Privacy Policy
This privacy policy covers (Medicine Chest Pharmacy) collection, use, and disclosure of information practices while on our website (www.medicinechestchelsea.com) This privacy policy together with our terms and conditions and other agreements with you forms the basis on which we will collect and process your data. In this policy (Medicine Chest Pharmacy) is referred to as, we, us, our. The policy describes how we collect, store and process your data on this website.
The collection and use of information by us
What information we may collect from you (the user) when you use our website or services?
- Contact details such as name, email address, mailing address, phone number.
- For pharmacy services, we collect information such as your medical history, medication history, gender, NHS number, date of birth, GP details.
- Your preferences information such as product wish lists, order history, marketing preferences, reviews.
- Information that you provide by filling in the forms on this website.
- Information you provide when you report a problem or query.
- Payment details
How we may use your data?
- To provide you with our services
- To process your EPS nominations and repeat prescription requests. This will involve sending your request to your GP surgery with your personal details. We may provide some services on our website which are supplied by a third party, such as an online doctor or travel clinic booking system. By using these services, the third-party providers will have access to your personal details.
- Send you alerts about booked service such as vaccinations, medication review and other private services
- Respond to requests.
- Process your payments for such products and services
- Create and maintain your account
- Send you a newsletter if you have consented
- Respond to your questions and concerns
- Review and enhance the quality of our services and products
- Assist in the detection of fraud.
- To process your booking
Why do we collect, process and store your data?
We need to collect, process and store your data to enable efficient and legally compliant delivery of services and products to you (all users).
Legal bases for processing data
We rely on the following legal bases to process your information in line with legal requirements.
- Consent: When you register on our website, you agree and give us consent to process your data for the delivery of products and services to you by us.
- Legitimate interests: To enable us to conduct our necessary business but not when our interests are overridden by your interests or rights.
- Allowing us to fulfil a contract: We are required to process your personal information in order to provide you with one of our products or services.
- Vital interests: When processing your personal data is vital to protect you or someone else’s life.
- Legal obligation: When we are required by law to process your personal information. We will always try to contact you unless we are restricted by law.
How long do we hold your data?
We may hold your data for as long as it’s legally required and to enable us to maintain your account. User can request to delete their personal data from our system, please refer to the “User access and choices section” of the policy for details.
Data Security
We take the security of user data very seriously and take appropriate steps to keep it secure. At no point, we will sell your personal data to another company.
Where is the user data stored and who has access?
The user data is saved on secured dedicated servers in the United Kingdom. With industry level security and firewalls to stop any external threats from accessing information. The information is accessed by us and our IT services providers (Tech Developer Ltd) in European Economic Area (EEA) and outside of EEA, to ensure that the website runs smoothly and to carry out administrative tasks. To provide certain services, such as repeat prescription requests and EPS nomination, we will need to share your personal details with your GP surgery. By using this website and our services, you agree to the collection, storing and processing of your personal data by us. Also, we may host carefully selected third-party service provider on our websites, such as online doctor providers and vaccination booking providers. If you decided to use this service, your personal data will be shared with them to enable them to provide you with the service.
How do we protect your data?
We take the security of your personal information seriously. When you enter sensitive information, we encrypt the transmission of that using secure socket layer technology (SSL). We do not store any credit or debit card information. Payments are processed via a third-party payment provider that is fully compliant with Level 1 Payment Card Industry (PCI) data security standards. Any payment transactions are encrypted using SSL technology. We follow generally accepted standards to protect your personal information submitted to us. We take at least a monthly backup of the data stored on our system and is store in UK based dedicated servers.
Commercial sale of your data?
Under no circumstances will we make your personal data available to a third party company for sale. Your data is used to provide products and services to you.
Limitations of internet-based systems
We follow generally accepted standards to protect your personal information submitted to us. Due to the nature of digital information transmission, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.
User Access and Choice
As a user, under the GDPR rules, you have the following rights over your data that we store and hold.
- Right to be informed: we will explain to you our privacy policy as to how we use your personal data.
- Right to correction and completion: you have the right to ask us to correct any of your data that might be inaccurate and complete any data that is incomplete.
- Right to restrict: In some cases, you may request to restrict the processing of your personal data. We reserve the right to store enough data to respect your data restriction request in future.
- Right to data portability: You have the right to request your data to be provided to you for your own use. This request applies to when processing is based on consent or performance of the contract and where when processing is done through an automated system.
- Right to object: you may object to the processing of your personal data.
- Right to erasure: You may request to have your personal data erased where it’s not stopping us from complying with legal requirements.
Right to withdraw consent: you have the right to withdraw your consent at any point by contacting us through the details below. In some circumstances, this might not be always possible or you might have to wait for a period of time for this to take place. Contact us if you would like to discuss this in detail.
Opt-out Preferences
If you wish to subscribe to our newsletter(s), you can do at the time of registration. We will use your contact details to send the newsletter and other relevant materials that we believe are of benefit to you. You may choose to stop receiving our newsletter by sending us an email request.
Additional Information
Links to 3rd Party Sites
Our website may contain links to other 3rd party websites. The privacy policies of these third-party websites will differ from that of ours. It’s your responsibility to read the privacy policy and rules for any 3rd party websites that are linked to us. Your information is governed by their privacy policy. We recommend that you read the privacy policy of any 3rd party website before submitting any personal information.
Testimonials
We ask our customers to provide us with feedback in the form of a rating and a comment about their experience. This information will be displayed on our website, with the customer first name, in the form of a testimonial. If you wish to update or delete your testimonial, you can request this by emailing us.
Social media widgets
This website includes social media widgets and buttons which are linked to our accounts on the respective social media platforms. These platforms are governed by their own set of privacy policies and terms of use, please check before using any of these platforms.
General Privacy Information
Tracking Technologies / Cookies
A cookie is a small text file that is stored on your computer when you open our website. The information we collect through the cookies is used to find out about your preferences and making your browsing experience more personalised. Please refer to our Cookie Policy for details.
Changes to this Policy
We reserve the right to make changes to this privacy policy at any time to reflect the way we handle data at our organisation.
Contact Us
We welcome any questions, comments and requests about this privacy policy and you can reach us on our contact details below.