Privacy Policy – IT Systems and Data

Examinex Limited (‘Examinex’ / ‘the Company’) are committed to your privacy and to providing services in a safe and confidential manner. In doing so, the Company complies with UK Data Protection Regulations regarding the usage of personal information.

This Privacy Policy summarises how the Company obtains, uses, stores and discloses your personal information.

As a client of Examinex, you can be assured that all personal and sensitive information you provide to the Company will be respected and kept secure in accordance with UK Data Protection regulations.

By engaging with the Examinex you acknowledge your acceptance of this Privacy Policy.

Information Examinex collects and holds

From time to time, Examinex will collect certain personal information. This information is necessary for or related to the Company’s business and the provision of our services. The kind of information we collect will depend on your relationship with Examinex (for example as an examinee, client, business partner, or employee). Generally, the only personal information Examinex collect about you is that which you choose to tell us about or which you authorise us to obtain.

Data retention period

  • Medical Reports data gathered/held on the Examinex portal is retained for 12 years after the last update and is then deleted.
  • Personal Information is retained for 6 years and is deleted in year 7.

Data deletion /erasure

Data subjects have the right to have their data deleted or erased but this may affect our ability to provide services.  Requests to delete, correct or erase data should be made to the Data Protection Officer by email or in writing to the address below (How to contact Examinex).

Further information regarding data subjects’ rights in this regard are available on the Information Commissioners website (ico.org.uk).

The type of information Examinex collect may include:

  • Examinees: your name, gender, address, email addresses, telephone number, demographic data (non-sensitive information only), health and/or disability information (including history), medical claims history. *
  • Clients (referring party or examinees engaging services in their own right): your name, address, email address, telephone number, billing information (if purchasing products) history.
  • Consultants/Medical Examiners: your name, gender, address, telephone numbers, email address, employment history, billing information, professional associations, qualifications, accreditations, professional registration information, professional indemnity insurance details, provider number, health and/or disability information (including history), emergency contact details.
  • Other (including employees/potential employees): your name, address, email address, telephone number, employment history, medical history and billing information.

 * Examinees includes persons being considered for employment by a client who engages Examinex to carry out pre-employment checks.

 How Examinex collects and holds your personal information

Where possible, Examinex will collect your personal information directly from you, but information may also be collected via:

  • Health records provided to us (including as part of psychological or medical assessments (examinees only).
  • Inquiries that we might make of your employer or treating practitioners (examinees only).
  • Other pre-employment checks (employees and examinees only).
  • Insurers, employers, and other parties who may have introduced you to Examinex.

Personal and sensitive information may be collected from you when you provide it to Examinex directly.

Examinex has established appropriate physical, electronic and managerial procedures to safeguard any information that we collect. This helps prevent unauthorised access, maintains data accuracy, and ensures that the information is used correctly.

All data is securely stored in the UK and is encrypted in transit and at rest. All data stored within the Company’s systems is designed to only be able to be accessed by authorised staff members and the hosting facility. All company data is stored and processed in the UK.

The purpose for which Examinex collects, holds, uses, and discloses personal information

Examinex collects personal information that we consider relevant, as outlined in your written consent, for the purpose of providing our services. Sensitive information, in most cases, can only be disclosed with your written consent. Any personal information collected about an individual will not be used or disclosed for the purposes of direct marketing unless the individual has given us consent to do so. Any personal information provided to Examinex will not be disclosed to any overseas individuals or bodies unless the individual has given us consent to do so.

Some of the ways Examinex uses personal information include to:

  • Communicate with you and others as part of Examinex business.
  • Enable Examinex to provide a service.
  • relating to the Services.
  • Prevent, detect, and investigate crime, including fraud and money laundering, and analyse and manage other commercial risks.
  • Verify information given to Examinex.
  • Carry out market research and analysis using anonymised data, including satisfaction surveys.
  • Manage Examinex infrastructure and business operations and comply with internal policies and procedures, including those relating to auditing, accounting, billing and collections, IT systems data and website hosting, business continuity and records and documents.
  • Resolve complaints, and handle requests for data access or correction.
  • Comply with applicable UK Laws and regulatory obligations (including relevant laws and regulations outside your country of residence), such as those relating to anti-money laundering, sanctions, and anti-terrorism.
  • Comply with UK legal process and respond to requests from public and governmental authorities (outside your country of residence).
  • Establish and defend the Company’s legal rights, protect Examinex’s operations or those of any related Group companies or insurance business partners.

