Cardiologic Ltd is committed to protecting personal data and ensuring full compliance with the UK GDPR, Data Protection Act 2018 and all relevant legislation. We process data lawfully, fairly and transparently, collecting only what is necessary, keeping it accurate and secure, and retaining it only for as long as required. Our policy applies to all staff and covers both digital and physical data, including special category data where applicable. We embed data protection by design and by default across all systems and processes, carrying out risk assessments and Data Protection Impact Assessments where appropriate. While we are not required to appoint a Data Protection Officer, we have designated a Data Security and Protection Lead to oversee compliance, uphold individuals’ rights, and ensure strong governance, training and continuous improvement across the organisation.

Martyn Dixon
CardioLogic Managing Director
Date Signed: 07/11/2025
Document Number: CL-POL-0004