Privacy information notice
Date: 08/10/24
Wave Healthcare Communications is committed to ensuring the security and protection of the personal information we process.
This Policy explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and what choices you have. It relates to all our business activities, not just this website.
This Policy may change, so please check this page occasionally to ensure that you’re happy with any changes.
Questions regarding this Policy and our privacy practices should be sent our Data Protection Officer, Roderick Ball by email to rod@wavehealthcare.co.uk
1. Who are we?
Wave Healthcare Communications is an independent medical communications company providing services to global pharmaceutical companies.
Registration details as follows:
Registered in England No. 04159862
Registered office: Cornerstones, 52-54 Aylesbury End, Beaconsfield, England, HP9 1LW
Full contact details can be found on our website contact page.
2. Why and how we collect information from you?
By law Wave Healthcare Communications must ensure valid grounds for processing your personal information. Those most relevant to us are:
a) Legitimate interests
These may include, but not limited to processing your information to:
- Work with you to deliver medical communication programmes on behalf of our clients and the clients require us to maintain records regarding your participation
- Follow best practice as advised by government and regulatory bodies, including reporting of honoraria, expenses and other benefits received on behalf of our clients
- Manage and audit of our business operations
- Monitor and keeping records of communications with you and our staff
- Comply with our legal obligations
b) Contract
This is where processing the information is needed to work with you to deliver medical communication programmes or other services agreed between you and Wave Healthcare Communications
c) Consent
This is where processing the information applies to, but not limited to:
- Research that Wave Healthcare Communications performs for its own purposes or on behalf of its clients
- Submission of personal data when registering on websites hosted by Wave Healthcare Communications or its suppliers
We obtain information about you when you contact us to enquire about our services, our programmes (delivered on behalf of our clients) or employment opportunities.
We may also obtain information about you from its clients on whose behalf its performing services, and form public sources e.g. journals, hospital department websites and other public websites.
3. What information do we collect and how it is used?
The personal data collected will depend upon the nature of your interaction with Wave Healthcare Communications, and may include but is not limited to the following:
- Your contact details e.g. title, name, postal address, email address, mobile/landline telephone number
- Date of birth, age, gender
- Nationality
- Bank account details
- Next of kin details
- A record of communications with you e.g. emails, telephone, WebExes
- Your participation in, or provision of services executed for Wave Healthcare Communications or its clients
- Remuneration e.g. honoraria and expenses in relation to participation in or contribution to programmes or services
- Information about your academic background and clinical practice
Sensitive data
We do not gather sensitive personal data (e.g. health, genetic, biometric data; racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, and criminal convictions). We ask that you do not provide any such sensitive data to us.
Children’s information
Our services are not directed to children under 13. If you learn that a child under 13 has provided us with personal information without consent, please contact us.
Third parties
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
We may pass your information to third party service providers who we have engaged for the purpose of completing tasks and providing services to you on our behalf. We disclose only the personal information that is necessary to deliver the service.
Wave Healthcare Communications may share information with the following third parties for the purposes listed above:
- Clients of Wave Healthcare Communications
- Suppliers and agents, such as travel agents
- Agents and companies involved in staffing and recruitment
- Regulatory organisations specific to the healthcare industry, including and not limited to the Association of the British Pharmaceutical Industry (ABPI), the European Federation of Pharmaceutical Industries and Associations (EFPIA) and its other organisations
- Government and regulatory bodies
- Other organisations that provide services to Wave Healthcare Communications, such as IT service providers and suppliers of other back-office functions
Uses of your personal data
We collect the above types of personal data for the following purposes, which include, but are not limited to:
- Enabling you to take part in medical communication programmes executed either as Wave Healthcare Communications or on behalf of its clients
- Booking travel and providing other logistical support on your behalf when participating in, or providing services related to, medical communication programmes
- Understanding how best to engage with you in the development, execution and follow up of medical communication programmes
- Monitoring and keeping records of communications between you and Wave Healthcare Communications staff
- Provision of insight and analysis of medical experts both for Wave Healthcare Communications and for the benefit of its third‐party clients whom it supports to deliver medical communication programmes
- Sharing of information, as needed, with business partners such as clients and travel agents
- Contacting next of kin in the event of an emergency
- Compliance to requirements stated in contracts between Wave Healthcare Communications and its clients
- Exercising or fulfilling the legal rights and responsibilities of Wave Healthcare Communications
- Adherence to rules, guidance and best‐practice guidelines issued by governmental and regulatory bodies
Retention of personal data
Wave Healthcare Communications will not retain your personal data for longer than necessary i.e. once it is no longer required. The longest any individual’s data is likely to be held is for 7 years after completion of an activity.
4. Controlling your information
You have certain rights concerning the information we hold about you, as defined under the General Data Protection Regulation, so long as these are not overridden by Wave Healthcare Communications legal obligation. If you wish to exercise these rights, please contact us, including your email address in the first instance (this is the unique identifier we use to identify and collate personal information).
Requesting a copy of your information
You may request a copy of any data we hold about you and how it is/will be used. Upon request, we will provide files (which you may open in a programme such as Microsoft Office or Adobe PDF format) containing the personal data we hold on record about you within 30 day once satisfied you have the rights to view the requested records.
Updating or correcting your information
The accuracy of your information is important to us. If you change email address, or any of the other information we hold is inaccurate or out of date, please contact us so we may correct our records.
Deleting your information
You have the right to request erasure of your personal information. Unless there is a compelling reason for the data not to be erased (for example, if we need to use that data to fulfil our contractual or legal obligations), your personal data will be deleted on request.
Automated decision making
We do not use any personal information for automated decision making or profiling; your data are not subject to automated decision making or profiling.
5. Use of ‘cookies’
We may collect information about your computer, including your IP address, operating system and browser type, for system administration and in order to create reports. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
The only cookies in use on our site are for Google Analytics. Google Analytics is a web analytics tool that helps website owners understand how visitors engage with their website. Google Analytics customers can view a variety of reports about how visitors interact with their website so that they can improve it.
Like many services, Google Analytics uses first-party cookies to track visitor interactions, as in our case, where they are used to collect information about how visitors use our site. We then use the information to compile reports and to help us improve our site.
Cookies contain information that is transferred to your computer’s hard drive. These cookies are used to store information, such as the time that the current visit occurred, whether the visitor has been to the site before and what site referred the visitor to the web page.
Google Analytics collects information anonymously. It reports website trends without identifying individual visitors.
6. Security
Wave Healthcare Communications takes security seriously. In order to protect your information from loss, misuse or unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. These steps include the following:
- Data minimisation
- Password best practice
- Security best practice concerning devices (PCs, laptops, mobile devices), online accounts, website hosting, physical access and storage
- Up to date virus protection software
- Staff training and accountability on data protection
7. Data Breaches
Our Data Security Policy includes a clear process for handling a personal data breach, should one occur. Where appropriate, Wave Healthcare Communications will promptly notify you of any unauthorized access to your personal information.
8. Complaints
If you wish to raise a complaint on how we have handled your personal information, you can contact us directly and we will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal information not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).