GDPR and Data Collection

The EU General Data Protection Regulation (GDPR) is a privacy and data protection regulation in the European Union effective from May 25 2018. GDPR imposes new obligations on organisations that control or process personal data and introduces new rights and protections for EU citizens.

In order for you to utilise our online services we need to ask for and store your personal information, fulfilling our contractual obligation and communicating to you any information about your orders and transactions made through the use of our website As a part of our services, and subject to your consent, we may share your contact details with our partners and third party members who would send you information on their products, services, discounts and promotions. In addition, subject to your consent, we may send you further information on our products, services, discounts, and promotions we feel may be of benefit to you. 

As a part of this process, your personal information is handled and stored in a safe and timely manner, as per the European GDPR guidelines. This data is retained in our systems until you ask for its deletion or we find it irrelevant for the purpose of this application. You may change your personal information at any time but should consider that any changes are logged and stored in our system. 

If you would like us to remove your data from our online services, please see the option to delete personal information. You may change your response to the consentual use and logging of your data at any time. The audit train of your consent history is maintained. Please note that you are required to provide consent on your behalf only as employers cannot consent on behalf of employees.  

Use this option to delete your personal data relating to this service from this system. By clicking on this button, the system will delete the following information:

  1. First name
  2. Last name
  3. Gender
  4. Email Address,
  5. Date of Birth
  6. IP address
  7. Billing and Shipping addresses
  8. A complete communication log.

However the system will preserve your transactions such as orders, wishlist and transaction history. The system will issue you a token identification (ID) which you can use in case if you want to reactivate your account in future.

At Repton Medical we are committed to ensuring that your privacy is protected and we strictly adhere to the provisions of all relevant Data Protection Legislation, including GDPR, ensuring all personal data is handled in line with the principles outlined in the regulation that state:

Personal data shall be:

  1. Processed lawfully, fairly and in a transparent manner in relation to the data subject
  2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
  3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
  4. Accurate and, where necessary, kept up to date
  5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
  6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

Repton Medical respect our customer's rights to data privacy and protection and as such we have revised our internal policies, procedures, working practices in order to meet the requirements of the GDPR. We place a high priority on protecting and managing data in accordance with accepted standards and indeed helping our customers utilise our products and services to the same end. Further information is available within our Privacy Policy and Data Processing Agreement. If you have any further questions please speak to your account manager or contact