- What information do we collect about you and how do we collect it?
You are not required (by law or by any contract with us) to provide personal information to us when you visit our website. We will only require you to provide personal information to us where it is necessary for us to provide you with a service at your request, such as when you contact us, register an account on our website or undergo an online consultation and purchase our products.
1.1 Information you provide to us
We may collect personal information about you whenever you use our services, such as by doing the following:
- Enquiring about our products or service
- Undergoing our online clinical consultation
- Purchasing our medicines or other products or services
- Supplying us with your products or services
- Using and browsing our website
- Telephoning, texting, writing by post or emailing us.
- Enquiring about, or applying for, job vacancies.
This information may include the following:
Normal identification information, such as your full name and title, date of birth, age, gender, and marital status
Contact information, such as your postal address, email address and telephone numbers
Information about your health, including your current health and wellbeing status, your medical history and records, and details of any medicines or treatment that you are receiving
Correspondence or information provided by you in your patient area (such as prescriber chat messages, pharmacy chat messages or messages you send to our customer care team)
Information about your purchase (including your purchase history with us)
Payment information (this is securely collected and processed by our payment service provider)
Additional information relevant to your use of our website and services, such as your marketing preferences, survey responses and feedback
We understand that any information concerning your health is particularly sensitive. We take extra precautions to ensure that your data is kept secure and confidential and we will only retain this data for as long as necessary for the purposes for which we collect it.
1.2 Information we collect about you on our website
We collect information using cookies and other similar technologies to help distinguish you from other users of our website. These can streamline your online experience by saving you from re-inputting some information and allow us to make improvements to our website and analyse user statistics. For more information about how and why we use cookies, please take a look through our Cookie Policy.
When you visit our website we may collect the following information:
- Which pages you view and which links you follow
- Your IP address and general location
- Details of the hardware and software that you are using to access the website
- Any passwords that you use on our website
- A device identifier (cookie or IP address) for fraud prevention
- Details of your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, web logs and other communication data
- You must be at least 18 years old to use our website and services. We do not knowingly collect any personal data relating to children.
1.3 Cookies
1.3.1 What is a cookie?
A cookie is a small text file that is sent by a website server to your browser and stored on your computer. Cookies allow website operators to accumulate useful information, such as whether the computer (or its user) has visited the site before. Cookies are needed for a number of functions which make websites work, or work more efficiently, and they can provide information to website owners about how you use their website. Cookies can also be used to show you adverts that are relevant to you, based on your browsing habits, to personalise your user experience.
1.3.2 How do we use cookies?
We use cookies to monitor how people use our website, including estimating audience size and patterns of use, to help us provide you with a better service. Cookies also make it easier for you to use the website on future visits, and allow us to personalise the content of the website to you by recording information about your preferences.
1.3.3 Further information about cookies
There’s a lot of good information about cookies available online. For more information about cookies generally visit allaboutcookies.org.
1.3.4 Get in touch
Please contact us if you have any questions about how we use cookies or about your privacy.
2 How and why do we use your personal information?
We take data protection law seriously, so below we have set out exactly how and why we use your information, and what our legal basis is to be able to use your information in each way.
2.1 Patient Accounts
When you register an account on our website as a patient, we will collect and use your personal information in order to maintain and administer your patient account. This may be necessary in order for us to perform our contract with you or, otherwise, we have a legitimate interest to manage our patients’ accounts to facilitate purchases and communication between us.
You may contact us at any time to close your patient account. However, please bear in mind that we may be required to retain your personal information in order to comply with our legal obligations.
2.2 Supplying our medicines and other products
It is necessary for us to use personal information about you to enter into and perform the contracts that we make with you, such as when you purchase medicines or other products on our website. Using your information in this context is necessary so that we can:
- Provide you with information about our products and services
- Administer your order, including take payments and arranging delivery
- Provide you with information about your purchase and your contract with us
- Make decisions about your purchase, including about the suitability of any medicines
- Provide you with alerts regarding repeat prescription orders
- Verify your identity
- Deal with any complaints you may have
- Contact you about any changes that we make to our products or services
Administer our website, including troubleshooting problems, analyzing statistics, conducting research and tests and keeping the website secure
When you purchase any test kits from us, we will use the information you provide to notify you of your result and, if appropriate, suggest a course of treatment.
Part of our service as a pharmacy involves notifying you when your medicine is due to run out. We will therefore send a courtesy email so that you can reorder your treatment if you are on a continuous prescription. We estimate when to send you a reminder email based on the quantity you have ordered. We will only send this email for treatments which are taken on a repeat basis.
