Data Rights

Data Collection and Processing

TinaMed is committed to safeguarding the privacy and personal data of all users in accordance with applicable United States data protection laws, while acknowledging international frameworks such as the General Data Protection Regulation (GDPR) where relevant. When users visit TinaMed, certain data including but not limited to user IP addresses, device identifiers, and pages accessed may be collected through cookies, analytics tools, and necessary forms. This information is utilized to ensure the effective operation of our website, personalize user experiences, and provide users with the most relevant and up-to-date medical content, including pharmaceutical, supplement, and disease data. As part of our dedication to privacy, sensitive personal information will never be collected without clear notice and user consent. We may process contact details when users communicate with us or request additional information, using such data solely for the purpose indicated at the time of submission. Furthermore, TinaMed has implemented technical and organizational security measures designed to protect personal data from unauthorized access, disclosure, alteration, or destruction. We do not sell, rent, or trade user data to third parties for commercial purposes; where sharing is essential, it is limited to trusted partners under strict confidentiality obligations. All data processing activities adhere to legitimate purposes, ensuring minimization and transparency.

User Rights and Control

Every user of TinaMed is entitled to a set of rights regarding their personal data, reflecting our dedication to privacy and to fostering user trust. Users may request access to their stored data and receive copies in a structured, commonly used electronic format upon valid request. Correction and rectification rights allow users to update or amend any inaccurate or incomplete personal data. Users may also exercise the right to erasure, requesting the deletion of personal data where such data is no longer necessary for the original purpose, provided that legal and regulatory obligations do not require its retention. Furthermore, users retain the right to restrict or object to certain processing activities, such as data used for third-party marketing. Where processing is based on user consent, individuals have the authority to withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. To exercise these rights, users may contact us via [email protected] and expect a timely response, typically within thirty days from receipt of the request.

Data Security and Retention Practices

TinaMed prioritizes robust data security measures to ensure the confidentiality, integrity, and availability of personal information entrusted to us by our users. We employ industry-standard technologies, including but not limited to encryption, secure communication protocols (such as HTTPS), and vigilant server security configurations, to protect all digital interactions. Regular audits, vulnerability assessments, and access controls are implemented to prevent unauthorized access or disclosure of sensitive data. Our staff and any third parties acting on our behalf are bound by strict confidentiality and data handling responsibilities. Data retention policies dictate that we only retain personal data for as long as necessary to fulfill the purpose for which it was collected or to comply with applicable law. Deletion and anonymization processes are undertaken once the data is no longer required, ensuring all traces are securely removed from our systems as appropriate. Our retention periods for various data types are reviewed on a routine basis, based on legal, operational, and regulatory considerations.

International Data Transfers

Given TinaMed is operated by Gregory Ashwell based in the United Kingdom, and our website serves users in the United States of America, there may be occasions where user personal data is transferred internationally for the provision of TinaMed services. Such transfers are conducted in strict accordance with applicable laws and consider mechanisms that ensure a substantially similar level of data protection. This includes utilizing contractual clauses and undertaking adequacy assessments when engaging with third parties, partners, or vendors located outside of the user’s region. Users are hereby notified in clear terms when such transfers occur. Our commitment is to transparency and to maintaining legal safeguards so that user data is securely managed, regardless of where it is processed. Users can contact us at [email protected] for further details regarding these international practices.

Contact and Complaints

To address any questions, exercise data subject rights, or register complaints related to our data handling practices, users may contact our owner and data controller, Gregory Ashwell, at the following address: University of Leeds, Woodhouse Lane, Leeds, LS2 9JT, United Kingdom, or via email at [email protected]. We are fully committed to resolving all user concerns in an efficient and respectful manner. Users may expect receipt of their inquiry to be acknowledged within a reasonable time. Should a concern not be adequately resolved, users retain the right to escalate the issue by seeking advice from relevant authorities. TinaMed is dedicated to upholding the highest standards of accountability and user trust in all aspects of its data management and privacy protection practices.