GDPR

Our Pledge to Data Protection and Right of Individuals to Data
GDPR Compliance

At Pharma Escalator, we take data privacy and security seriously.

We are committed to processing data in accordance with its responsibilities under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This page outlines our approach to data protection and the measures we have implemented to ensure the safety and privacy of our clients' data.

Our Commitment

We have aligned our internal processes, technology, and documentation to ensure compliance with the UK GDPR. This includes:

  • Transparency: Clearly identifying what data we collect and why.
  • Minimization: Only collecting data that is strictly necessary for our services.
  • Security: Implementing robust security measures to protect data.
  • Accountability: Maintaining records of our processing activities.
How We Protect Data

We utilize a "Privacy by Design" approach. Our security measures include:

  • Encryption: Data is encrypted in transit (using SSL/TLS) and at rest where applicable.
  • Access Control: Access to personal data is restricted to employees and contractors who need it to perform their job functions. We use Multi-Factor Authentication (MFA) for internal systems.
  • Vendor Vetting: We only utilize third-party sub-processors (e.g., cloud hosting, CRM tools) that maintain high standards of data security and GDPR compliance.
Data Processing for Clients

As a growth and marketing agency, we often act as a Data Processor for our clients (who are the Data Controllers). When we manage marketing campaigns (e.g., WhatsApp outreach) on your behalf:

  • We only process data based on your documented instructions.
  • We do not use your customer data for our own independent purposes.
  • We assist you in fulfilling data subject rights requests (e.g., if one of your customers wants to be unsubscribed).
International Data Transfers

Pharma Escalator is based in the UK. If we transfer data outside the UK (for example, to support teams or servers in other jurisdictions), we ensure valid transfer mechanisms are in place, such as the UK International Data Transfer Agreement (IDTA) or by ensuring the destination country has an 'Adequacy Decision'.

Data Subject Rights

We fully support the rights granted to individuals under the GDPR, including:

  • The right to be informed.
  • The right of access.
  • The right to rectification.
  • The right to erasure ('right to be forgotten').
  • The right to restrict processing.
  • The right to data portability.
  • The right to object.

If you wish to exercise any of these rights, please submit a request to our team at hello@pharmaescalator.co.uk.

Contact Our Data Protection Officer

If you have questions about our compliance or security posture, please contact us:

  • Email: hello@pharmaescalator.co.uk
  • Address: 12 Redstart Dr, Catcliffe, Rotherham S60 8EG, UK

© Copyright 2025 Aptionix Ltd UK

Scroll to top

Your Privacy Matters

We respect your privacy and data protection rights

We use cookies to enhance your browsing experience, provide personalized content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies in accordance with UK GDPR and PECR regulations.

Strictly Necessary Cookies Required

Essential for the website to function properly. These cookies ensure basic functionalities and security features.

Functional Cookies

Enable enhanced functionality like chat support, video playback, and personalized user experience features.

Analytics Cookies

Help us understand how visitors interact with our website to improve user experience and site performance.

Marketing Cookies

Used to track visitors and display relevant advertisements tailored to your interests across different websites.

Learn more in our Privacy Policy and Terms & Conditions and GDPR