View legal

GDPR

Last updated: November 15, 2023

The Medical Wellness Association (MWA) is committed to ensuring the privacy and protection of personal data collected through its website in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Collection and Processing:

1.1. Purpose of Data Collection:

MWA collects and processes personal data for the following purposes:

  • Contact forms collect full names, roles, companies, emails, and phone numbers.

1.2. Lawful Basis:

Personal data is processed based on one or more lawful bases as defined by the GDPR, such as consent, contractual necessity, legal obligations, vital interests, or legitimate interests pursued by MWA or a third party.

2. Information Collected:

2.1. Types of Data:

MWA may collect the following types of personal data:

  • Full name
  • Contact Information
  • Demographic Information

2.2. Sensitive Data:

MWA does not knowingly collect or process sensitive personal data unless required for a specific purpose and with explicit consent.

3. Data Security:

MWA employs technical and organizational measures to ensure the security of personal data. This includes encryption, access controls, regular security assessments, and employee training on data protection best practices.

4. Data Retention:

Personal data is retained for the minimum period necessary for the purposes for which it was collected, as outlined in MWA’s data retention policy.

5. Data Subject Rights:

Data subjects have the following rights regarding their personal data:

  • Right to access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object

Requests to exercise these rights can be submitted to [insert contact details].

6. Third-Party Processors:

MWA may engage third-party processors to assist in the collection and processing of personal data. All third-party processors are carefully selected, and data processing agreements are in place to ensure compliance with GDPR requirements.

7. Data Breach Notification:

In the event of a data breach that is likely to result in a risk to the rights and freedoms of individuals, MWA will promptly notify the relevant supervisory authority and affected data subjects in accordance with GDPR requirements.

8. Review and Revision:

This policy will be reviewed periodically to ensure its effectiveness and compliance with evolving data protection laws. Any necessary revisions will be made to address changes in legislation, technology, or organizational structure.