GDPR Data Protection Policy
Oocyt Fertility Frontiers Ltd collects and uses personal data about individuals including clients, clinic partners, suppliers, and other parties in connection with providing our global fertility concierge and IVF travel coordination services. This policy describes how personal data must be collected, handled, and stored to meet Oocyt Fertility Frontiers Ltd's data protection standards and to comply with applicable law, including GDPR.
Why This Policy Exists
This data protection policy ensures Oocyt Fertility Frontiers Ltd:
Complies with data protection law and follows best practice
Protects the rights of clients, staff, and partners
Is transparent about how it stores and processes personal data
Protects itself from the risks of a data breach
Given that Oocyt Fertility Frontiers Ltd's clients share sensitive health-related information in pursuit of fertility treatment, we hold ourselves to the highest standards of confidentiality and data care.
Data Protection Principles
Personal data must:
Be processed lawfully, fairly, and transparently
Be collected for specified, explicit, and legitimate purposes
Be adequate, relevant, and limited to what is necessary
Be accurate and kept up to date
Not be retained longer than necessary
Be processed securely, protecting against unauthorised access, loss, or destruction
Not be transferred outside the European Economic Area without adequate protections
Scope
This policy applies to all Oocyt Fertility Frontiers Ltd staff, contractors, and partners who handle personal data on behalf of Oocyt Fertility Frontiers Ltd.
Data Storage
Paper records: Stored in secure, locked environments. Printed materials must not be left unattended. Printouts must be shredded when no longer required.
Electronic records: Protected by strong, regularly changed passwords. Stored on designated, approved systems. Servers must be protected by security software and firewalls. Personal data must not be saved to personal devices without authorisation.
Health data: Client fertility and health information is treated as sensitive personal data and accorded the highest level of protection at all times.
Data Use
Staff accessing personal data must:
Lock computer screens when leaving workstations
Never share personal data informally or by unsecured email
Encrypt data before any electronic transfer
Access only the data required for their role
Report any suspected breaches immediately to the designated officer
Data Accuracy
Oocyt Fertility Frontiers Ltd takes reasonable steps to ensure that personal data is kept accurate and up to date. Clients are encouraged to notify us of any changes to their information. Inaccurate or outdated data will be corrected or deleted promptly.
Subject Access Requests
Clients may request access to the personal data Oocyt Fertility Frontiers Ltd holds about them. To make a subject access request, please contact contact@oocyt.org. We will verify your identity and respond within the statutory timeframe (typically 30 days). There is no charge for a subject access request.