Privacy and Data Policy

This document outlines Medtractr's approach to collecting, processing, and safeguarding your personal data. We adhere strictly to the General Data Protection Regulation (GDPR) and all relevant UK data protection legislation. Our policy is designed to ensure that your information is managed transparently, securely, and exclusively for the purposes described below.

1. Purpose of Data Collection

Medtractr collects and processes your data solely for managing the professional work history of medical professionals. This includes, but is not limited to, the following functions:

• PreScreening:Verifying work history and qualifications for employment opportunities.
• DBS Records Management:Maintaining records relevant to Disclosure and Barring Service (DBS) checks.
• Certification Oversight:Tracking certification and recertification dates to provide timely reminders.
• RealTime Time Card:Offering a feature to track current job work history accurately.
• AI Resume Builder:Providing access to an AI-driven resume building tool, subject to your subscription plan.

2. Data Collection and Use

Your data is collected and utilised exclusively for the purposes outlined above. Medtractr ensures that all processing activities are conducted lawfully, fairly, and transparently. The information we gather is strictly used to:

• Support Professional Verification:Confirm and prescreen employment history and qualifications.
• Facilitate Reminders:Notify you of important dates regarding certification and recertification.
• Enhance Functionality:Operate our realtime time card system and AI resume builder tool.
• Enable Secure Data Exchange:Allow you to share your professional details with hiring managers or companies via secure, timelimited links.

3. Data Security

We implement robust security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:

• End-to-end encryption for all data transmission
• Regular security audits and vulnerability assessments
• Strict access controls and authentication protocols
• Continuous monitoring for suspicious activities
• Regular data backup and disaster recovery procedures

4. Your Rights

Under GDPR and UK data protection laws, you have several rights regarding your personal data:

• Right to access your personal data
• Right to rectify inaccurate information
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision making and profiling

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Once your data is no longer needed, it will be securely deleted or anonymized.

6. Third-Party Sharing

Medtractr does not sell your personal data to third parties. We may share your information with trusted service providers who assist us in operating our platform, but only to the extent necessary to provide our services. All third parties are contractually obligated to use your data solely for the purposes specified by us and in compliance with our privacy policy.

7. Contact Information

If you have any questions or concerns about our privacy practices, please contact our Data Protection Officer:

8. Policy Updates

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. We will notify you of any significant changes through our platform or via email. We encourage you to review this policy regularly to stay informed about how we protect your personal information.