Other purposes (for example relating to potential or current employees):

  • Assess an applicant’s suitability and continued suitability for employment.

To whom does Examinex disclose your personal information?

Examinex may disclose your personal information to:

  • Government Authorities (where required by law, including workers compensation laws).
  • Third parties involved in court action (where required by law).
  • Business partners/clients.
  • Medical partners.

For examinees only, depending on the nature of the services we provide for you, to collect from and disclose your personal/sensitive information to the following third parties:

  • Your nominated, treating doctor.
  • Anyone who, by agreement, is deemed necessary.
  • Your employers (e.g. return to work co-ordinator).
  • Referring agency.
  • Medical Consultants and examiners and any other treating practitioner or other health providers that Examinex may deal with on your behalf.

What happens if you don’t provide the required personal/sensitive information? 

If you do not provide some, or all the information requested, we may not be able to provide the requested services.

Using a pseudonym or engaging with Examinex anonymously

Due to the nature of our services the use of a pseudonym anonymity is not acceptable.

Consultants/Medical Examiners – invoice settlement/bank account details

Examinex does not retain bank account details in the Examinex IT system except in respect of relevant account details required for Consultants and Medical Examiners fee settlement. Relevant details will be passed to the payment gateway as soon as they have been collected. Account details are stored by Examinex using appropriate security measures.

Website cookies and usage information

When you access our website, Examinex may use software and may place small data files (or cookies) on your computer or other devices to collect information about which pages you view and how you reach them, what you do when you visit a page, the length of time you remain on the page, and how Examinex performs in providing content to you. A cookie does not identify individuals personally, but it does identify computers.

You can set your browser to notify you when you receive a cookie, and this will provide you with an opportunity to either accept or reject it in each instance. Examinex may gather your IP address as part of Examinex business activities and to assist with any operational difficulties or support issues with our services. This information does not identify you personally.

External links

Examinex’s website may contain links to other websites. When you access these links, Examinex recommend that you read the website owner’s privacy statement before disclosing your personal information. Examinex does not accept responsibility for inappropriate use, collection, storage, or disclosure of your personal information collected outside Examinex website.

How an individual can access their personal information held by Examinex

If an individual wishes to exercise their rights to access their personal information held by Examinex, or alternatively, has any questions or believes that any personal information held by Examinex is incorrect or incomplete, the individual can write (or email) the Examinex Data Protection Officer at the address below.

Except in the case of compliance with the law (including requested by subpoena), personal information will only be released to the individual directly, unless Examinex has written consent by the individual concerned to provide such information to a third party.

Updating and correcting your personal information

You may ask Examinex to update, correct or delete the personal information we hold about you at any time by contacting the Data Protection Officer (DPO) as specified below. We will take reasonable steps to verify your identity before granting access or making any corrections to or deletion of your information.

Examinex will, upon request, take all reasonable steps within its powers to correct the information in its possession or, if necessary, discuss alternative actions with the individual. In cases where the information was provided by a third party, we may not be able to correct information and you may have to contact the third-party that gave the information to us.

Examinex may take reasonable steps to correct personal information we hold when we are satisfied that it is inaccurate, out-of-date, incomplete, irrelevant, or misleading for the purpose for which it is held.

How to contact Examinex regarding Privacy/Data issues

If you would like to make further inquiries in relation to data issues or submit a notification about a breach of the UK Data Protection Regulations that may relate to our business, you can contact the Examinex Data Protection Officer (DPO) at: admin@examinex.co.uk or you can write to our Data Protection Officer at: DPO, Examinex, The Powerhouse, High Street, Ardington, Oxfordshire, OX12 8PS.

Complaints

Examinex takes all enquiries and complaints regarding data and privacy of information seriously.

We will respond to any requests, questions, or complaints as soon as possible in a reasonable time frame.

Examinex may take reasonable steps to correct personal information we hold when we are satisfied that it is inaccurate, out-of-date, incomplete, irrelevant, or misleading for the purpose for which it is held.

Policy Changes

Examinex may revise this Privacy Policy from time to time by updating this page on our website.

The revised Privacy Policy will take effect when it is posted on the Examinex website.