We never release data to clients or third parties and only provide our services for email campaigns that are of academic/professional interest only. Orders cannot be cancelled/amended after deployment or invoicing. Deliverability is c98% and we will credit/refund you for all hard bounces.

 Where recipients reply by mail, email, fax or telephone to the client from a campaign we have sent on your behalf, you are permitted to contact those respondents freely from the date of such reply, pursuant to your GDPR obligations and compliance.

Payment in full is due within 30 days of invoice date. 

In the event of our having to resort to debt collection or other legal proceedings, interest on the debt from the due date (30 days after invoice date) until date of payment will be charged at either 3% above Bank of England base rate or equivalent local rate for non-UK customers as well as all attendant recovery and/or legal costs. The governing law in relation to the above terms and conditions will be UK law.

Suppression files should be supplied in encrypted, unusable format via this form here: http://www.medlist.co/suppression/ or by using the Search & Replace function in a text editor or Excel to remove the symbols from every email address. Our database will check for matches based on the alphanumeric sequence of each encrypted email address. This means that no email addresses are transferred to us in a recognisable or usable format.

We hold no financial or personal medical information for individuals on our database, nor anything of a sensitive or confidential nature, only name, contact details and work and research interests.  The Sign-up form for our survey panel is here: http://www.medlist.co/join/ and the sign-up form states “Tick here to receive survey invitations and product/service invites that are strictly of academic and professional interest. Normally, they will be restricted to your specialty, however we do send occasional messages of general scientific interest e.g. surveys from national/international medical associations. You can opt out at any time here or at the foot of any communication you receive.”.

Our database centre, servers and information security management system (ISMS) have attained certification in accordance with ISO 27001. Data is maintained in a manner fully compliant with the Data Protection Act 1998. Data storage is at our secure data centre (Entry only possible via electronic access control terminals with a transponder key or admission card. All movements are recorded and documented. Modern surveillance cameras provide 24/7 monitoring of all access routes, entrances, security door interlocking systems and server room, ISO 27001 certified.)

Access to databases are restricted to named personnel only and accessed via two layers of secure password protection

We take all reasonable measures to ensure that data protection compliance, data security and the rights of individuals on our database are maintained to the level required by EU General Data Protection Regulation (GDPR).

Our obligations under the GDPR are to 1. Hold data securely and minimise risk of breaches 2. Inform subscribers of any transfer of their contact details to third parties (this does not apply to us as we never transfer or release data) 3. Inform of any data breaches promptly 4. Answer queries from subscribers promptly on information held on them 5. Remove anyone promptly who requests we do so.   We comply with all of these obligations.

We pass no email data whatsoever to clients or third parties.