Medesk and GDPR Compliance

Last updated: 14th May 2018, effective as of May 25th 2018

On May 25th 2018, the European Union’s new privacy law, the General Data Protection Regulation (GDPR) will come into effect.

The GDPR is a sweeping legislation which strengthens the right to know how your data is collected, processed, stored, as well as grants the right to have your data deleted (the right to be forgotten).

The GDPR includes conditions like:

  • Personal data must be collected in a fair and transparent way and must only be used responsibly.
  • Personal data cannot be collected arbitrarily and must only be collected for a specific purpose.
  • Personal data can only be held for the time needed to carry out this specific purpose.
  • Citizens have the right to know what personal data is being collected. A person may request a copy of their data or that they’re data be deleted, restricted, or moved.

Even though GDPR is geared towards citizens of the European Union, we believe every user has the right to privacy and we will be actioning data requests from any individual, within or outside the EU.

Data Processing Schedule

This DPS shall come into effect on May 25, 2018 and shall continue until it is changed or terminated in accordance with the Terms of Service.

To ensure that no terms are imposed on us beyond those reflected in our standard DPS, we cannot agree to sign customers' specific DPSs. Any changes to our DPS will require legal counsel and the back and forth that goes with it, which will be too cost prohibitive for our company.

Click here to view the DPS. Please write us back to with your company name if you need an executed DPS with signatures.


Medesk Limited 3rd Floor, 207 Regent Street, London W1B 3HH UK Registration No 10118056