BOOK A DEMO

RegDesk EU/EEA and UK Privacy Notice

Effective Date: November 9, 2024 

RegDesk, Inc. (“RegDesk”) provides regulatory compliance software for medical device providers that facilitates the regulatory approval process for medical device products and technologies (our “Digital Platform”). This EU/EEA and UK Privacy Notice describes how we collect, maintain, share, and otherwise process personal information from individuals residing in the European Union/European Economic Area and the United Kingdom via our Digital Platform and our corporate website, https://www.regdesk.co (our “Website”). This Privacy Notice is addressed to our customers and their employees,representatives, distributors, registered agents, and consultants (“Customers”) and visitors to our Website (“Visitors”) located within the EU/EEA and UK.

For individuals who interact with us online, we collect information you choose to give us and other information that may be collected from your use of our Website and Digital Platform, including from your device. We use that information to operate our business and for the purposes set forth below. Below, we also describe the choices we offer with respect to your information.

This Privacy Notice does not apply to information for which RegDesk does not determine the purpose and means of processing. This Privacy Notice does not apply to information that cannot be identified by any individual, household, or their devices, such as de-identified or anonymized information.

Information Collection and Purpose of Processing

For more information regarding the personal information we collect, the types and sources of collection, and the purposes for which we process personal data, please see our Privacy Notice.

In some instances, the provision of certain personal data will be necessary for RegDesk to enter into a business relationship with you or to provide our Website or Digital Platform. Failure to submit such required data may result in us being unable to deliver our products or services or in our Website or Digital Platform not functioning as designed/intended by RegDesk.

Legal Basis for Processing

RegDesk processes personal data of EU/EEA and UK residents if and to the extent one of the following lawful bases applies to such processing:

  • We have obtained consent from you for such processing for one or more specific purposes;
  • Processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract;
  • Processing is necessary for compliance with a legal obligation to which RegDesk is subject;
  • Processing is necessary for the purposes of our or a third party’s legitimate interests.

Where relying on legitimate interests for processing, such legitimate interests may include any or all the uses detailed above in this EU/EEA and UK Privacy Notice, taking into consideration reasonable expectations of data subjects based on the relationship with us.

Where we rely on your consent, you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent before withdrawal.

How We Share Information

We may share your information with third parties as reasonable to operate our business (including for the purposes described above), to provide the Website and Digital Services to you and others, as permitted or required by law, or as directed or authorized by you. For example, we may share data with Customers, third parties, professional advisors, law enforcement, regulators, or in the event of a sale or merger of our company.

For more information on our specific data sharing practices, please see the “How We Share Information” section of the Privacy Notice.

Data Retention

RegDesk will maintain your personal data in accordance with our data retention schedule. The period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period, is for the length of the commercial relationship. We may retain personal data when required by law, regulation, or professional standards to maintain the data for a longer period of time.

Your Rights Under EU/EEA and UK Law

Under EU/EEA and UK law, you have the following rights:

Right of access. You have the right to obtain from the us confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data certain other information, including the purposes of processing, the categories of data concerned, and information regarding recipients. You also have the right to be informed of any appropriate safeguards related to transfers of your personal data to third countries.

Right of Rectification. You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to be Forgotten. You have the right to obtain from us the erasure of personal data concerning you without undue delay where certain grounds apply.

Right to Restriction of Processing. You have the right to obtain from us restriction of processing where one of the following applies:

  • You contest the accuracy of the personal data.
  • The processing is unlawful and you oppose the erasure of the personal data.
  • We no longer need the personal data for the purposes of the processing, but you require the data for the establishment, exercise, or defense of legal claims.
  • You have objected to processing and the objection is pending verification as to whether our legitimate grounds override your objection.

Right to portability. You have the right to receive personal data concerning you, which you provided to RegDesk, in a structured, commonly used and machine-readable format and you have the right to transmit that data to another controller without hindrance from us.

Right to object. You have the right to object on grounds related to your particular situation to our processing on the basis of legitimate interests and/or processing for direct marketing purposes.

Right to lodge a complaint. You have the right to lodge a complaint with a supervisory authority, in particular in the UK or the EU/EEA Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing infringes the GDPR.

Contact Information

RegDesk operates via the following legal entity: RegDesk, Inc.

RegDesk has appointed VeraSafe as its EU/EEA and UK Data Protection Representative for the purpose of responding to the inquiries of EU/EEA and UK regulatory agencies and serving as a point of contact for EU/EEA and UK individuals whose personal data RegDesk processes.

If you are in the EU/EEA or the UK, VeraSafe can be contacted, in addition to RegDesk, only on matters related to the processing of personal data. If you are in the EU/EEA, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +420 228 881 031. Alternatively, VeraSafe can be contacted for EU/EEA inquiries at: VeraSafe Ireland Ltd. Unit 3D North Point House North Point Business Park New Mallow Road Cork T23AT2P Ireland

If you are located in the UK, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +44 (20) 4532 2003. Alternatively, VeraSafe can be contacted for UK inquiries at: VeraSafe United Kingdom Ltd. 37 Albert Embankment London SE1 7TL United Kingdom

If you have any questions or concern about this Privacy Notice or the privacy practices at RegDesk, please contact us at Privacy@regdesk.co.

RegDesk, Inc.

2450 Holcombe Blvd, Suite X

Houston, TX 77021

+1 267 607 3375

RegDesk Reviews
RegDesk Reviews

© 2024 RegDesk, Inc. All rights reserved