Privacy Policy

Hospital Services Limited (hereinafter known as the Company) is committed to protecting and respecting your privacy.

This Policy has been written for compliance with the General Data Protection Regulation(GDPR) and the UK GDPR, Data Protection Act 2018 and to explain when and why we collect personal information about people who are employees our clients or potential clients, or our suppliers how the Company uses it, the conditions under which we may disclose it to others and how we keep it secure.

We may change this Policy from time to time so please check that you have the current version. If you are using our website, you’re agreeing to be bound by this Policy.

Who are we?

Hospital Services Limited (“HSL”) is a specialist distributor of medical and surgical equipment, consumable products and healthcare technologies, servicing public and private hospitals across the UK and Ireland.

With a staff of 160 based across offices in Belfast, Dublin, and England, HSL is one of the largest privately-owned distributors supplying the health sector. In addition to supplying market leading technologies and solutions to our customers, HSL’s team provides on-going technical and clinical support to the end-user of our products. HSL partners exclusively with several world-class manufacturers across a number of disciplines including, to name just a few, Richard Wolf and KLS Martin (general and electro-surgery), Hologic (mammography), Shimadzu and Canon (radiology), and Haag-Streit and Ziemer (ophthalmology).

The Company’s services and operations are underpinned by a Quality Management System that ensures full compliance with ISO9001:2015, an Environmental Management System that is fully compliant with ISO14001:2015 and an ISO27001:2013 compliant Information Security Mangement System. The continuing success of any company is its people and its service to customers. All our employees are committed to the quality concept while all our engineers are carefully selected for their commitment to the company’s core values along with their experience and qualifications.

How do we collect information from you?

We obtain information about our:


1. Employees when they initially apply for positions in the Company and once offered employment.

2. Clients when they make an initial enquiry for our services and ongoing through the term of the contract services provided.

3. Suppliers as we give orders and get technical information from their staff

What type of information is collected from you?
The personal information we collect is usually limited to name, address, email address, contact telephone number(s). For a more detailed breakdown, please refer to the HSL Information Asset Register.

How is this information used?
We may use this information to:

• To process an application for employment;
• To process enquiries and orders from our customers;
• To send orders to suppliers and obtain necessary technical information;
• To send notifications of changes to our services or appropriate product information;
• To send information which has been requested.
Lawful Basis for Processing Personal Data
We will only use your personal data when the law allows us to. Most commonly, we
will use your personal data in the following circumstances:
• Where we need to perform the contract we are about to enter into or have
entered into with you.
• Where it is necessary for our legitimate interests (or those of a third party) by
which we mean the interest of our business in conducting and managing our
business to enable us to give you the best service and the best and most secure
experience. We make sure we consider and balance any potential impact on you
(both positive and negative) and your rights before we process your personal
data for our legitimate interests. We do not use your personal data for activities
where our interests are overridden by the impact on you (unless we have your
consent or are otherwise required or permitted to by law). You can obtain
further information about how we assess our legitimate interests against any
potential impact on you in respect of specific activities by emailing us on
compliance@hsl.ie
• Where we need to comply with a legal or regulatory obligation we are subject
to.
We review our retention periods for personal information on a regular basis and always
retain same in accordance with legal requirements


Who has access to your information?

We will never share information with third parties for marketing purposes.

Third Party Service Providers working on our behalf: We may pass information to
our third party service providers and subcontractors for the purposes of completing
tasks and providing services on our behalf (for example for Installation works).
However, when we use third party service providers, we disclose only the personal
information that is necessary to deliver the service and we have a contract in place
that requires them to keep all information secure and not to use it for their own direct
marketing purposes.

Your choices
You will always have a choice about whether or not you wish to receive information
from us. However, the Company does not undertake any direct marketing. We will
not contact you for marketing purposes by email, phone or text. Should this change
then this Policy will be updated to reflect this change.
How you can access and update your information
The accuracy of your information is important to us. If you change email address, or
any of the other information we hold is inaccurate or out of date, please email us at:
info@hsl.ie, or write to us at:

Hospital Services Limited,
30 Wildflower Way,
Belfast
BT12 6TA

or telephone: 028 90381481. Our Data Protection Officer is Graham Stewart.