2.3 Telling you about other products or services that we think may be of interest to you
We may use your information to identify and tell you about our products or services that we think may be of interest to you. We will only do this where you have informed us that you would like to receive marketing communications, such as where you subscribe to our newsletter. You may update your preferences at any time by Contacting Us.
We may also use your information to invite you to participate in patient feedback surveys and other market research. If we do contact you about market research, you do not have to participate. If you tell us that you do not want to receive market research communications, we will respect this.
Whether you choose to receive marketing communications, or market research communications is entirely up to you. You can choose to receive both, none, or just one or the other. Your choice will not affect any products or services that you have purchased from us, nor will it affect any quotes for products or services you buy in future.
2.4 Telling you about products or services that are similar to ones that you have already bought
If you have already bought medicines or other products from us, we may contact you with information about similar products and services that we offer. We have a legitimate interest to contact you for this purpose, but you may object to receiving these messages at any time.
We will only contact you by email or text message and you can choose not to receive these messages at any time. Simply follow the unsubscribe instructions in the message, or contact us.
2.5 Making our business better
We always want to offer the best products, services and user experience that we can. Sometimes this means we may use your information to find ways that we can improve what we do, or how we do it.
We have a legitimate interest to use your information to improve our business, and we will only use your information where it is necessary so that we can:
- Review and improve our existing products and services and develop new ones
- Review and improve the performance of our systems, processes and staff (including training)
- Improve our website to ensure that content is presented in the most effective manner for you and for your computer
- Measure and understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.
2.6 Research and analysis
We may use anonymised data related to your order or use of our site for research or public-facing purposes, for example in: statistical analyses of users accessing our service for a specific purpose; or statistical analyses of test results.
2.7 Contacting you
We want to stay in touch with you. Sometimes we may need to use the information that we have about you in order to respond to your questions or let you know about important changes. We have a legitimate interest to keep in contact with you, as a customer, but this may also be necessary in connection with our contract with you. We will only use your information in this respect where it is necessary so that we can:
- Interact and respond to any communications you send us, including any social media posts that you tag us in
- Contact you in connection with any orders, including where our clinical team requires further information from you, so that we can notify you of the status of your order, and so that we or our courier partners can inform you when your order is due to arrive
- Let you know about any important changes to our business or policies
- We will primarily contact you via email, SMS messaging and your patient area on our website to update you on your order. In certain cases, where our customer service team needs to contact you regarding your order, we may contact you by telephone.
- If one of our prescribers need to contact you regarding your consultation or test result, or needs more information, they will usually do this via your patient area. When you have a new message in your patient area, you will be notified by email. However, on some occasions, our clinicians may need to contact you via telephone to discuss your consultation or test result in more detail.
- If we have made several attempts to reach you by email or telephone and have been unsuccessful, we may contact you by sending a written letter to your home address.
2.8 Verifying your identity
We may use your information where it is necessary for us to do so in order to meet our legal obligations and to detect and prevent fraud, money-laundering and other crimes.
2.9 Protecting you and others from harm
We may use your information where it is necessary to protect your interests, or the interests of others, in accordance with our legal obligations and the pursuit of legitimate interests. This may include in the event of criminality such as identity theft, piracy or fraud.
2.10 Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
3 . Who do we share your personal information with?
3.1 Sharing your information within our company and group
We share the information that you provide to us with our staff so that we can provide our products and services to you. We may also share the information that you provide to us with other companies within our group and the other websites that we and our group companies operate.
3.2 Sharing your information with third parties
We may share your data with selected third parties. For example, we may share your information with:
Our payment service provider, to process payments on our behalf. We will share your full name, address, phone number, email address and details of your order for this purpose. Our payment provider will collect and process your payment details; we will not store or have access to your full credit or debit card details.
Third party couriers (e.g. G4S, Posta Kenya, DHL Worldwide Express Ltd, United Parcel Service or Fargo Courier) in order to arrange delivery or your order. We will only share your full name, postal address and phone number or email address.
4. How long do we keep your personal information?
We will only store your personal information for as long as we need it for the purposes for which it was collected.
Where we provide you with any service, such as where you register an account as a patient on our website, we will retain any information you provide to us at least for as long as we continue to provide that service to you.
Generally, we may retain personal data relating to prescriptions issued and dispensed and other care records for a period of 13 years (for adult patients) or 25 years (for any patient who is pregnant).
In all other circumstances (such as where you contact us without making a purchase), we will keep your information for a period of no more than 3 years.
