We take appropriate technical and organisational measures to protect against unauthorised or unlawful processing of your personal information, including encrypting your information to applicable industry standards.
During your visit to our site, we may gather certain personal information that is necessary to set up your account, for the purposes of billing, delivery of your goods and queries. We only keep your information for as long as is necessary to process your order, process any applicable refunds, respond to any complaints/feedback or to provide you with promotional information you have subscribed to.
Personal information we may collect includes information you provide to us to allow us to provide you with our services. Depending on the service provided, this may include
- Date of birth;
- Billing and delivery address
- Order information / Invoices
- E-mail address
- Telephone number(s)
An encrypted version of your login password is also retained.
How We Use Your Information.
- To create/maintain your account after registration
- To process and fulfil orders that you place with us
- To communicate with you for any order specific queries or actions required. For example, in the event that any product or service requested are unavailable or if there are other queries or problems with your order
- To respond to your queries or complaints. Using the information you have previously provided, allows us to respond effectively. We may also keep a record of these queries t. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the to help facilitate a quicker resolution to any future correspondence and provide the best service we can.
- If you have consented, we may use your personal information, to keep you informed by email, text or phone either about relevant products and services. You can opt-out at any time from these communications.
- To help resolve any disputes, if you lawfully exercise your rights or if you wish to dispute any part of our service offering
- To request your product and service reviews. For example, when you buy goods and services from us we may use Trust Pilot to enquire about your experience of our service and / or the product purchased.
- To update or notify you about changes to our products or services.
- To send you service emails relating to the service or activity you have requested
- To comply with applicable law e.g in response to a request from a court of law or professional regulatory body. Information is only provided if any such request is made in accordance with all applicable laws, including data and privacy laws.
The grounds we rely upon for the processing any Personal Data include:
- Consent from you for specific data processing activities. For example, where you have agreed for us send you information related to special offers or discounts.
- Your request for a specific service and/or product which may require our processing of your personal data to be taken prior to entering into a contract with you
- Compliance with any legal obligations to which we are subject
Ordinarily, we do not have access to your financial information which is securely transferred directly to our card processing agents and who process it on our instructions.
We supply your information electronically to our couriers who need your details to deliver your orders.
When you register your details with us, you have the option to subscribe to future promotions and special offers. You may unsubscribe from this at any time by emailing firstname.lastname@example.org.
We try to retain all personal information insider the European Economic Area (“EEA”) unless you are a user located outside the EEA in which case we may need to transfer your information to deliver your goods, process payment/refunds, or to send you promotional information you have subscribed to. In some cases, it may be required to store your information outside the EEA, in which case, as required by GDPR provisions, we ensure that the receiving country provides adequate protection for individuals’ rights and freedoms for their personal data. We will always use companies who are certified under the EU / US Privacy Shield program.
Data protection law gives you a number of rights. These include the right to
- Request to access, rectify, erase, restrict, transport, and object to the processing of personal data, where this data is not required to be retained by law
- Right to lodge a complaint with the relevant authority if you believe that your personal data is not being processed in accordance with data protection law
- You may, where permitted, request copies of your personal data. If you would like to make a request for the personal data we hold about you, you may do so by writing to Data Protection Officer, Simple Online Healthcare Ltd, 77 Dunn Street, Glasgow, G40 3PA.
- Request that we rectify any inaccurate and/or complete any incomplete personal data.
- Withdraw your consent to the processing of your personal data at any time. Such withdrawal will not affect the lawfulness of processing based on your previous consent. Please note that if you withdraw your consent, you may not be able to benefit certain service features for which the processing of your personal data is essential.
- Request that we stop processing your personal data.
- Request that we erase your personal data. We are able to comply unless there is a lawful reason for not doing so. For example, retention by our pharmacy, of private prescription and dispensing information.
- Request that we provide your personal data to you to have it transferred to another provider of the same or similar services
- Right to lodge a complaint. We suggest that you contact us with any questions or if you have a complaint in relation to how we process your personal data. We hope to resolve any issues directly, however, you also have the right to contact the relevant supervisory authority directly. To contact the Information Commissioner’s Office, the supervisory authority in the United Kingdom, you can visit the ICO website for instructions.
Our website can recognise past users by using cookies. Cookies personalise your visits to our website to meet your individual preferences. You can disable cookies by adjusting your internet settings.
This website contains links to other websites with their own privacy policies, we are not responsible for the privacy policies of these websites.
