This notice explains what personal data (information) we will hold about you, how we collect it, and how we will use and may share information about you during your membership with MDS. We are required to notify you of this information, under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you.
Medical Defence Shield Limited trading as Medical Defence Shield (MDS) (‘Company’) is a ‘data controller’ and gathers and uses certain information about you.
We will comply with the data protection principles when gathering and using personal information.
We may collect the following information up to and including the commencement of your membership with MDS:
• Your name and contact details (i.e. address, home and mobile phone numbers, email address);
• Your nationality and immigration status
• Details of your qualifications and previous academic history, experience, employment history (including job titles, salary, working hours, details of any conduct, grievance or performance issues, appraisals, time and attendance), information and history from educational providers, and interests;
• Your racial or ethnic origin, sex and sexual orientation, religious or similar beliefs;
• Financial information
• Information regarding your criminal record;
• Information regarding your regulatory history; (including GMC investigations, IOT proceedings, MPT proceedings and regulatory proceedings connected to any other regulator inside and outside of the UK)
We may collect the following information once you are a member of MDS:
• Information regarding your criminal record, in criminal records certificates (CRCs) and enhanced criminal records certificates (ECRCs)
• Your nationality and immigration status and information from related documents, such as your passport or other identification and immigration information
How we collect the information
We may collect this information from you, your employer, your regulatory body, your education provider, and a relevant professional body.
Why we collect the information and how we use it
We will typically collect and use this information for the following purposes:
• To process your membership with MDS
• To keep in touch with you in relation to your MDS membership
• To offer you the benefits of your MDS membership
• For the purposes of providing advice and support to you pursuant to your membership
• To provide letters of good standing to other defence organisations and regulators
• For the purposes of our legitimate interests, but only if these are not overridden by your interests, rights or freedoms.
We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it.
How we may share the information
We may also need to share some of the above categories of personal information with other parties, such as MDS professional advisers, MDS business and organisational support, any third party instructed on your behalf, your employer, your education provider, and your regulatory body. Usually, information will be anonymised, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information with our regulators or as required to comply with the law.
Sensitive personal information and criminal records information
Further details on how we handle sensitive personal information and information relating to criminal convictions and offences are set out in our policy, available from the MDS membership team.
Information may be held at our offices, and third-party agencies, service providers, representatives and agents as described above.
We keep the personal information that we obtain about you during the membership application process for no longer than is necessary for the purposes for which it is processed. How long we keep your information will depend on whether your application is successful, the nature of the information concerned and the purposes for which it is processed.
We will keep membership information for no longer than is reasonable, considering the limitation periods for potential claims such as discrimination (as extended to take account of early conciliation), after which they will be destroyed. If there is a clear business reason for keeping membership records for longer than the membership application period, we may do so but will first consider whether the records can be pseudonymised, and the longer period for which they will be kept.
If your application is successful, we will keep only the membership information that is necessary in relation to your membership for the duration of your membership.
If you seek advice from the advice and legal team at MDS, we will be required to retain your records for a period of 6 years.
Further details on our approach to information retention and destruction are available from the MDS membership team.
Please contact our Data Protection Officer (DPO), who can be contacted via email at firstname.lastname@example.org and on 03003032442 if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask our Data Protection Officer for some but not all the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our Data Protection Officer will provide you with further information about the right to be forgotten, if you ask for it.
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We hope that our Data Protection Officer can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at https://ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.
What information do we gather?
Information on mdsuk.org is gathered in two ways: (1) indirectly (for example, through our site’s technology); and (2) directly (for example, if you fill in a form online). One example of information we collect indirectly is through our internet access logs. When you access mdsuk.org, Your Internet address is automatically collected and is placed in our internet access logs.
Cookies are small files which save and retrieve information about your visit to mdsuk.org – for example, how you entered our site, how you navigated through the site, and what information was of interest to you. The cookies we use identify you merely as a number. (If you are uncomfortable regarding cookies use, please keep in mind that you can disable cookies on your computer by changing the settings in the preferences or options menu in your browser.)
We use Google Analytics cookies (_ga, _gat and _gali) to collect information about how visitors use our site to allow us to improve it, a Cookie Preference cookie (viewed_cookie_policy) to remember a user’s choice about cookies on mdsuk.org and store that preference, and a number of session cookies which are required to enable you to navigate the site properly and remember previous actions (e.g. text entered during that session).
How do we use this information?
We analyse it to determine what is most effective about our site, to help us identify ways to improve it, and eventually, to determine how we can tailor mdsuk.org to make it more effective. We may also use data for other purposes, which we would describe to you at the point we collect the information.
Will we share this with outside parties?
We will not sell individual information. It is completely up to you whether or not you want to provide information, however if using our online forms we do have mandatory fields that we ask you to complete in order to gather enough information to begin processing your application.