Privacy Notice for Veterinary Diagnostic Services
Veterinary Diagnostic Services (VDS) is a commercial veterinary diagnostic laboratory based at the University of Glasgow, School of Veterinary Medicine. We are committed to processing all data in a clear and transparent way and storing and disposing of all data securely in line with GDPR guidelines. The University of Glasgow will be what’s known as the ‘Data Controller’ of your personal data processed in relation to data supplied with diagnostic samples submitted to VDS. This privacy notice will explain how the University of Glasgow will process your personal data.
What are we going to do with your data?
We must have a legal basis for processing all personal data and in this instance the legal basis is contractual. VDS will collect and securely store your data (primarily veterinary practice/submitting laboratory name, contact details, sample identification information and payment details) and we will only use it in order to contact you and fulfil an agreement with you for goods and services provided. All the personal data you submit is processed by staff at the University of Glasgow in the United Kingdom. Your data will not be shared to any third parties without your prior consent unless required to do so by law. Data will be kept for the duration of our business relationship and will be deleted thereafter.
Third party data that you provide to us
VDS will ensure that all data that you provide is stored securely and used only for the purpose that you provided it. VDS will ensure that no data is stored outside of the EEA.
Data that we provide to you
VDS will provide you with correct data and will inform you as soon as we are aware of any data inaccuracies. We will ensure that the data we provide to you is adequate for the purpose you require but we will not provide any details that we do not deem to be necessary for your purpose.
What are your rights?
You can request access to the information we process about you at any time. If at any point you believe that the information we process relating to you is incorrect, you can request to see this information and may in some instances request to have it restricted, corrected or, erased. You may also have the right to object to the processing of data and the right to data portability. If you wish to exercise any of these rights, please contact email@example.com.
Please note that the ability to exercise these rights will vary and depend on the legal basis on which the processing is being carried out.
In line with GDPR, breaches will be reported to the Information Commissioner’s Office within 72 hours. In the case of a major breach affecting your data or data that you have provided to us, we will contact you. Please inform us of any breaches that affect you and have affected our data or data that we have provided to you.
If you wish to raise a complaint on how we have handled your personal data, you can contact the University Data Protection Officer who will investigate the matter. Our Data Protection Officer can be contacted at firstname.lastname@example.org. If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO) https://ico.org.uk/