You have the right to ask for a copy of the information the Company holds about you.
There is normally no charge for this.
If the request is “manifestly unfounded or excessive” we may charge a “reasonable
fee” for the administrative costs of complying with the request.
We may also ask for proof of your identity and we can also refuse a request if the
request is “manifestly unfounded or excessive”.
If we refuse the request, we will inform you of:

• The reasons we are not taking action;
• Your right to make a complaint to the ICO or another supervisory authority
(DPC in Ireland);
• Your right to seek to enforce this right through a judicial remedy.
In certain circumstances, such as where the data is no longer necessary for the
purposes for which it was collected, you have a right to require us to erase all personal
data held about you. Note: There are a number of exemptions to this right, for example
in relation to freedom of expression and compliance with legal obligations.

Security precautions in place to protect the loss, misuse or alteration of your
information.

When you give us personal information, we take steps to ensure that it’s kept securely.
Non-sensitive details (your email address etc.) are transmitted normally over the
Internet, and this can never be guaranteed to be 100% secure. As a result, while we
strive to protect your personal information, we cannot guarantee the security of any
information you transmit to us, and you do so at your own risk. Once we receive your
information, we make our best effort to ensure its security on our IT Systems (soft copy
information) or held securely in our offices (hard copy information).

Profiling
We do not analyse your personal information to create a profile of your usage or any
other such as interests and preferences so that we can contact you with information
relevant to you.
We may make use of the information about you in order to provide you with information
that directly affects you or in the case of system users, their system.

Use of ‘cookies’
Like many other websites, the Company website does use cookies. We may collect
information about your computer, including where available your IP address, operating
system and browser type, for system administration and to report aggregate
information to our advertisers. This is statistical data about our users’ browsing actions
and patterns and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by
using a cookie file which is stored on the hard drive of your computer. Cookies contain
information that is transferred to your computer’s hard drive. They help us to improve
our site and to deliver a better and more personalised service. They enable us:

• To estimate our audience size and usage pattern.
• To store information about your preferences, and so allow us to customise our
site according to your individual interests.
• To speed up your searches.
• To recognise you when you return to our site.
You may refuse to accept cookies by activating the setting on your browser which
allows you to refuse the setting of cookies. However, if you select this setting you may
be unable to access certain parts of our site. Unless you have adjusted your browser
setting so that it will refuse cookies, our system will issue cookies when you log on to
our site.

Links to other websites
Our website may contain links to other websites run by other organisations. This
privacy policy applies only to our website‚ so we encourage you to read the privacy
statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access these using links from our
website.

In addition, if you linked to our website from a third-party site, we cannot be responsible
for the privacy policies and practices of the owners and operators of that third-party
site and recommend that you check the policy of that third party site.

18 or Under
We are concerned to protect the privacy of children aged 18 or under (although under
the GDPR this is currently the under 13’s). If you are aged 18 or under‚ please get
your parent/guardian’s permission beforehand whenever you provide us with personal
information.

Transferring your information outside of Europe
As part of any application for employment or the services offered to you, the
information which you provide to us may be transferred to countries outside the
European Union (“EU”).
These countries may not have similar data protection laws to the UK. By submitting
your personal data, you’re agreeing to this transfer, storing or processing. If we
transfer your information outside of the EU in this way, we will take steps to ensure
that appropriate security measures are taken with the aim of ensuring that your privacy
rights continue to be protected as outlined in this Policy. If you access our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.

Website recording
At the time of publication of this Policy, our web site does not use the any web site
recording service. Should this change then this Policy will be updated to reflect this
change.

Your Rights Under Data Protection Legislation
You have various rights under data protection legislation:


1. Your right to be informed about the collection and use of your personal
data.

2. Your right to access information held about you. Your right of access can
be exercised in accordance with the Act.

3. Your right to correct any errors in the information we hold about you, and
to change and correct any details you have already given us. Please
inform us about any changes to your details so that we can keep our
records accurate and up to date.

4. Your right to have personal data erased (in certain circumstances).

5. Your right to have personal data processing restricted (in certain
circumstances).

6. Your right to data portability.

7. Your right to object to the processing of your personal data.
8. Your right to not be subject to automated decision making.
You can visit the Information Commissioners web site for more information.

A guide to individual rights | ICO

Last Reviewed November 2023, next review due November 2024.