← Back to Home

Privacy Policy

Last Updated: December 4, 2025

1. Introduction

Viridis Software Solutions Limited ("Viridis", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our MEDRS (Medical Records System) software.

2. Information We Collect

2.1 Information You Provide

We may collect information that you voluntarily provide to us when you:

• Register for an account
• Use our MEDRS software
• Contact us for support or inquiries
• Subscribe to our newsletter or marketing communications

This information may include:

• Name, email address, and contact information
• Organization name and details
• Payment information (processed securely through third-party providers)
• Medical records and patient data (as part of the MEDRS system)

2.2 Automatically Collected Information

When you visit our website or use our software, we may automatically collect certain information, including:

• IP address and location data
• Browser type and version
• Device information
• Usage patterns and preferences
• Log files and analytics data

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and manage accounts
• Send administrative information and updates
• Respond to your inquiries and provide customer support
• Monitor and analyze usage patterns
• Detect, prevent, and address technical issues
• Comply with legal obligations

4. Medical Records and Patient Data

MEDRS is designed to store and manage medical records in compliance with UK data protection legislation, including:

• The General Data Protection Regulation (GDPR)
• The Data Protection Act 2018
• Medical record retention requirements (25 years minimum)
• Royal College of Physicians guidelines

Important: Medical records stored in MEDRS are the responsibility of the institution using the system. Viridis Software Solutions Limited acts as a data processor, not a data controller, for patient medical records.

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: Data is encrypted using AES-256-CBC encryption for sensitive information
• SSL/TLS: All data in transit is protected using SSL/TLS protocols
• Access Controls: Granular permission system with 100+ configurable permissions
• Audit Logging: Comprehensive audit trail of all user actions
• Regular Backups: Automated backup systems to prevent data loss
• Secure Infrastructure: Hosted on secure servers with regular security updates

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service Providers: With trusted third-party service providers who assist in operating our services (e.g., payment processors, hosting providers)
• Legal Requirements: When required by law or to respond to legal process
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you have given explicit consent to share information

7. Data Retention

We retain your information for as long as necessary to:

• Provide our services to you
• Comply with legal obligations (including medical record retention requirements)
• Resolve disputes and enforce our agreements

Medical records are retained in accordance with UK medical record retention requirements (minimum 25 years).

8. Your Rights

Under UK GDPR and the Data Protection Act 2018, you have the right to:

• Access: Request access to your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data (subject to legal requirements)
• Restriction: Request restriction of processing
• Portability: Request transfer of your data
• Objection: Object to processing of your data
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us using the information provided in Section 11.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our service.

10. Children's Privacy

Our services are designed for use by educational institutions and medical professionals. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. We ensure appropriate safeguards are in place for any international data transfers.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

Viridis Software Solutions Limited
7 Bell Yard
London
WC2A 2JR
United Kingdom

Email: info@viridissoftwaresolutions.co.uk
Data Protection Officer: dpo@viridissoftwaresolutions.co.uk