Introduction

Fusion Diagnostic Solutions is committed to protecting the privacy and personal data of its clients, employees, and partners. This General Data Protection Regulation (GDPR) policy outlines our approach to data protection, including the collection, storage, use, and disclosure of personal data. We comply with the GDPR and other applicable data protection laws and regulations.

Scope

This policy applies to all personal data processed by Fusion Diagnostic Solutions, regardless of the medium or format in which it is collected or stored. It covers personal data obtained from clients, employees, contractors, suppliers, and other third parties.

Data Protection Principles

We adhere to the following principles regarding the processing of personal data:

  1. Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and in a transparent manner.
  2. Purpose Limitation: We collect personal data only for specified, explicit, and legitimate purposes. We ensure that the data is not processed in a way incompatible with those purposes.
  3. Data Minimization: We collect and process only the minimum amount of personal data necessary to fulfil the specified purposes.
  4. Accuracy: We ensure that personal data is accurate, up to date, and relevant. We take reasonable steps to rectify or erase inaccurate or outdated data.
  5. Storage Limitation: We retain personal data for the period necessary to fulfil the purposes for which it was collected. We securely dispose of personal data when it is no longer needed.
  6. Integrity and Confidentiality: We implement appropriate technical and organizational measures to ensure the security, confidentiality, and integrity of personal data.
  7. Accountability: We demonstrate compliance with the GDPR by maintaining documentation, conducting privacy impact assessments, and implementing appropriate policies and procedures.

Lawful Basis for Processing

We process personal data on the following lawful bases:

  1. Contractual Necessity: We process personal data to fulfil our contractual obligations with clients, employees, and other relevant parties.
  2. Legitimate Interests: We may process personal data based on our legitimate interests, provided they are not overridden by the individual’s rights and interests.
  3. Consent: We obtain consent when required, and individuals have the right to withdraw their consent at any time.

Data Subject Rights

We respect the rights of individuals regarding their personal data, including:

  1. Right to Access: Individuals have the right to request access to their personal data held by Fusion Diagnostic Solutions.
  2. Right to Rectification: Individuals have the right to request the correction of inaccurate or incomplete personal data.
  3. Right to Erasure: Individuals have the right to request the deletion or removal of their personal data.
  4. Right to Restriction: Individuals have the right to restrict the processing of their personal data under certain circumstances.
  5. Right to Data Portability: Individuals have the right to obtain and reuse their personal data for their own purposes across different services.
  6. Right to Object: Individuals have the right to object to the processing of their personal data in certain situations.
  7. Right to Lodge a Complaint: Individuals have the right to lodge a complaint with the relevant data protection authority.

Data Security

We implement appropriate technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures include:

  1. Encryption and pseudonymisation of personal data when appropriate.
  2. Regular backup and disaster recovery procedures.
  3. Access controls and authentication mechanisms.
  4. Training and awareness programs for employees on data protection best practices.

Data Breach Management

We have procedures in place to detect, report, and investigate data breaches. In the event of a data breach, we will promptly notify affected individuals and the relevant supervisory authority as required by law.

Data Transfers

When transferring personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place to protect the data in accordance with GDPR requirements.

Third-Party Processors

If we engage third-party processors to process personal data on our behalf, we will ensure that they provide sufficient guarantees regarding data protection and comply with applicable legal requirements.

Privacy by Design and Default

We integrate privacy considerations into our business processes and systems from the outset to ensure the protection of personal data.

Policy Review

This policy will be regularly reviewed and updated as necessary to ensure ongoing compliance with applicable data protection laws and regulations.

Take the 8-minute survey and get your Value Builder Score

Complete the questionnaire and instantly get your Value Builder Score out of 100. Companies with a score of 80 + typically get offers that are 71% higher than average scoring businesses.

Get Your Score Now