Privacy Policy Notice

ExPharmaceutical Inspectors Consortium Limited T/A EPiC Auditors provide business support services in conjunction with partners to provide audits and support to pharmaceutical businesses and support them in their compliance.

EPiC Auditors takes its obligations concerning data protection seriously. We are providing this notice, so you have information about how we collect and process your personal data in accordance with the UK GDPR and Data Protection Act (2018). We ask you to please read this Privacy Notice as it has important information you need to know.

All EPiC Auditors employees and associated consultants must be aware of the requirements of the Act and Regulations when they collect or handle data about an individual.  EPiC Auditors consultants must not disclose any data except where there is subject consent, or legal requirement.  Data sent to outside agencies must always be protected by a written contract.  All collection and processing must be done in good faith.

What does our company do?

ExPharmaceutical Inspectors Consortium Limited T/A EPiC Auditors is a business support organisation formed to provide advice and support to pharmaceutical companies. The main office and data functions are carried out at our head office at 101 Galgate, Barnard Castle, Co Durham, DL12 8ES.

How do we collect information from you?

We obtain information about you when you use our website, for example, when you contact us about services, leave feedback or to become a member. We may also have referrals from other Partners who may refer to us to provide support required.

What information do we collect and process?

In order for us to help with your care we may collect from you, necessary personal data. “Personal Data” is information about you which, either on its own or when connected with other data, allows us to identify you as an individual customer to provide you with our services. The personal data we hold may include the following:

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

Identity Data includes name, username or similar identifier, title, date of birth and gender.

Contact Data includes address, email address and telephone numbers.

Financial Data includes bank details, business accounts details.

Transaction Data includes details about payments to and from you and other details of products or services we have purchased from you or you have procured form us.

Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

Usage Data includes information about how you use our website, products and services.

Marketing and Communications Data includes your preferences in receiving marketing from us and third parties and your communication preferences.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data), save for as required to monitor health absence of employees or contractors.

However, some personal data may, where lawful to do so, or with your consent, be collected by us from third parties.

Please note that you are under no obligation to provide us with your personal data, but not providing certain data could prevent us from serving you.

How is your information used?

We may also send you communications which you have requested and that may be of interest to you. These may include information about activities, campaigns and promotions of our associated companies goods and services;

This list is not exhaustive and may be updated from time to time. We do not ‘trade’ in your personal data and will not sell or rent your details.

Purpose/ActivityLawful basis for processingType of data
To process and deliver our services(a) Performance of a contract
(b) Necessary for our legitimate interests
(a) Identity
(b) Contact
(c) Financial
(d) Transaction
(e) Marketing and Communications
To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy policy
(b) providing you with other relevant information
(c) deliver our objectives and understand your needs
(d) keeping our records up to date
(e) obtain your opinions about the work we undertake
(a) Performance of a contract
(b) Necessary to comply with legal obligations
(c) Necessary for our legitimate interests
(a) Identity
(b) Contact
(c) Profile
(d) Marketing and Communications
To administer and protect  EPiC Auditors  and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)(a) Necessary for our legitimate interests
(b) Necessary to comply with legal obligations
(a) Identity
(b) Contact
(c) Technical
To use data analytics to improve our website, products/services, marketing, relationships and experiencesNecessary for our legitimate interests(a) Technical
(b) Usage
To make suggestions and recommendations to you about services that may be of interest to you with us or 3rd party companiesNecessary for our legitimate interests(a) Identity
(b) Contact
(c) Technical
(d) Usage
(e) Profile


Who will your personal data be shared with?

EPiC Auditors may share information with third party suppliers as required for external services and materials, however this will only be for the contract we are carrying out at that time or support services we or our partners may be able to provide.

Your details as provided by you will be added to our website for your marketing purposes.

Your details may be shared with consultants and subcontractors.

We may disclose specific information upon lawful request by government authorities, law enforcement and regulatory authorities where required or permitted by law.

Your personal information will not be transferred to, stored or otherwise processed outside the UK.

How you can access and update your information

The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us at:

You have the right to ask for a copy of the information EPiC Auditors hold about you.

Security precautions in place to protect the loss, misuse or alteration of your information

When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information is encrypted and protected with the following software 128 Bit encryption on SSL. When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer.

Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Use of ‘cookies’

Like many other websites, the EPiC Auditors website uses cookies. ‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. For example, we use cookies to store your country preference. This helps us to improve our website and deliver a better more personalised service.

It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our full cookies policy. Turning cookies of may result in a loss of functionality when using our website.

Links to other websites

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.

Do we get involved in direct marketing?

We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent, or you have signed up to our membership. We will not contact you for marketing purposes by post if you have indicated that you do not wish to be contacted.

You can change your marketing preferences at any time by contacting us by email:

What rights do you have to amend personal data?

You have the right to review the personal data held by us and have inaccurate information about you corrected. To understand more about our data processing activities or to request access to your personal information please email:

How long do we keep your personal data?

EPiC Auditors may keep your details on record for as long as it is necessary to meet record keeping requirements. We hold all legal, and financial records for seven years.

Changes to this Privacy Notice

EPiC Auditors may change this Privacy Notice from time to time in order to reflect changes in the law.