.png)
Mediqia is a medical technology company registered as a the distribution of medical devices and access to regulatory approval in France. We operate across Europe and the Middle East to facilitate medical device distribution and regulatory access.
Company Name: Mediqia
Legal Form: SAS
Headquarters: [Insert French address]
Operational Office: [Insert UAE address]
Email: contact@mediqia.com
SIRET: [Insert Number]
RCS: [Insert City]
VAT Number: [Insert]
This Policy explains how we collect, use, disclose, transfer, and store personal data when you:
- Visit or interact with our websites or social media pages
- Download brochures, white papers, or other gated content
- Submit a contact or inquiry formPurchase, distribute, or integrate Mediqia products
- Subscribe to our newsletter or attend Mediqia-hosted events
It applies globally but is drafted to meet EU GDPR, UK GDPR, French Data Protection Act, and UAE Personal Data Protection Law (PDPL) requirements.
We collect only the personal data necessary to deliver our services, comply with regulations, and improve your experience. Here’s a breakdown of what we collect and why:
Contact and Business Information
This includes your name, professional title, organization name, email address, phone number, and work address. We collect this data when you contact us, request information, or engage with our sales and support teams. It allows us to respond to inquiries, provide quotations, process requests, and maintain a relationship with you or your organization. The legal basis is either the performance of a contract or our legitimate business interest.
Marketing Preferences
When you subscribe to our newsletter, download gated content, or opt into updates, we may collect your email address, communication preferences, and topic interests. This helps us tailor the information we send you. We only send marketing communications with your explicit consent, and you may unsubscribe at any time.
Technical and Usage Data
We collect anonymized data such as your IP address, browser type, device information, referral URLs, and website interaction metrics (pages viewed, time spent, actions taken). This helps us improve website performance, enhance security, and understand user behavior. This processing is based on our legitimate interest in maintaining and optimizing our online presence.
Transactional Information
When you purchase or distribute Mediqia products, we may process business identifiers such as VAT numbers, billing and shipping addresses, invoice records, and payment metadata (secured and tokenized via certified payment processors). This data is necessary for processing orders, fulfilling deliveries, maintaining records, and complying with accounting obligations.
Compliance & Know-Your-Customer (KYC) Data
For specific markets and distribution agreements, we may request supporting documentation to meet legal obligations under export control laws, anti-money-laundering (AML) directives, and international sanctions regimes. This processing is based on our legal obligations and required to conduct business lawfully and ethically.
We do not collect sensitive personal data (such as health records, ethnicity, or biometric identifiers) through our website or standard marketing channels. If this changes in the future — for instance, as part of post-market surveillance — we will inform users and obtain appropriate consent or justification under applicable laws.
We use first- and third-party cookies for:
- Essential operations (e.g., session management)
- Analytics (Google Analytics 4—IP anonymisation enabled)
- Marketing (LinkedIn Insight Tag, Meta Pixel) only when you give explicit consent via our Cookie Banner.
Cookie settings can be changed anytime in the “Manage Cookies” footer link.
- Service Providers – hosting (AWS eu-west-3), marketing automation (HubSpot EU data centre), CRM (Salesforce EU).
- Regulatory Bodies – CE-marking audits, notified bodies, or when legally required.
- Logistics & Customs Agents – only for shipment fulfilment and export compliance.
- Corporate Transactions – data may transfer in the event of a merger or acquisition; you will be notified beforehand.
We never sell personal data.
Where data moves outside the EEA/UK (e.g., to UAE or US sub-processors), we rely on:
- EU Standard Contractual Clauses (2021/914)
- UK International Data Transfer Addendum
- Supplementary technical measures (encryption in transit & at rest, zero-trust access)
A copy of current SCCs is available on request.
We keep personal data only as long as needed:
- Leads & marketing contacts – 24 months from last engagement
- Contract documents & invoices – 10 years (statutory accounting)
- Regulatory / vigilance data – 15 years post-market, per MDR 2017/745
After expiry, data is securely deleted or anonymised.
- ISO 27001-aligned information-security management
- TLS 1.3 encryption for all web traffic
- Role-based access, MFA, quarterly penetration tests
- 72-hour breach notification process (GDPR Art. 33)
Within the limits of applicable law, you may:
- Access a copy of your data
- Rectify inaccurate information
- Erase data (“right to be forgotten”)
- Restrict or object to processing
- Port data to another controller
- Withdraw consent at any time (for marketing)
Submit requests to privacy@mediqia.com. We reply within 30 days.
If unresolved, you can lodge a complaint with CNIL (France) or your local supervisory authority.
Our Services are not directed to minors under 16. We do not knowingly process children’s data.
Our site may link to partner or distributor websites. Mediqia is not responsible for their privacy practices; please review their policies.
We may update this Policy to reflect legal or operational changes. Important changes will be announced on the website and, where appropriate, via email. “Last updated” date will be amended accordingly.
For privacy questions, data-subject requests, or security reports:
Mediqia SAS
Email: privacy@mediqia.com
4 Rue Pierre Duhaa, 33000 Bordeaux, France
.png)
