What information do we collect?
You may visit our site anonymously although cookies are used to identify your session.
2.1. Contact form data
If you choose to use the enquiry form on our website, basic contact details are collected such as the email and name of the contact person
2.2. Account data
When you register for a comment and/or leave amessage, we collect and store your e-mail address.
. What do we use your information for?
Any of the information we collect may be used for one or more of the following purposes:
- To answer your inquiry;
- To contact you regarding our services;
- To identify you as a contracting party;
- To enable Medialis to issue valid invoices and to process transactions;
- To enable secure login for you in the Service;
- To enable automated subscription handling;
- To provide you with automatically generated information on the End User clicks on the Pop-up buttons.
4. Legal basis
4.1. EU General Data Protection Regulation (GDPR)
The processing of your data is either based on your consent or in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract, cf. GDPR art. 6(1)(a)-(b).
If you are a resident of the EEA, you have the following data protection rights:
- If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by emailing [email protected]
- In addition, you can object to the processing of your personal information, ask us to restrict the processing of your personal information, or request portability of your personal information. Again, you can exercise these rights by emailing [email protected]
- Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
4.2. Children’s Online Privacy Protection Act Compliance
Medialis is in compliance with the requirements of GDPR 2018. We will not intentionally collect any information from anyone under 13 years of age. Our website and services are directed at people who are at least 13 years old or older.
5. How do we protect your information?
Medialis does not store any personal identifiable information about you online or using cloud storage unless those organizations comply with GDPR. DigitalOcean, LLC and Amazon Web Services, Inc. are two such organizations.
All data is protected by password access. We do not request or keep financial information such as your bank account details. All personnel and subcontractors are required to sign a confidentiality agreement if full confidentiality is not part of the main agreement between the parties.
Medialis will keep you informed about changes to the processes to protect data privacy and security, including practices and policies. You may at any time request information on where and how data is stored, secured and used.
Medialis uses different internal and external monitoring tools to ensure high system performance and availability.
5.4. Personal Data breach notification
In the event that your data is compromised, Medialis will notify you and the ICO within 72 hours by email with information about the extent of the breach, affected data, any impact on the Service and our action plan for measures to secure the data and limit any possible detrimental effect on the data subjects.
“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of the service.
Medialis may place a “cookie” in the browser files of your computer. This cookie does not collect information that personally identifies you as an individual (other than your Internet protocol address) but merely allows us to recognize your repeated visits to medialis.co.uk. We use our cookie collected information to make your visit more enjoyable. Cookies are also used to remember your session and keep you logged into your account. If you want to disable cookies, there is a simple procedure in most Internet browsers that allows you to turn off or delete cookies, but please remember that cookies may be required to allow you to use certain features of Medialis.
6.1. Measuring Website Usage
Google Analytics is in use to collect information about how visitors use this site. This provides us with important information that can enable the site to work better. We do not link this information to your name or address.
7. Do we disclose any information to outside parties?
Medialis does not sell, trade or otherwise transfer to outside parties any personally identifiable information.
This does not include trusted third parties or subcontractors who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.
7.2. Legally required disclosure
Medialis will not disclose the customer’s data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from Medialis, we strive to limit the disclosure. Medialis will only release specific data mandated by the relevant legal demand.
If compelled to disclose your data, Medialis will promptly notify you and provide a copy of the demand unless legally prohibited from doing so.
8. Third party services
You may access other third-party services through the Services, for example by clicking on links to those third-party services from within the Services. We are not responsible for the privacy policies and/or practices of these third-party services, and we encourage you to carefully review their privacy policies.
9. Where do we store the information?
No stored data will be transferred, backed up and/or recovered by Medialis outside of the European Union. Medialis also requires its subcontractors and subprocessors to either store data in the European Union, or to adhere to the EU-US Privacy Shield.
9.1. Personal data location
All data and databases are stored on Medialis sharepoint. Databases and files are continuously backed up to enable restore to any point in time within a retention period of 30 days. Backups are stored on file storage at the same geographical location as the database.
10. Data access
If you are a registered user, you may access information associated with your Account by logging into our Services.
You may at any time obtain confirmation from Medialis as to whether or not personal data concerning you is being processed.
11. Request for rectification, restriction or erasure of the personal data
You may at any time obtain rectification of inaccurate personal data about you.
11.2. Restriction of processing personal data
You may at any time request Medialis to restrict the processing of personal data when one of the following applies:
- if you contest the accuracy of the personal data, for a period enabling Medialis to verify the accuracy of the personal data;
- if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; or
- if Medialis no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims.
You may without undue delay request the erasure of personal data concerning you, and Medialis shall erase the personal data without undue delay when one of the following applies:
- if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- if you withdraw your consent on which the processing is based, and where there is no other legal ground for the processing;
- if the personal data have been unlawfully processed; or
- if the personal data have to be erased for compliance with a legal obligation in EU or national law.
You can also remove your account data yourself on Account Page. If you have any Membership data associated with your account, it will not be removed automatically when deleting Account data by you.
12. Data retention
12.1. Data retention policy
Membership data will due to tax regulations be retained for up to five seven fiscal years from the cancellation of your Service account.
End User Data and Account data will be erased immediately when you cancel the Service account.
12.2. Data retention for compliance with legal requirements
You cannot require Medialis to change any of the default retention periods, except for the reasons linked to compliance with specific laws and regulations.
13. Your consent
You may at any time lodge a complaint with a supervisory authority regarding Medialis’s collection and processing of your personal data with State Data Protection Inspectorate https://www.ada.lt