Dispex Ltd
Effective date: 22.1.2026
Last updated: 22.1.2026
This privacy policy explains how Dispex Ltd collects, uses and protects personal data in
accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection
Act 2018.
Who we are
Dispex Ltd is the data controller responsible for your personal data.
What personal data we collect
We may collect and process the following information:
– Name, job title and organisation
– Business contact details such as email address and telephone number
– Account and login information for our services
– Records of training, membership or services provided
– Communications with us
What we do not collect
We do not collect patient data or special category data such as health information.
How we use your data
We use personal data to:
– Provide our services and manage memberships or accounts
– Communicate with you about services, training or support
– Meet legal and regulatory obligations
– Improve our systems and services
Lawful basis for processing
We process personal data under one or more of the following lawful bases:
– Performance of a contract
– Legal obligation
– Legitimate interests related to running and improving our services
How long we keep your data
We retain personal data only for as long as necessary. Indicative retention periods include:
– Membership and account records: up to 6 years after the relationship ends
– Financial records: 6 years in line with HMRC requirements
– Training records: up to 6 years
– Enquiries: up to 12 months if no ongoing relationship is formed
Sharing your data
We may share personal data with trusted service providers who support our business operations,
such as IT, hosting or email providers.
International data transfers
Some of our service providers may process personal data outside the UK. Where this occurs,
appropriate safeguards are in place to ensure data is protected in accordance with UK GDPR,
including adequacy regulations or contractual protections.
Data security
We take appropriate technical and organisational measures to protect personal data against
unauthorised access, loss or misuse.
Your rights
You have the right to request access to your personal data, request correction or deletion, object to
processing, and request restriction of processing in certain circumstances.
Data protection enquiries
If you have any questions about this privacy policy or how we handle your personal data, including
requests to exercise your data protection rights, please contact us at enquiries@dispex.net.
Complaints
If you are unhappy with how we handle your data, we encourage you to contact us first. You also
have the right to complain to the Information Commissioner’s Office (ICO).
Updates to this policy
We may update this privacy policy from time to time. The latest version will always be available on
our website.