When you supply your information to us you accept the risks associated with the Internet and will not hold us responsible for any loss of your information unless we have breached our duty of care to you.
Alternatively, you can contact us on +44 (0)141 775 5023
www.simpleonlinepharmacy.co.uk is Payment Card Industry Data Security Standards (PCI DSS) compliant and is scanned for server vulnerabilities on a regular basis to ensure our security systems are up to date and comply with industry standards.
Simple Online Pharmacy abides by Data Protection Act and understands why safety is paramount for our customers making payments online. We endeavour to make sure we secure ours customer’s payment card data. Our customers depend on us to keep their information safe and Simple Online Pharmacy repays their trust with compliance to the PCI Security Standards.
What is PCI compliance?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. The PCI DSS is administered and managed by the PCI Security Standards Council PCI SSC, an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB). A copy of the PCI DSS is available: download PCI Security Standards (pdf).
What you need to know about PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Cardholder data is any personally identifiable data associated with a cardholder. This could be an account number, expiration date, name, address, social security number, etc. All personally identifiable information associated with the cardholder that is stored, processed, or transmitted is also considered cardholder data.
Simple Online Pharmacy is PCI compliant and subject to quarterly checks to make sure our security systems are secure and compliant so you can make payments on our website without a single worry.
This policy explains what cookies are, how we use them and how you can switch them off.
What are Cookies?
Cookies are small useful text files that are stored on your internet browsing device (e.g. computer, tablet or phone). They are used to remember useful information that allows certain functionality to work, for example, cookies can be used to remember what’s in your shopping basket while you browse or if you’re logged in or not. Cookies don’t store your personal details such as your credit card details, your name or your date of birth. Cookies can’t harm your computer, and are active for differing lengths of time; some are stored until you close your browser, while others may last for several weeks or more.
- Enable you to set up an account, place orders and make payments;
- Remember items you place into your shopping basket;
- Remember items you have been looking at so that you can quickly and easily go back to an item you looked at previously;
- Enhance your shopping experience.
What types of Cookies do we use?
Our site uses session cookies and persistent cookies. Session cookies operate from the moment you log on to the site until the moment you log off. Once you log off session cookies are deleted. Persistent cookies will not be deleted after each session.
Strictly Necessary Cookies are essential to our site, if these are disabled, your experience on our site may be interrupted and you may not be able to use a shopping basket or make payment.
Performance Cookies collect anonymous data about visitors. We use the data to improve your future experience and identify issues that our users may be experiencing.
Functionality Cookies customise the look and appearance of our site. For example, a functionality cookie will remember your username and language preferences next time you visit.
Targeting or Advertising Cookies deliver advertisements which are tailored to your web activity. A targeting cookie tracks what you click on whilst on our site, and may share details of what you click on with other organisations such as advertisers. These cookies can also help us to measure the effectiveness of an advertising campaign.
Third party cookies may be used on our website by approved organisations to provide services on our website.
What happens if I turn off Cookies?
If you disable or delete cookies you may not be able to shop or access important parts of our site. Further information on cookies, including instructions on how to amend your browser settings to turn off cookies, is available widely online.
Lucky Orange Tracking Service
This service allows us to view user interactions with the site, to allow us to fix any problems you encounter, without you having to report them to us. No typed information in forms is revealed to us, only where the user clicks. This means if a button isn’t working for you, or on a particular device, we can spot this, and fix it as soon as possible.
Simple Online Pharmacy uses LexisNexis RISK SOLUTIONS UK LIMITED to check that our patients are genuine - this is a regulatory requirement. This occurs only the first time you place an order. Existing customers will be checked as they order again.
LexisNexis check three data sources for this, credit agencies, Voting register and Telephone Database.
You agree as follows:
(a) I authorise LexisNexis and/or any of their appointed agents to carry out all necessary searches, including searches of consumer credit records, in order to verify my information.
(c) I agree, to the maximum extent permitted by applicable law, that I will not hold LexisNexis, its officers, employees agents and/or customers liable for any direct, indirect, incidental, special, consequential or punitive damages, and to hold harmless LexisNexis, its officers, directors, employees, agents and customers from and against any and all claims, liabilities, damages, losses or expenses, including reasonable legal fees and costs, arising out of or in any way connected with use of LexisNexis's website (and other online properties) or any of the services provided by LexisNexis.
(d) I confirm that to the best of my knowledge and having exercised due skill and care, that the information I have given is complete, true and correct and I agree to the use of my information as detailed in this Declaration of Consent.
If you have any questions about the ID verification process please contact us.