This site uses cookies.

Some of these cookies are essential, while others help us to improve your experience by providing insights into how the site is being used.

Select preferencesReject optionalAccept all

Cookie preferences

This website uses cookies so that we can provide you with the best user experience possible.

Necessary cookies (required)

Necessary cookies enable core functionality. The website cannot function properly without these cookies, which can only be disabled by changing your browser preferences.

Analytical cookies

Analytical cookies help us to improve our website by collecting and reporting information on its usage.

Submit preferencesAccept all

Privacy Policy

Privacy Policy

Medicines UK (trading as British Generic Manufacturers Association Ltd)

Last updated: December 2025

 

  1. Introduction

 

Medicines UK (trading as British Generic Manufacturers Association Ltd) (“Medicines UK”, “we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy.

This Privacy Policy explains how we collect, use, store and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

It applies to personal data collected through our website, membership activities, events, communications, surveys, stakeholder engagement, job applicants, and other interactions with Medicines UK.

 

  1. Data Controller

 

The data controller is:

British Generic Manufacturers Association Ltd

Trading as Medicines UK

Registered office:

71–75 Shelton Street

London

WC2H 9JQ

Company registration number: 10276727

Data protection contact:

Communications Director

info@medicinesuk.com

 

  1. Personal Data We Collect

 

We may collect and process the following categories of personal data:

Name

Job title and professional role

Organisation/employer

Email address

Telephone number

Postal address

Membership records

Event registration and attendance information

Payment information relating to events or membership (processed securely via third parties)

Communication preferences including opt-out/consent status

Survey responses and opinions

Website usage data (including IP address, browser type, device information)

Cookie and analytics data

We do not intentionally collect special category data (such as health data, racial or ethnic origin, political opinions, or religious beliefs).

 

  1. How We Collect Personal Data 

 

We collect personal data directly when you:

Enter your details on a form on our website

Register to attend an event

Complete a survey

Apply for a job

We may also receive personal data indirectly where appropriate, such as from member organisations or professional contacts.

We also collect your personal data automatically when you browse our website.

 

  1. Purposes for Processing Personal Data

 

We process personal data for the following purposes:

Managing membership and member services

Communicating with members and stakeholders

Organising and administering events, meetings and webinars

Policy development, advocacy and stakeholder engagement

Responding to enquiries

Conducting surveys and research

Website administration and analytics

Sending event invitations and policy updates

Legal, regulatory and governance compliance

Recruitment and supplier management

Improving our services and activities.

 

  1. Lawful Bases for Processing

 

We rely on the following lawful bases under UK GDPR:

Legitimate interests – for membership administration, communications, events, policy engagement, surveys, website analytics and organisational governance, linked to the activities above to keep our members informed about industry developments, regulatory changes, policy updates, and sector-specific news that directly affect their professional activities and business operations

Legal obligation – where required to comply with applicable laws or regulatory requirements

Consent – where required, such as for certain electronic communications or where individuals choose to receive specific information

Where we rely on legitimate interests, we have balanced our interests against your rights and freedoms.

 

  1. Communications Promoting our Work

 

Where you have previously engaged with us and you have not opted out from receiving our communications, Medicines UK may send you communications to keep you up to date about our:

Events, including by sending you invitations

Policy updates

Sector news and briefings

You may opt out of receiving communications at any time by contacting us at info@medicinesuk.com or using unsubscribe mechanisms where available.

We do not sell personal data to third parties.

 

  1. Data Sharing and Third Parties

 

We may share personal data with trusted third parties, including:

IT service providers

Website hosting providers

Email communication platforms

Event management and survey platforms

Professional advisers (legal, audit, consultancy)

Other trade bodies or partners where appropriate

All third parties are required to process personal data securely and in accordance with applicable data protection law.

We may also disclose personal data to government bodies or regulators where legally required or where we think appropriate.

 

  1. International Data Transfers

 

Some of our service providers such as IT providers may process or store data outside the UK.

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as:

UK adequacy regulations, or

Standard contractual clauses or equivalent safeguards

If you wish to understand which safeguards are in place to protect your personal data then you can ask for more information using the contact details at the top of this privacy policy.

 

  1. Data Retention

 

We retain personal data only for as long as necessary for the purposes for which it was collected, including legal, regulatory and operational requirements.

Indicative retention periods include:

Membership data: retained for the duration of membership and up to 6 years thereafter

Event and communications data: up to 3 years after last engagement

Survey data: up to 3 years

Financial records: in accordance with statutory requirements

Website analytics data: in line with analytics provider settings

Retention periods may vary depending on context and legal obligations.

 

  1. Cookies and Website Analytics

 

Our website uses cookies and similar technologies to understand how visitors use our site and to improve functionality.

Cookies may collect information such as IP address, browser type and pages visited. We do not use marketing or advertising cookies on this website.

Where required, cookies will be used in accordance with applicable consent requirements. You can manage cookies through your browser settings.

 

  1. Automated Decision-Making

 

Medicines UK does not use automated decision-making or profiling that produces legal or similarly significant effects.

 

  1. Children

 

Our services and communications are not directed at children, and we do not knowingly collect personal data relating to children.

 

  1. Data Security

 

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse or disclosure. The transmission of information via the internet is not completely secure and we cannot guarantee the security of your personal data transmitted to us or provided through the website. Access to personal data is restricted to authorised personnel and service providers only.

 

  1. Your Rights

 

Under UK GDPR, you have the right to:

Access your personal data - You have the right to request a copy of the personal data we hold about you and information about how we use it.

Request correction of inaccurate data - You can ask us to correct any personal data about you that is incomplete or inaccurate.

Request erasure of your data - You can ask us to delete your personal data in certain circumstances, such as where it is no longer necessary for the purposes for which it was collected.

Restrict or object to processing - You have the right to ask us to stop or limit how we use your personal data in certain situations, or to object to processing based on legitimate interests or for direct marketing purposes.

Request data portability - You can ask us to provide your personal data in a structured, commonly used format so you can transfer it to another organisation, where our processing is based on consent or contract and carried out by automated means.

Withdraw consent - Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

To exercise your rights, contact info@medicinesuk.com. We will endeavour to respond to any rights requests within one month in compliance with UK GDPR.

 

  1. Changes to This Policy

 

We may update this Privacy Policy from time to time. Any changes will be published on our website with an updated revision date.

 

 

Up