Means a small text file placed on your computer or device by Our software when you visit certain websites and/or when you use certain
Means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. This includes
such things as name, gender, age, address, email, DoB, profession, job title, financial, demographic, preferences and opinions.
Means CoAcS Ltd - A limited company registered in England under company number 2705402 whose registered address is Kimbolton House,
2 Mount Beacon, Lansdown, Bath UK, BA1 5QP
CoAcS hosts a number of accessible and public facing websites
that can be broadly categorised as:
Websites providing general product and marketing information
Subscription services - websites providing access to information and data that is paid for under an annual / renewable subscription.
All websites described below are hosted by, and data stored at, MDS Technologies in Corsham, UK. All servers and back up devices are stored
within the EU. We can provided information about their services if required.
Our Data Protection Officer is Richard Backhouse, and he can be contacted by email at firstname.lastname@example.org
or by telephone on 01225 312992
We also have internal administrative records - in the form of spreadsheets and databases, containing customer names and contact details -
for the express purpose of doing business with our customers.
1. General Information
The websites that provide general information do not require or capture any form of information or identification from the user. These include:
Since We do not store any log in information or any other data about users in these websites, We can be unequivocal in Our assertion that We:
2. Subscription services
will not record any Personal Data
will not share any personal data with any third parties
Websites that provide username and password access to subscribed (paid for) data collections include:
www.midatabank.com/mical/ (a.k.a. MiCAL)
www.midatabank.org/MiViewer/ (a.k.a the 'Sharer')
In the above cases, it should noted that the actual content / records stored in the MiDatabank application (not the website), the Sharer and CtDatabank is provided by the users themselves - and not Us.
Furthermore, there is no direct individual ‘opt-in’ or ‘opt-out’ facility – usernames and passwords are set up and assigned to users by the customer.
The collegeofpharmacy.com website can be browsed anonymously but individual access to key areas does require additional information to be entered. The website registration form stores a User name and Password; Title, First name, Last name, email; Country of graduation, Year of graduation and Category.
None of this data will be collected without the user’s knowledge and implied permission.
CollegeOfPharmacy CAL packages:
Access to the CAL packages in the CollegeOfPharmacy website is usually provided via a School of Pharmacy. This only requires an email address to be provided to Us for a mass data upload - i.e. containing less information that described above.
Some of the subscribed CAL packages have an Assessment area (featuring multiple choice questions - MCQs) and the scores for individuals are recorded. These scores are not seen by any other people.
MiCAL is an online training package that accompanies the MiDatabank package. MiCAL is available via an annual subscription – each year the software is updated and the old data removed. We will only store an Organisation name, user email and Password.
We store login information about three levels of users – the Organisational Lead, one or more Assessor and many Users. Apart from the Organisation Lead – whose access We set up - the other users, roles and access level are determined by and provided by the Organisational Lead (and/or the Assessors).
Each User is required to take Assessments (MCQs) at Level 1 and Level 2 to test their knowledge. These scores and the answers to each question are stored and may be viewed by Assessors. An Assessor may see a User’s scores.
The Sharer uploads non Patient Identifiable Data (PID) from a customer’s local SQL server to a central website hosted by Us via MDS. This data may be shared, at an individual level, with other participating Organisations. It should not, by design, contain any PID and therefore should not be the subject of any GDPR attention.
A separate IG document is available for the Sharer.
Links from our website
Our websites may, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies even if you access them using links from our website. Please check these policies before you submit any Personal Data to these websites.
Use of credit card details
We do not store any credit card details and do not currently provide any form of online e-commerce. Payments – usually relating to an invoice - are submitted to us directly via BACS but occasionally a credit card may be offered. Any information used to process such a payment is written down by Us and then destroyed. No payment or personal information is ever stored by CoAcS and is therefore not used for any other purpose than facilitating immediate payment.
We will never:
ask you to take part in surveys unless they are related specifically related to the use of our software for the benefit of users
share any data with a third party provider
send out occasional newsletters to licenced software users - as part of our contract with you - unless instructed not to
be happy to comply with any GDPR issues arising
As a data subject, you have the following rights under the GDPR, which this statement has been designed to uphold:
The right to be informed about Our collection and use of Personal Data;
The right of access to the Personal Data we hold about you;
The right to rectification if any Personal Data we hold about you is inaccurate or incomplete;
The right to be forgotten – i.e. the right to ask Us to delete any personal data We hold about you. NB: This may NOT apply to some
information (e.g. stored in the MiDatabank application) that is recorded by users locally from/about other professional people i.e.
The right to restrict (i.e. prevent) the processing of your Personal Data;
The right to data portability (obtaining a copy of your Personal Data to re-use with another service or organisation);
The right to object to Us using your Personal Data for particular purposes;
In the unlikely event you have any cause for complaint about Our use of your Personal Data, please contact Us directly and We will do Our best to solve the problem for you. If We are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.
For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.
Access to your information
You may request access to information held about you. This is normally a free service, unless this process proves to be unduly difficult and takes more time when a fee may be payable to cover the administration costs.
This policy will be reviewed and updated in line with any changes in the relevant legislation and technology in use. Any notices of related changes may be placed on other related / prominent pages on our website(s). Your continued use of our website will signify that you agree to any such changes.
If you have any questions, comments or concerns about this Policy, then please email or write to Us.
What happens if Our business changes ownership?
In the event that any of your data is to be transferred in such a manner, you will be contacted in advance and informed of the changes. When contacted you will not, however, be given the choice to have your data deleted or withheld from the new owner or controller.