PURPOSE
This Website Privacy Policy explains how the Company collects, uses, and protects personal data through its public website and related business communications.
This Policy reflects the Company’s current operating model. The website is used for information, business contact, and lead generation only. It is not used for clinical data intake, patient interaction, document exchange, or portal-based services.
SCOPE
This Policy applies to personal data collected:
- through the public website;
- through website contact forms;
- through email, telephone, or other communications initiated via the website; and
- through basic website functionality and analytics.
This Policy does not apply to data processing performed under separate client contracts or regulated service engagements.
DATA CONTROLLER
For the purposes of this Policy, the Company acts as an independent data controller.
Controller:
iTMF Consulting LLC
Sheridan, Wyoming 82801, USA
info@md-led.com
CURRENT WEBSITE DATA MODEL
The Company collects limited business contact data only.
At the effective date:
- no user accounts or login areas are provided;
- no file upload or document exchange functionality exists;
- the website is not intended for submission of patient or clinical data; and
- no special category data is intentionally collected.
Users must not submit clinical, patient, or regulated data through the website or general contact channels.
CATEGORIES OF PERSONAL DATA
The Company may process:
5.1 Contact Data
- name;
- business email address;
- telephone number;
- company name;
- job title (if provided).
5.2 Communication Data
- messages submitted via forms;
- email correspondence;
- records of inquiries and follow-up.
5.3 Technical Data
- IP address;
- browser and device information;
- access logs;
- basic analytics data (subject to cookie settings).
PURPOSES OF PROCESSING
Personal data is processed only to:
- respond to inquiries;
- communicate with business contacts;
- assess potential services at a preliminary level;
- arrange meetings and follow-up;
- maintain communication records;
- ensure website security and operation; and
- comply with legal and professional obligations.
The Company does not use personal data for automated decision-making with legal or similarly significant effects.
LEGAL BASIS
Where applicable (including GDPR):
- Legitimate interests – primary basis for B2B communication and website operation;
- Pre-contractual steps / contract performance – where inquiries relate to potential or existing engagements;
- Legal obligation – where required by law;
- Consent – where required (e.g., non-essential cookies).
Provision of personal data is voluntary, but necessary to receive a response.
NO CLINICAL OR SPECIAL CATEGORY DATA
The website is not designed for collection of:
- patient data;
- medical records;
- study subject information;
- special category data under Article 9 GDPR; or
- regulated clinical documentation.
The Company does not establish any obligation to review or process such data if submitted through uncontrolled channels.
If such data is received, the Company may restrict, delete, or otherwise limit its processing.
CONFIDENTIALITY
Business communications are treated as confidential and accessible only to personnel or advisers with a legitimate need to access them.
Such persons are subject to contractual or professional confidentiality obligations.
General website communication channels are not a secure method for transferring sensitive or regulated data.
DISCLOSURE
The Company does not sell personal data.
Data may be shared where necessary with:
- hosting and IT providers;
- communication service providers;
- professional advisers;
- authorities where required; and
- successor entities in corporate transactions.
Third parties are subject to appropriate confidentiality and data protection obligations.
INTERNATIONAL TRANSFERS
Personal data may be processed in multiple jurisdictions.
Where required, transfers are subject to appropriate safeguards, including Standard Contractual Clauses or equivalent legal mechanisms.
RETENTION
Personal data is retained only as long as necessary for:
- handling inquiries;
- business communication;
- legal and regulatory obligations; and
- protection of legal interests.
Retention is limited to a reasonable business period unless extended by legal requirements.
SECURITY
The Company applies reasonable measures appropriate to its current website model, including:
- controlled access to systems;
- use of reputable service providers;
- basic security and monitoring controls; and
- limitation of internal access.
No public website can guarantee full security. Sensitive or clinical data must not be transmitted via website channels.
COOKIES
The website may use cookies for:
- essential functionality;
- security;
- performance; and
- analytics (where implemented).
Where required, non-essential cookies are subject to user consent.
DATA SUBJECT RIGHTS
Where applicable (including for individuals in the EEA), data subjects may have the right to:
- access, correct, or delete their data;
- restrict or object to processing;
- request data portability; and
- withdraw consent where applicable.
Requests may be submitted using the contact details above.
COMPLAINTS
Data subjects may contact the Company with concerns.
They may also lodge a complaint with a competent supervisory authority where applicable.
CHILDREN
The website is intended for professional use and is not directed to children.
CHANGES
This Policy may be updated from time to time.
The current version will be available on the website with the effective date.
FUTURE CHANGES IN PROCESSING
If the Company introduces:
- client portals;
- file uploads;
- document exchange systems; or
- processing of clinical or special category data,
this Policy will be updated before such processing begins.
CONTACT
iTMF Consulting LLC
info@md-led.com
Sheridan, Wyoming 82801, USA
Website Privacy Policy