This Data Protection Notice contains the information you need in order to understand how your personal data is used by us. For further information please contact us with the contact details provided below in section 12. We don’t and never share data to another organisations except Public Health England for marketing and other reason.
In order to manage the site, Allhealthcare (collectively We, Our or Us) collect a certain amount of personal data. “Personal data” means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information.
This Data Protection Notice sets the basis on which we gather, use, disclose and process any personal data we collect from you, or that you provide to us. We will use your personal data only for the purposes and in the manner set forth below which describes the steps we take to ensure our processing of your personal data is in compliance with the General Data Protection Regulation ((EU) 2016/679) (the GDPR) and any implementing legislation.
Please read the following carefully to understand our use of your personal data.
Your right to object – please note that you have a right to object to the processing of your personal data where that processing is carried out for our legitimate interests.
1. What personal data we may collect about you?
If you purchase services from us or complete any forms or pop-ups in relation to detailed questionnaires, we need to collect and process personal data about you. The types of personal data that are processed may include: Category types of data collected, individual details namely, title, name, billing address, mailing address, telephone number, email address and marketing preferences, IP address, real-time geographic location data, browser settings, browsing records, and/or other Internet log information of your computer or mobile device, bank account details or payment card details, transactional information from our website, and personal medical information.
2. The purposes of, and legal basis for, the processing of your personal data
We hold, disclose and process your personal data in order to sell merchandise, analyse questionnaires and contact you with newsletters and any other correspondence in regards to information we believe is relevant to you as provided by your marketing preferences. Providing you with this information involves using the following personal data:
- Information that you provide by filling in forms and pop-ups on our site: (our site). This includes information provided at the time of registering to use our site, subscribing to any services or requesting further services.
- If you contact us, we may keep a record of that correspondence.
- Details provided by you during the course of your participation in a medical or product study conducted by us.
- Details of transactions you carry out with us and of the fulfilment of your orders.
- Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise, and the resources that you access on our site.
- We may also use your personal data where: a) it is necessary to comply with our legal and regulatory obligations (for example, complying with reporting obligations to the Information Commissioner’s Office); b) it is necessary to support our legitimate interests (i) managing and or administering our website and operations (ii) improving our services (iii) prevention and detection of crime, (iv) analytics, provided in each such instance they are not overridden by your interests and rights; and/or c) you have consented to processing your information in such a way.
3. Medical information
We may hold, use, disclose and process personal data relating to relevant medical information for the purposes identified above, where necessary to comply with our legal and regulatory obligations, or where necessary to support our legitimate interests. We will only carry out such processing where it is authorised by European Union (EU) or United Kingdom law.
4. Special categories of personal data
We hold, use, disclose and process special categories of personal data (e.g. your health) where:
- You have given us your explicit consent;
- The processing is necessary to protect your, or another’s vital interest;
- You have manifestly made your personal data publicly available;
- The processing is necessary for the establishment, exercise or defence of legal claims; or necessary for reasons of substantial public interest on the basis of law.
5. Who we share your information with
In order to provide our services and to comply with legal obligations imposed on us, it may be necessary from time to time for us to disclose your personal data to third parties, including without limitation to the following:
- With our agents and third parties who provide services to us to help us administer our website, processing of transactions and other services.
- With regulatory bodies and law enforcement bodies (where we are required to do so to comply with a relevant legal and regulatory obligation);
- Legal, financial, political and other professional advisors;
6. Transfer of personal data outside the UK and the EEA
The personal data we collect from you may be transferred to and stored at a destination outside of the United Kingdom and the European Economic Area (EEA) for purposes described above. These countries may not provide an adequate level of protection in relation to the processing of your personal data. However, in the case of Switzerland and the United States, the EU/Swiss-U.S. Privacy Shield acts as a safeguard for the protection, privacy and integrity of personal data.
The EU/Swiss-U.S. Privacy Shield is an agreement between the EU and the governments of Switzerland and the US concerning the treatment of data concerning EU citizens. Some of the relevant third parties are certified under the EU/Swiss-U.S. Privacy Shield.
7. How Long we keep your personal data
We are required to ensure that your personal data is accurate and maintained in a secure environment for a period of time no longer than necessary for the purposes for which we are processing your personal data.
8. Your data rights
You have several rights in relation to your personal data. You have a right to:
- Access a copy of your personal data held by us.
- Request rectification of your personal data if it is inaccurate or incomplete.
- Request erasure of your personal data.
- Restrict our use of your personal data.
- Move (or port) personal data which you have given us to process on the basis of your consent or for automated processing.
- Object to the processing of your data where our legal basis for processing your data is for our legitimate interests.
- And not to be subject to a decision based on automated processing, including profiling which has legal or similarly significant effects.
However, these rights may not be exercised in certain circumstances, such as when the processing of your data is necessary to comply with a legal obligation or for the exercise or defence of legal claims. If you wish to exercise any of your rights in this regard please contact us using the details in Section 12. We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than one month after receipt of your request. In exceptional cases, we may extend this period by two months, and if we do this, we will tell you why. We may request proof of identification to verify your request.
You can select one of the following two options in order to cease receiving emails from us:
- Update your preferences by clicking the “Unsubscribe” link in our emails;
- Contact us – see 12 section for contact details
10. Automated decision-making
You have a right not to be subjected to decisions based solely on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affects you. However, in certain circumstances, we are entitled to make decisions based on solely automated decision-making and profiling. These cases are restricted to situations where the decision is necessary for the management of the site, where it is authorised by law or where you have provided your explicit consent. Where we base a decision on solely automated decision-making you will always be entitled to have a person review the decision so that you can contest it and put your point of view and circumstances forward.
11. Consequences of failure to provide information
If we or any of the parties detailed above cannot collect information requested from you, it may make it difficult, impossible, or unlawful for us to manage your involvement in our website and operations or to provide the product or services that you requested on our Website. If we or any of the parties listed above ask for information and you do not wish to give it to us, or if you wish to withdraw consent to the use of Your personal data, we will explain the consequences based on the specific information concerned including whether it is a legal or contractual requirement that we use such data. If you have any queries in respect of the consequences of not providing information or withdrawing your consent, please contact us using the details in Section 12.
12. Further information
13. Your right to complain to the ICO
If you are not satisfied with our use of your personal data or our response to any request by you to exercise any of your rights in Section 8, you have the right to lodge a complaint with the Information Commissioner’s Office.
Please see below contact details:
England Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Phone: 0303 123 1113 (local rate) or 01625 545 745 (national rate) Email: email@example.com
Scotland Information Commissioner’s Office 45 Melville Street Edinburgh EH3 7HL Phone: 0303 123 1115 Email: firstname.lastname@example.org
Wales Information Commissioner’s Office 2nd Floor Churchill House Churchill Way Cardiff CF10 2HH Phone: 029 2067 8400 Email: email@example.com
Northern Ireland Information Commissioner’s Office 3rd Floor 14 Cromac Place Belfast BT7 2JB Phone: 0303 123 1114 (local rate) or 028 9027 8757 (national rate)