Fleming Medical Privacy Notice

1. Who We Are

Fleming Medical is the data controller responsible for the personal data collected through this website and in the course of our business activities.

If you have any questions about this notice or how we use your data, you can contact our Data Protection Officer.


2. Scope of This Notice

This privacy notice applies to personal data collected from:

  • Website visitors
  • Customers
  • Patients or end users of our products and services
  • Business partners and suppliers
  • Individuals who contact us or complete forms on our website

It applies to personal data collected online, in writing, or through other communication channels.


3. Personal Data We Collect

We may collect and process the following types of personal data:

  • Identity data (name, company name)
  • Contact data (email address, phone number, address)
  • Transaction data (orders, enquiries, service requests)
  • Technical data (IP address, browser type, device information)
  • Marketing and communication preferences
  • Any information you voluntarily provide via forms or correspondence

We do not intentionally collect special category data unless strictly required and legally permitted.


4. How We Use Your Data

We use personal data for the following purposes:

  • To respond to enquiries and provide customer support
  • To supply products and services
  • To manage business relationships
  • To process transactions and orders
  • To maintain and improve our website and services
  • To comply with legal and regulatory obligations
  • To send marketing communications (where you have opted in)

5. Lawful Basis for Processing

We process personal data under one or more of the following lawful bases under GDPR:

  • Contract - where processing is necessary to provide goods or services
  • Legal obligation - where required to comply with applicable law
  • Legitimate interests - for business operations such as service improvement, internal administration, and limited marketing to existing customers where permitted
  • Consent - where you have explicitly opted in, particularly for marketing communications

Where consent is used, it may be withdrawn at any time.


6. Marketing Communications

We will only send marketing communications where you have provided explicit opt-in consent, for example by selecting a checkbox on a website form or similar affirmative action.

Marketing may include product updates, promotional content, and relevant company news.

You may withdraw consent at any time by:

  • Clicking the unsubscribe link in emails
  • Contacting us directly

Withdrawal of consent does not affect processing already carried out.

We do not treat form submission alone as consent for marketing.


7. Sharing Your Data (Third Parties)

We may share personal data with trusted third-party service providers where necessary to operate our business, including:

  • IT and hosting providers
  • CRM and marketing systems
  • Logistics and delivery partners
  • Professional advisors (legal, accounting, compliance)
  • Internal departments acting as data processors (including marketing and HR functions)

All third parties are required to process data securely and in compliance with GDPR.

We do not sell personal data.


8. International Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent legal mechanisms.


9. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

Retention periods vary depending on the nature of the data and purpose of processing.


10. Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data>
  • Request deletion of your data (where applicable)
  • Restrict or object to processing
  • Data portability (in certain cases)
  • Withdraw consent at any time (where processing is based on consent)

You also have the right to lodge a complaint with the Irish Data Protection Commission.


11. Cookies and Website Tracking

Our website may use cookies and similar technologies to:

  • Ensure site functionality
  • Analyse website traffic and usage
  • Improve user experience

Where required, we will request consent before placing non-essential cookies.

A separate cookie policy may provide further detail.


12. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction.


13. Subject Access Requests

You may request access to your personal data by contacting us. Requests will be handled in accordance with GDPR timeframes and requirements.


14. Changes to This Notice

We may update this privacy notice from time to time. Any changes will be posted on this page with an updated revision date.


15. Contact Details

If you have any questions about this privacy notice or your data, please contact us