Legal

Privacy policy.

How Fidēs Imaging collects, uses and protects your personal data, and what rights you have in relation to it.

Last updated: January 2025

Fidēs Imaging Ltd is committed to protecting and respecting your privacy. This notice is provided in line with our obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read it carefully. If you have any questions, contact us at
privacy@fidesimaging.com.

Who we are

Throughout this document, “we”, “us”, “our” and “ours” refer to Fidēs Imaging Ltd and its affiliates. Fidēs Imaging Ltd is the data controller responsible for your personal data.

Fidēs Imaging Ltd is a company registered in England and Wales. Our registered address is [Address TBC]. For more information about us, please see fidesimaging.com.

Fidēs Imaging was founded as a spin-out from Motilent Ltd, a GI imaging software company. While the two organisations share certain technological foundations, Fidēs Imaging Ltd is a separate legal entity and operates its own data protection practices independently.

The information we collect from you

We may hold and process the following categories of personal information:

  • Identity data: including your name, job title and organisation
  • Contact data: including email address, telephone number and postal address
  • Communication data: information you provide when corresponding with us by phone, email or via our website contact form
  • Technical data: including your IP address (anonymised where possible), browser type and version, time zone setting, operating system and platform
  • Usage data: information about how you use our website, collected through analytics tools
  • Platform data: if you are a registered user of the Aperis platform, we may hold data related to your account, usage and activity within the platform

We may collect information whether or not you are an existing client. For example, you may be a prospective client, a scientific contact, an event attendee, or a visitor to our website.

When we collect your information

We collect personal information in the following circumstances:

  • When you submit an enquiry via our website contact form
  • When you correspond with us by email, phone or in person
  • When you register for or attend a Fidēs event or webinar
  • When you are set up as a user of the Aperis platform as part of a clinical program
  • When you visit our website (technical and usage data collected automatically)
  • When third parties — such as partner organisations or referral contacts — provide us with your details in connection with a potential or active engagement

How we use your information and the legal basis

We use your data where one or more of the following legal bases apply:

  • Consent: you have explicitly agreed to the use of your data for a specific purpose, such as receiving communications from us. You may withdraw your consent at any time.
  • Contract: processing is necessary in connection with a service or contract you have entered into with us, or because you have requested something to be done prior to entering into a contract.
  • Legal obligation: we are required to process your data to comply with a legal obligation, including regulatory requirements applicable to clinical research and medical device regulation.
  • Legitimate interests: we process your data for our legitimate business purposes, including communicating with prospective clients, improving our services, and managing our website. You have the right to object to processing on this basis.

We do not use your personal data for automated decision-making that produces legal or similarly significant effects.

Data transfers and security

Data transfers

Personal data we collect is primarily received through and stored within the United Kingdom. Data may be transferred to and processed at destinations outside the UK, including by cloud infrastructure providers such as AWS. Where data is transferred outside the UK to countries that do not benefit from an adequacy decision, we ensure appropriate safeguards are in place — including standard contractual clauses or equivalent mechanisms.

Data security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration or disclosure. Access to personal data is restricted to those who have a legitimate need to process it, and all such persons are subject to confidentiality obligations.

While we take all reasonable steps to protect your data, transmission of information over the internet cannot be guaranteed to be entirely secure. Any transmission is at your own risk.

Breach notification

We have procedures in place to identify and respond to personal data breaches. Where we are legally required to do so, we will notify you and the relevant supervisory authority of a breach without undue delay.

Data retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, and in accordance with applicable legal, regulatory and contractual requirements. For clinical program data, retention periods are governed by applicable regulations including those set by the MHRA.

How we use automated processing

We may use automated processing tools — including website analytics — to understand how our website is used and to improve our services. This includes:

  • Analysing website traffic and user behaviour using tools such as Google Analytics
  • Understanding which content and pages are most useful to our visitors
  • Improving website performance, security and functionality

We do not use automated processing to make decisions about individuals that have legal or similarly significant effects. Where we use automated analytics, data is anonymised or pseudonymised wherever possible.

Who we share your information with

We do not sell, trade or rent your personal data to third parties. We may share your information with:

  • Technology service providers who support the operation of our website and the Aperis platform — including cloud hosting, analytics and communication tools
  • Motilent Ltd, as a related entity that provides certain shared technology infrastructure, where relevant to the services you receive
  • Regulatory bodies, law enforcement and statutory authorities where we are legally required to disclose information
  • Professional advisors, including lawyers, auditors and insurers, where necessary
  • Third parties in connection with a business sale, merger or restructuring, where your data is among the assets transferred

All third parties with whom we share personal data are required to process it in accordance with applicable data protection law and our instructions.

Implications of not providing your data

Where we ask for personal data that is required to provide a service or respond to an enquiry, we will make this clear at the point of collection. If you choose not to provide that data, we may not be able to:

  • Respond to your enquiry or provide the services you have requested
  • Set up or maintain your access to the Aperis platform
  • Fulfil our obligations under an existing contract

Where providing data is optional, we will indicate this clearly.

Your rights

Under the UK GDPR, you have the following rights in relation to your personal data:

  1. Right of access

    You have the right to request a copy of the personal data we hold about you.

  2. Right to rectification

    You have the right to ask us to correct inaccurate or incomplete personal data.

  3. Right to erasure

    You have the right to ask us to delete your personal data in certain circumstances.

  4. Right to restriction of processing

    You have the right to ask us to restrict how we process your data in certain circumstances.

  5. Right to object

    You have the right to object to processing based on legitimate interests or for direct marketing purposes.

  6. Right to data portability

    Where processing is based on consent or contract and carried out by automated means, you have the right to receive your data in a portable format.

To exercise any of these rights, please contact us at privacy@fidesimaging.com. If you have a complaint about how we handle your data, you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

Accessing the personal data we hold about you

You have the right to make a Subject Access Request (SAR) to obtain a copy of the personal data we hold about you. To make a SAR, please contact us in writing by email at
privacy@fidesimaging.com.

We may ask you to provide proof of identity before processing your request. We will respond to your SAR within one calendar month. We will not normally charge a fee for a SAR, except where a request is manifestly unfounded or excessive.

Changes to this privacy policy

We may update this privacy policy from time to time to reflect changes in our practices, technology or legal obligations. The current version will always be available on this page, and the date at the top of the policy will indicate when it was last updated.

We will notify you of material changes where we are required to do so, for example by sending an email to registered Aperis platform users.

Contacting us

Questions, comments and requests regarding this privacy policy should be addressed to:

Fidēs Imaging Ltd — Data Privacy

Email:

privacy@fidesimaging.com

Address:

TBC, London, United Kingdom

Please use the subject line:

Enquiry about the Fidēs Imaging Privacy Policy

Cookies

We use cookies to help our website function effectively, remember your preferences and improve your experience. Some cookies are essential to the operation of the site, while others are used for analytics or personalisation.

You can manage your cookie preferences at any time using our cookie consent tool, or by adjusting your browser settings. Note that disabling certain cookies may affect the functionality of the website.

For full details of the cookies we use and how to manage them, please see our Cookie Policy.