Upcycled Medical Limited

Privacy Policy

We process your personal data according to the UK’s Data Protection Act (the “Data Protection Act”) and other applicable UK data protection legislation.

Upcycle Medical Limited Group Ltd is registered with the UK Information Commissioner’s Office (ICO) under the data registration number “ZB380100” in the UK’s data controller register. For the purposes of the Data Protection Act, Upcycle Medical Limited Group Ltd. is the Data Controller.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.


We may collect, store and use the following kinds of personal information:

1. Information that you provide to us for the purpose of subscribing to email notifications and/or newsletters

2. Information about your computer and about your visits to and use of the site


We may disclose information about you to any of our employees, officers, agents, suppliers or sub-contractors insofar as is reasonably necessary for carrying out the purposes set out in this Privacy Policy. This may include allowing our suppliers and sub-contractors access to your personal information where we have “outsourced” functions. However, any use by such suppliers or sub-contractors will be strictly limited and conducted in accordance with our instructions (as “data processors” described in the Data Protection Act).

In addition, we may disclose your personal information:

1. To the extent that we are required to do so by law

2. In connection with any legal proceedings or prospective legal proceedings

Your personal data will not be passed to third parties without your permission, other than as set out in this policy.


We may contact you about our services if you choose to sign up to receive notifications from us. You do have the right at any time to opt out of being contacted in this way.


Upcycle Medical Limited Group Ltd. has implemented the required technical and organisational security measures to prevent the loss, misuse or alteration of your personal information. For example, we will store all the personal information that you provide on secure (encrypted, password- and firewall-protected) servers and send it only over encrypted transmission links. While the internet is inherently insecure and we cannot guarantee the security of data sent across the internet, we will take all meaningful steps to ensure it’s as secure as appropriately possible.


Except for the operations listed below, your data is kept exclusively within physically secure ISO-27001 compliant data-centers located within the European Union.

1. Backups: we keep backups of all our data in our backup service provider’s SOC 2 Type II certified and HIPAA compliant data-centers, hosted in the USA. The legal basis under the GDPR for this processing is specified by GDPR-compliant Model Clauses, a GDPR Data Processing Addendum and a standard Data Processor agreement, in line with the EU-US Privacy Shield agreement.


This Section sets out our data retention policies and procedures, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.

Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

Notwithstanding the other provisions of this Section, we will retain documents (including electronic documents) containing personal data:

1. to the extent that we are required to do so by law;

2. if we believe that the documents may be relevant to any ongoing or prospective administrative or legal proceedings;

3. to transfer to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and

4. in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).


Individuals have the right to access, correct, cancel or object to the processing of their personal data. If you want to exercise any of those rights, please contact info@upcycledmedical.com.

You may instruct us to provide you with any personal information that we hold about you. Provision of such information will be subject to the supply of appropriate evidence of your identity.

We may withhold such personal information to the extent permitted by law.


We must keep your personal data accurate and up to date. If you become aware of any errors or inaccuracies please let Upcycle Medical Limited know by contacting info@upcycledmedical.com.


We may update this privacy policy from time to time by posting a new version on the Upcycle Medical Limited site. You should check this page occasionally to ensure you are happy with any changes.


If you have any questions about the Privacy Policy, use the contact details below:

Upcycled Medical Limited, 33, Sunninghill, Ascot, SL5 9NF, UK

Email: info@upcycledmedical.com, Tel: 03301334192.

Upcycle Medical Limited is a company registered in England and Wales under number 11282547.