. Google, PubMed)
  • Website analytics (e.g. Google, LinkedIn)

How information is shared
Indigo Medical will not sell or rent your personal information with anyone, but we may need to share your information with other third parties to allow us to fulfil our obligations to you. For example, we may share your information with a pharmaceuticals company to allow a contract to be drawn up, or with a logistics provider to arrange your travel to a meeting.

How your information is kept safe
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Your rights
You have specific legal rights around your personal data and how we use it. Please bear in mind that some may not be actionable in specific circumstances. If you would like to discuss or exercise any of these rights, please get in touch with us using the details under the ‘who we are and what we do’ heading above.

Your legal rights under GDPR and Data Protection Act 2018:

To be informed
This Privacy Policy ensures that you are informed about how we will process your personal data.

To access
You have the right to access a copy of your personal data and receive certain information about what the data is and how and why we are processing it. Please note that we will require you to prove your identity before we disclose any information.

To rectification
If you feel that any of the information that we hold about you is incorrect, do let us know so that we can investigate it.

To erasure
You have the right to request that we delete your information and can discuss this with us at any time. You should know that there are some circumstances where we may need to keep your details, for example if it is necessary to comply with a legal obligation. If this situation occurs, then we will explain and discuss these circumstances with you.

To restrict processing
You can request that we restrict processing of your data as an alternative to deleting it – this means that we will keep the data, but stop processing for most purposes.

To data portability
You have the right to request a copy of certain personal data to have it transferred to another organisation.

To object
You can also request that we stop processing your data under specific circumstances.

Where you can find further independent information
In the UK, the website of the Information Commissioner’s Office can provide further information on your rights and our obligations (www.ico.org.uk)

Updates to this policy
We may amend this privacy policy from time to time to reflect changes in the law or our privacy practices. Our website will always have the latest version of the privacy policy available.

Or send us a message…