Website Privacy Statement
This statement explains how Medical Account Services Limited, trading as Medserv ("Medserv", "we", "us", or "the Company"), collects and processes personal data in connection with this website. It has been prepared in accordance with the EU General Data Protection Regulation (GDPR) (2016/679) and the Data Protection Acts 1988-2018. We are not responsible for the content or privacy practices of other websites. Any external links to other websites will be clearly identifiable as such.
1. Data Controller
The data controller responsible for your personal data is: Medical Account Services Limited, t/a Medserv, 6th Floor, North Block, Rockfield Central, Dundrum, Dublin 16.
Email: gdpr@medserv.ie
2. Applying for a Role with Medserv
If you are applying for a job with Medserv, your personal data is processed in accordance with our Candidate Privacy Notice, which explains how we handle application data, including our use of AI-assisted screening and your rights in relation to it. The Candidate Privacy Notice is available on our careers page and is provided to all candidates prior to or at the point of application.
3. Information We Collect When You Visit Our Website
When you visit our website to browse, read, or download, we automatically collect and store limited technical information, including:
- The IP address from which you access our website
- The top-level domain name used (for example .ie, .com, .org, .net)
- The type of browser and operating system used to access our site
- The date and time of your access to our site
- The pages you visit
- The previous website address from which you reached us, including any search terms used
We use this information to understand how our website is used, to improve it, and to compile aggregate statistics about visitor numbers and traffic patterns. We do not use this information to identify individual visitors, and aggregate statistics do not include any personally identifying information.
Legal basis: our legitimate interest in operating, securing, and improving our website (Article 6(1)(f) GDPR).
4. When You Contact Us
You may choose to provide us with personal data (for example your name, email address, and contact details) when you contact us with a query, including as a prospective customer wishing to find out more about our services. We use these details solely for the purpose of dealing with your query.
Legal basis: our legitimate interest in responding to queries (Article 6(1)(f) GDPR) and, where your query relates to entering a contract with us, steps taken at your request prior to entering a contract (Article 6(1)(b) GDPR).
5. Customer Registration and Accounts
If you register as a customer with Medserv, you will be asked to provide information including your name, email address, contact telephone number, and business address, and to complete and return certain documentation. You may also be asked to specify any staff members or colleagues who should be able to access your account information in the private areas of the website.
We use this data and documentation solely for the purposes of managing your account with us, allowing you (and, if relevant, any nominated staff members or colleagues) to access private areas of the website, and to send you communications relevant to your account or which you have specifically subscribed to or requested. As a customer, you will be allocated a user ID and password. You may change your password at any time and should keep your user ID and password confidential at all times.
Legal basis: the performance of our contract with you (Article 6(1)(b) GDPR).
6. Marketing
You may be offered the opportunity to receive information about products and services which may be of interest to you, either from ourselves or from third parties. Any such marketing will only be carried out where you have specifically consented to it (Article 6(1)(a) GDPR), and you may withdraw your consent at any time by contacting us at gdpr@medserv.ie or by using the unsubscribe option in any marketing communication.
7. Cookies
This website uses cookies. Cookies are small text files which provide us with information about how often someone visits our site and what they do during those visits. Where cookies are not strictly necessary for the operation of the website, they will only be placed on your device with your consent, which you can give or refuse through our cookie banner and can change at any time through your cookie settings.
Cookies do not themselves contain any personally identifying information, but if you provide information to us, it may be linked to the data stored in the cookie. Disabling non-essential cookies may mean that some features of this website do not function fully.
8. Data Sharing
We may disclose your personal data, under strict obligations of confidentiality, to our service providers to the extent reasonably required for the purposes described in this statement. We have contractual arrangements in place with those service providers, in accordance with Article 28 GDPR, obliging them to process your data solely in accordance with our instructions and to apply appropriate data security standards.
We do not sell your personal data. We may also disclose personal data where required by law or to establish, exercise, or defend legal claims.
9. International Transfers
Some of our service providers may be located outside the European Economic Area (EEA), including in the United Kingdom. Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as European Commission adequacy decisions (including for the United Kingdom), Standard Contractual Clauses (SCCs) as adopted by the European Commission, or certification under the EU-US Data Privacy Framework. You may request a copy of the safeguards we apply to international transfers by contacting: gdpr@medserv.ie
10. Data Retention
We retain personal data for no longer than is necessary for the purposes for which it was collected:
- Website analytics and technical log data: up to 13 months
- Queries and related correspondence: up to 12 months from the resolution of your query
- Customer account data: for the duration of our relationship with you, and thereafter for up to 6 years where required for legal, tax, or accounting purposes
- Marketing consents and preferences: until you withdraw your consent
After these periods, your data will be securely deleted or anonymised unless we are required by law to retain it for longer.
11. Your Rights
Under the GDPR and the Data Protection Acts 1988-2018, you have the following rights:
- Right of access - to obtain a copy of your personal data
- Right to rectification - to correct inaccurate or incomplete data
- Right to erasure - to request deletion of your data in certain circumstances
- Right to restriction - to limit how we process your data
- Right to data portability - to receive data you provided in a structured, machine-readable format, where processing is based on consent or contract
- Right to object - to object to processing based on legitimate interest, and to direct marketing at any time
- Right to withdraw consent - at any time, without affecting the lawfulness of prior processing
- Right to lodge a complaint - with the Data Protection Commission (www.dataprotection.ie)
To exercise any of your rights, please contact gdpr@medserv.ie. We will respond to your request within one month, although this may be extended by a further two months for complex requests, in which case we will inform you.
12. Changes to this Statement
We may update this statement from time to time. Any changes will be posted on this page. If we intend to use personal data in a manner significantly different from that stated in this statement, or otherwise disclosed to you at the time it was collected, we will notify you and, where required, seek your consent before doing so.
13. Contact
Should you have any queries or concerns about your privacy or any of the issues covered in this statement, please contact us at: Medserv, 6th Floor, North Block, Rockfield Central, Dundrum, Dublin 16; email gdpr@medserv.ie; or telephone 01 661 9822.
14. Version Control
This statement is Version 2.0, published July 2026, replacing the previous website privacy statement. It has been updated to reflect the GDPR and the Data Protection Acts 1988-2018, including legal bases for processing, use of AI in screening, retention periods, international transfer safeguards and your rights.