Thank you for choosing to be part of Victoria Pharmacy (“company”, “we”, “us”, or “our”).  We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy or our practices with regards to your personal information, please contact us at www.thevictoriapharmacy.com.

When you visit our website www.thevictoriapharmacy.com and use our services, you trust us with your personal information. We take your privacy very seriously. In this privacy notice, we describe our privacy policy. We seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue use of our Sites and our services.

This privacy policy applies to all information collected through our website (such as www.thevictoriapharmacy.com), and/or any related services, sales, marketing or events (we refer to them collectively in this privacy policy as the “Sites“).

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us. 

We collect the following types of information about you:

• Contact Dataincludes data such as your email address, telephone number, geographical address, delivery address and billing address
• Identity Dataincludes data such as first name, last name, username or similar identifier, date of birth, passport number, driving licence number;
• Health Dataincludes GP address, patient notes, consultation notes, and any other information relating to your health and medical status;
• Financial Dataincludes details you provide to us so that we can process your payments through our third-party payment provider;
• Transaction Dataincludes details of products you have purchased and payments made;
• Technical Dataincludes data such as internet protocol (IP) address, your login data, browser type and version, cookies, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website and any communications we may send to you.
• Usage Dataincludes information about how you use our website such as information about your visit to our website, including the full Uniform Resource Locators (URL) clickstream to and through, pages you viewed or searches you made, page response times, download errors, length of visit, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
• Marketing Dataincludes your preferences in receiving marketing from us.

We do not knowingly collect personal data of children. Please do not provide personal data to us unless you are at least 18 years old.

As we are unable to verify the identity of an individual or obtain patient consent for treatment or data processing, please do not provide to us information about other people.

We may monitor and record communications with you such as telephone conversations and emails for the purpose of training, quality assurance, fraud prevention and compliance.

Information you voluntarily provide

You may provide information to us in a number of ways, including the following:

• You access and interact with our website or with us by telephone, including by filling in forms and medical questionnaires;
• You create an account on our website;
• You purchase products on our website;
• You apply to work with us as an employee or a consultant;
• You provide feedback or reviews to us;
• You respond to a survey or questionnaire although you do not have to respond to them.
• You sign up for our newsletter;
• You otherwise contact us including with queries, comments or complaints.

We shall process all such personal data in accordance with this Policy. Certain information is mandatory to be provided to us in order that we can fulfil your request, for example, to purchase products from us, and we shall make this clear to you at the point of collection of the personal data.

All information that you provide to us must be true, complete and accurate. If you provide us with inaccurate or false data, and we suspect or identify fraud, we will record this and we may also report this to the appropriate authorities.

When you contact us by email or post, we may keep a record of the correspondence and we may also record any telephone call we have with you.

Information we collect from the device you use to access our website

When you visit our website or interact with our services, we (and our advertisers and/or other service providers) may use a variety of technologies that automatically or passively collect information about how our site is accessed and used.

Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, please see our Cookies Policy.

Information we receive from other sources 

We work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, ID verification organisations and credit reference agencies) and may receive information about you from them. We may also receive your information from other organisations who sell products on our behalf.

To enable us to make medical decisions about you and for fraud prevention purposes, we use identity verification agents to search the files of credit reference and fraud prevention agencies (who will record the search).

If you provide false or inaccurate information and/or we suspect fraud, we will record this and we will be unable to fulfil your order.

Where we store your personal data

We ensure that all of the data that we hold about you is stored within the UK. However, the data that we collect from you may be transferred to and stored at, a third party in a destination outside the United Kingdom. This will always be the minimum required information to carry out the task required and the data is anonymised. An example of this includes anonymous website browsing data that is aggregated within Google Analytics.

Where your personal data is transferred outside the United Kingdom or the EEA, it will only be transferred to countries that have been identified as providing adequate protection for personal data or to a third party where we have approved transfer mechanisms in place to protect your personal data.

Information security

We shall process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.

Where you have chosen a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Uses made of your data

We will only use your personal data where we have a lawful basis to do so. The lawful purposes that we rely on upon under this Privacy Policy are:

• consent (where you choose to provide it);
• performance of a contract with you;
• compliance with legal requirements; and
• legitimate interests. When we refer to legitimate interests we mean our legitimate business interests in the normal running of our business which do not materially impact your rights, freedom or interests.

How long do we keep your information? 

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this policy will require us keeping your personal information for longer than the period of time in which users have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.