GDPR
GDPR Privacy Policy for the Recruitment of Foreign Doctors in the US
Effective Date: [Insert Date]
Last Updated: [Insert Date]
Minovici Medical Development is committed to safeguarding the privacy and security of your personal information. This policy explains how we collect, process, and store your data in compliance with the General Data Protection Regulation (GDPR), the Data Protection Act, and other applicable laws.
1. Data Controller Information
Organization Name: Minovici Medical Development
Address: [Insert Organization Address]
Email: diana@minovicimed.com
Phone:
2. Purpose of Data Processing
We collect and process personal data to:
- Facilitate recruitment, evaluation, and placement of candidates in medical employment opportunities in the US.
- Comply with immigration, licensing, and legal requirements.
- Support visa applications and credentialing processes.
- Communicate with candidates and relevant third parties, such as employers, licensing authorities, or legal representatives.
3. Lawful Basis for Processing
Our processing activities are based on:
- Consent: Candidates provide explicit consent during registration for recruitment purposes.
- Contractual Obligations: To fulfill agreements with candidates and employers.
- Legal Obligations: Compliance with immigration, tax, and licensing laws.
- Legitimate Interests: To efficiently manage recruitment operations and ensure qualified professionals are matched with suitable opportunities.
4. Data Collected
We collect the following types of personal data:
- Identity Information: Name, date of birth, nationality, gender, and passport details.
- Contact Information: Email address, phone number, and physical address.
- Professional Information: CV, educational qualifications, licensure details, professional references, and employment history.
- Immigration and Legal Documents: Visa, work permits, and background checks.
- Medical Records: Immunization records and fitness certificates (where legally required).
5. Data Storage and Retention
Data Storage:
- Digital records are stored on secure, encrypted systems accessible only to authorized personnel.
- Paper files are kept in locked cabinets.
- Limited contact details may be stored on password-protected mobile devices for communication purposes.
Data Retention:
- Personal data is retained for five (5) years from the candidate’s last engagement unless a longer retention period is required by law (e.g., payroll data).
- Client data is retained for up to five (5) years of inactivity, after which it is deleted unless consent for continued storage is obtained.
6. Data Sharing
We share personal data only with:
- Potential employers and healthcare facilities in the US.
- Licensing bodies such as the Educational Commission for Foreign Medical Graduates (ECFMG) and state medical boards.
- Legal consultants and immigration services for visa and compliance requirements.
- Background check providers and government authorities when legally required.
We never sell personal data to third parties.
7. Data Breach Procedures
In the event of a data breach:
- The breach will be reported to the Information Commissioner’s Office (ICO) within 72 hours, where required, unless the breach poses no risk to individual rights.
- Affected individuals will be notified if the breach poses a high risk to their rights or freedoms.
- Documentation of the breach, including its nature, scope, impact, and remediation measures, will be maintained for regulatory review.
8. Rights of Data Subjects
Candidates and clients have the following rights under GDPR:
- Access: Request access to your personal data at any time.
- Correction: Rectify inaccuracies in your personal data.
- Erasure: Request deletion of your data when it is no longer needed or processed unlawfully.
- Restrict Processing: Request limitations on the processing of your data.
- Portability: Obtain your data in a structured, machine-readable format.
- Object: Object to processing based on legitimate interests.
- Withdraw Consent: Withdraw consent for specific processing activities at any time by contacting diana@minovicimed.com.
9. Data Transfers
As recruitment activities involve the United States, personal data may be transferred outside the EU/EEA. Safeguards include:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Compliance with US data privacy frameworks where applicable.
10. Complaints
If you have concerns or complaints about our data processing practices, you can:
- Contact us at diana@minovicimed.com.
- File a complaint with the Information Commissioner’s Office (ICO) via www.ico.org.
11. Updates to This Policy
We may update this Privacy Policy to reflect changes in law or operational requirements. Significant changes will be communicated directly to candidates and clients where applicable.
For further inquiries, contact our Data Protection Officer at diana@minovicimed.com.