5. How do we protect your personal information?
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this policy.
We try to ensure that all information you provide to us is transferred securely via the website (always check for the padlock symbol in your browser, and “https” in the URL, to ensure that your connection is secure).
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
All information you provide to us is stored on secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
6. What rights do you have in respect of your personal information?
If you require any further information about your rights as explained below, or if you would like to exercise any of your rights, please contact us.
6.1 You have the right to be informed
We have a legal obligation to provide you with concise, transparent, intelligible and easily accessible information about your personal information and our use of it. We have prepared this policy to do just that, but please contact us if you have any questions.
6.2 You have the right to access your personal data
You have the right to ask us to confirm whether or not we hold any of your personal information. If we do, you have the right to have a copy of your information and to be informed of the following:
- Why we have been using your information.
- What categories of information we were using.
- Who we have shared the information with.
- How long we envisage holding your information.
In order to maintain the security of your information, we will have to verify your identity before we provide you with a copy of the information we hold. The first copy of your information that you request from us will be provided free of charge, if you require further copies we may charge an administrative fee to cover our costs. Please contact us to request access to your data.
6.3 You have the right to correct any inaccurate or incomplete personal data
If you believe that any of the information we hold about you is inaccurate, incomplete, or out of date, you have the right to require us to rectify that information. You can update or change your personal information in the patient area on our website. Alternatively, please contact us so that we can correct our records.
6.4 You have the right to be forgotten
There may be times where it is no longer necessary for us to hold personal information about you. This could be if:
- The information is no longer needed for the original purpose that we collected it for
- You withdraw your consent for us to use the information (and we have no other legal reason to keep using it)
- You object to us using your information and we have no overriding reason to keep using it
- We have used your information unlawfully
- We are subject to a legal requirement to delete your information
In these situations, you have the right to require us to delete your personal data (although please be aware that we may be required to retain certain information in order to comply with our legal obligations). If you believe one of these situations applies to you, please contact us.
6.5 You have the right to have your data transferred to you or a third party in a common format
Also known as data portability, you have the right to require us to transfer your personal information, in a structured, commonly used and machine-readable format, either to you or to another service provider.
If you would like us to do this, please contact is. There is no charge for you exercising this right.
6.6 You have the right to object to direct marketing
You can tell us at any time that you would prefer that we do not use your information for direct marketing purposes. If you would not like to receive any direct marketing from us, please contact us or use the links provided in any of our marketing communications.
6.7 You have the right to object to us using your information for our own legitimate interests
Sometimes, we use your personal information to achieve goals that will help us as well as you. This includes when we tell you about products or services that are similar to ones you have already bought; when we use your information to help us make our business better; and when we contact you to interact, communicate or to let you know about changes we are making.
We aim to always ensure that your rights and information are properly protected. If you believe that the way we are using your data is not justified due to its impact on you or your rights, you have the right to object. Unless we have a compelling reason to continue, we must stop using your personal data for these purposes. If you have any objections to our using your personal data for our legitimate interests, please contact us.
6.8 You have the right to withdraw your consent
In most cases, we do not require your consent to use your personal information in the ways set out in this policy. However, where we do rely on your consent (such as where you subscribe to our newsletter), you have the right to withdraw that consent at any time. You can use the “unsubscribe” links in any of the communications that we send you, or contact us to withdraw your consent.
6.9 You have the right to restrict how we use your personal data
You have the right to ask us to stop using your personal data in any way other than simply keeping a copy of it. This right is available where:
You have informed us that the information we hold about you is inaccurate, and we have not yet been able to verify this
You have objected to us using your information for our own legitimate interests and we are in the process of considering your objection
We have used your information in an unlawful way, but you do not want us to delete your data
We no longer need to use the information, but you need it for a legal claim
For example, you may wish for us to retain your contact details on our “do not contact” list to ensure that we do not send marketing emails to you in the future. If you wish to exercise this right please contact us.
6.10 You have rights related to automated-decision making and profiling
Any automated decision-making or profiling we undertake is solely for the purpose of tailoring the information which we provide to you. We will not use automated decision-making or profiling to make any decisions which will have a legal effect upon you or otherwise significantly affect you, and you have the right not to be subject to such decisions. If you have any concerns or questions about this right, please contact us.
7. Changes to our Privacy Policy
Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.
8. Complaints
If you wish to make a complaint about our collection or use of your personal data, please contact us in the first instance so that we may seek to resolve your complaint.
9. Contact Us
If you have any questions about your privacy or our use of your personal data, please contact us.