Privacy Policy

Our privacy policy


Below are details of our privacy policy relating to the use of our website, any associated applications and medical communication services. This Policy has been updated in accordance with the requirements of EU General Data Protection Regulation (GDPR).


MedFirst Ltd is committed to protecting your privacy. The following statements will help explain what information we collect and how we process it.

Information That We Collect

By using our Website, you consent that we may collect and use of any information you provide.

Should our Privacy Policy change, we will update the information on this page so that you are always aware of what information we collect, how we use it and under what circumstances we disclose it.

We processes your personal information to meet our legal, statutory and contractual obligations and to provide you with our services. We will never collect any unnecessary personal data from you and do not process your information in any way, other than already specified in this notice.

The personal data that we collect may include: –

  • Name
  • Address
  • Email Address
  • Telephone Number
  • Your account password
  • Mobile Telephone Number

We collect information in the below ways: –

  • Online forms
  • Enquiries made over the telephone.


How We Use Your Personal Data (Legal Basis for Processing)

MedFirst takes your privacy very seriously and will never disclose, share or sell your data without your consent, unless required to do so by law. We only retain your data for as long as is necessary and for the purposes specified in this notice. The purposes and reasons for processing your personal data are detailed below: –

We collect your personal data in the performance of a contract or to provide a service.

In general, we do not share your data with third parties. However, from time to time, it may be necessary to provide your contact details to third parties in order to meet our contractual obligations. These companies and individuals will have access to the personal information they need to perform these functions, but they may not use it for any other purposes and are required to process the data in accordance with the UK ‘s Data Protection legislation.


Service Providers

We work with carefully selected Service Providers that carry out certain functions on our behalf. These include, for example, medical communication agencies, medical writers, healthcare professionals, companies that help us with technology services, storing and combining data, processing payments, credit checking where necessary. We only share personal data necessary to enable our Service Providers to provide their services.


Third party organisations that provide IT services and applications, administrative functions and support.

We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud-based software, identity management, website hosting and management, data analysis, data back-up, security and storage services. Our cloud storage services are located within the UK/EU.

We employ other companies and individuals to perform functions on our behalf. These functions include editorial and related services, data analysis, processing credit card payments and providing customer services.


Sharing personal data with other organisations

This section explains how and why we share personal data with other organisations.

We may share personal data with other organisations in the following circumstances:

  • if the law or a public authority says we must share the personal data;
  • if we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk).

We collect and store your personal data as part of our legal obligation for business accounting and tax purposes.


Your Rights

You have the right to access any personal information about you and to request information about: –

  • What personal data we hold about you
  • The purposes of the processing
  • The categories of personal data concerned
  • The recipients to whom the personal data has/will be disclosed
  • How long we intend to store your personal data for
  • If we did not collect the data directly from you, information about the source
  • If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to update/correct it as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.

You also have the right to request erasure of your personal data or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use.

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the relevant request; this is to ensure that your data is protected and kept secure.


Sharing and Disclosing Your Personal Information

We do not share or disclose any of your personal information without your consent, other than for the purposes specified in this notice or where there is a legal requirement. Any processors that act on our behalf only process your data in accordance with instructions from us and comply fully with this privacy notice, the data protection laws and any other appropriate confidentiality and security measures.


Safeguarding Measures

MedFirst takes your privacy seriously and we take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place.


How Long We Keep Your Data

MedFirst only ever retains personal information for as long as is necessary and we have strict review and retention policies in place to meet these obligations.




We use technologies like cookies (small files stored by your browser) to anonymously identify your computer or mobile device so we can deliver an improved user experience. Our systems may also log information like your browser, operating system and IP address.

Unless you specifically provide us with your personal information (e.g. when completing our online contact form), we do not collect personally identifiable information about you.


If you have provided us with your personal details, you may request to see what information we have on on you in our files. Please contact us via email with your request.


We do not share personally identifiable information, including name, address, email or phone with any third party without your prior consent.


Unless you request to remove all personal data, we may select to retain certain data indefinitely.

Special circumstances

To operate the service, we may make identifiable as well as anonymous information available to third parties in the following circumstances: (1) with your express consent; (2) when we believe it is required by law; (3) when we have a good reason to believe it is necessary to protect our rights and/or property; or (4) to any successor or purchaser in a merger, acquisition, liquidation, dissolution or sale of assets. Your consent will not be required for disclosure in these cases, but we will attempt to notify you, to the extent permitted by law to do so.

Geographic location

We do not use or collect your precise geographic location through the use of our website and applications.

Ad tracking

We do not allow advertising companies to collect data through our website and/or any service for targeted advertising.

Contact us

If you have any questions related to our privacy policy, please contact us using information provided at the following link:


We take reasonable steps to safeguard your personal details as well as your business, confidential information and intellectual property against unauthorised access or disclosure. However, no security or encryption method can be guaranteed to protect information from hackers or human error. Information we collect may be stored or processed on computers located in any country where we do business.