At DLRC, our mission is to offer renowned and innovative regulatory affairs solutions that exceed client expectations while adhering to industry standards and regulations.
We are committed to continuous improvement, innovation, and sustainability in all our operations.
Our core values include stakeholder satisfaction, employee development, and environmental responsibility.
We strive to foster a culture of regulatory excellence and to maintain a safe and ethical workplace.
This quality policy guides our efforts to achieve operational efficiency, strategic expertise, consistent regulatory service and market leadership.
CEO, DLRC Ltd,
Orphix Consulting Services
The DLRC group of companies: DLRC Ltd, DLRC Inc and Orphix Consulting GmbH, Business Privacy Notice
Data controller: Dianne Lee, DLRC Ltd, Suite 201 Nexus Building, Broadway, Letchworth Garden City SG6 3TA
Introduction
DLRC collects and processes personal data relating to its business partners and prospective partners to manage the business relationship. The organisation is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
What information does the organisation collect?
The organisation may collect and process a range of information about you. This includes:
The organisation may collect this information in a variety of ways. For example, data might be collected through contact forms or emails; from telephone contact or meetings or obtained from your business card or company information that you supply.
Data will be stored in a range of different places, including in our email system, on the company’s databases and in other IT systems.
Why does the organisation process personal data?
The organisation needs to process data to maintain contact with you and your organization, and to enter into business agreements with you. In some cases, the organisation needs to process data to ensure that it is complying with its legal obligations.
In other cases, the organisation has a legitimate interest in processing personal data in order to:
Some special categories of personal data, such as information about health or medical conditions, is processed to carry out employment law obligations (such as those in relation to employees with disabilities).
Who has access to data?
The organisation shares your data internally in order to manage its business effectively and take appropriate advice where necessary.
Your data may be transferred to countries outside the European Economic Area (EEA) for business development purposes. Data is transferred outside the EEA on the basis of declaration of adequacy, binding corporate rules or other safeguards.
How does the organisation protect data?
The organisation takes the security of your data seriously. The organisation has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. DLRC laptops and cloud-based storage systems are encrypted. Restrictions are set within the system to allow access to personal data by only the necessary personnel.
Where the organisation engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
For how long does the organisation keep data?
The organisation will hold personal data for the following periods:
Your rights
As a data subject, you have a number of rights. You can:
If you would like to exercise any of these rights, please contact Dianne Lee at the DLRC address.
If you believe that the organisation has not complied with your data protection rights, you can complain to the Information Commissioner.
Organisation
The DLRC Group (referred to as “the Company”) comprises four entities under DLRC Holdings Ltd, including DLRC Ltd, based in the UK, with its head office in Letchworth Garden City, Orphix Consulting GmbH in Munich, Germany, DLRC Pharma in the Republic of Ireland, and DLRC Inc., based in Boston, USA. A board of directors controls each entity. All DLRC entities are committed to treating all workers with respect and dignity, ensuring safe working conditions, and operating ethically. We stand against all forms of modern slavery.
The DLRC Group work with a range of clients to develop and execute innovative regulatory strategies from early product development to post-licencing activities for medicines and medical devices around the globe.
Definitions
The Organisation considers that modern slavery encompasses:
Commitment
The organisation acknowledges its responsibilities concerning tackling modern slavery and commits to complying with the provisions set out in national and international legislation:
The Organisation does not enter into business with any other organisation, in the United Kingdom or abroad, which knowingly supports or is found to involve itself in slavery, servitude, human trafficking and forced or compulsory labour.
Potential Exposure
In general, the Organisation considers its exposure to slavery/human trafficking to be relatively limited. Nonetheless, it has taken steps to ensure that such practices do not take place in its business or the business of any organisation that supplies goods and/or services to it.
Due Diligence
To identify and mitigate the risk of modern slavery, we have taken the following steps:
Conducting risk assessments to identify areas of higher risk within our supply chains.
Engaging with suppliers to ensure compliance with our ethical standards.
Implementing a supplier audit program
Training and Awareness
We provide training to key employees to ensure they understand modern slavery risks, how to identify potential issues, and how to report concerns.
Reporting Concerns
We encourage all employees, suppliers, and stakeholders to report any concerns related to modern slavery or human trafficking through our confidential whistleblowing channels. Reports can be made anonymously where permitted by law.
This policy applies to all stakeholders of DLRC Limited.
It is important to the business that any fraud, misconduct or wrongdoing by workers or officers of the Company is reported and properly dealt with. The Company therefore encourages all individuals to raise any concerns that they may have about the conduct of others in the business or the way in which the business is run. This policy sets out the way in which individuals may raise any concerns that they have and how those concerns will be dealt with.
Qualifying Disclosures
Certain disclosures are prescribed by law as “qualifying disclosures”. A “qualifying disclosure” means a disclosure of information that you genuinely and reasonably believes is in the public interest and shows that the Organisation has committed a “relevant failure” by:
These acts can be in the past, present or future, so that, for example, a disclosure qualifies if it relates to damage that has happened, is happening, or is likely to happen. The Organisation will take any concerns that you may raise relating to the above matters very seriously.
The Employment Rights Act 1996 provides protection for workers who ‘blow the whistle’ where they reasonably believe that some form of illegality, injustice or breach of health and safety has occurred or is likely to occur. The disclosure has to be “in the public interest”. We encourage you to use the procedure to raise any such concerns.
Should the concern not meet the requirement to be a qualifying disclosure, you should raise this under the Organisation’s grievance policy. Where a concern is raised under the whistleblowing policy where it is not appropriate to do so, ie it relates to a personal grievance, the receiving manager will confirm that the matter will be addressed under the grievance policy.
How to report a concern
In order to qualify for protection, disclosable matters must be reported to the types of people (either within or outside of DLRC) who are permitted to receive Protected Disclosures.
To report suspected misconduct at DLRC, disclosures can be made to recipients including:
Investigation Process
All concerns raised under this policy will be taken seriously and investigated promptly, fairly, and objectively. The aim is to determine the facts, assess the validity of the concern, and take appropriate action where necessary.
Acknowledgement of the Concern – Upon receiving a concern, the organisation will acknowledge receipt within five (5) working days. The whistleblower will be informed of the next steps and who will be handling the matter.
Initial Assessment – A preliminary review will be conducted to determine whether the concern falls within the scope of this policy and whether a full investigation is warranted. If the concern is outside the scope of this policy, it may be redirected to a more appropriate procedure (e.g., grievance, disciplinary, or safeguarding).
Appointment of Investigating Manager – An impartial investigating manager will be appointed to hear the concerns. This may be an internal manager or, in some cases, an external party. The investigating manager will be independent of the matter and of any individuals involved.
Conducting the Investigation – The investigation will involve gathering relevant evidence, which may include:
All interviews will be conducted sensitively and confidentially. The investigation will be conducted in a timely manner, with regular updates provided to the whistleblower where appropriate.
Outcome & Reporting – once the investigation is complete a report will be prepared for the board to review on the summarising the findings, conclusions and any recommendations or next steps to be taken. The whistleblower will be informed of the outcome subject to GDPR constraints.
Timescales – The organisation aims to complete investigations within 28 working days of the concern being raised. If this is not possible, the whistleblower will be informed of the delay and provided with an estimated completion date.
If on conclusion of the investigation process the whistleblower still feels that appropriate action has not been taken, they can report the matter to the proper authority. The legislation sets out a number of bodies to which qualifying disclosures may be made. These include:
Protection against detrimental treatment
The organisation is committed to creating a safe and ethical workplace where individuals who raise concerns in good faith are protected from any form of retaliation, victimisation, or disadvantage as a result of their disclosure. Retaliation against anyone who raises a concern in good faith, is strictly prohibited and will not be tolerated in any circumstances.
Retaliatory treatment may include, but is not limited to:
Our commitment
Any form of retaliation will be treated as a serious disciplinary matter, potentially leading to termination of employment.
We will take all reasonable steps to protect the identity of whistleblowers and ensure confidentiality throughout the process.
Support for Whistleblowers
Whistleblowers will be supported by the People team and appropriate senior leadership.
Mechanisms in place to ensure whistleblower protection may include:
The organisation will take all reasonable steps to ensure that whistleblowers do not suffer any disadvantage as a result of raising a concern. We will monitor the treatment of whistleblowers after a report is made to ensure no retaliatory behaviour occurs.
Reporting detrimental treatment
If you believe you have been subjected to detrimental treatment as a result of whistleblowing, you should report this immediately to the people team or a senior manager. All such reports will be taken seriously and investigated promptly.
Legal Protections
This policy operates in line with the Public Interest Disclosure Act 1998 (PIDA), which provides legal protection to workers who disclose information about wrongdoing in the public interest. Employees who are subjected to retaliation may have the right to seek legal redress through an employment tribunal.
For anyone wanting to reach out about whistleblowing, please contact speakup@dlrcgroup.com