Privacy Policy
Privacy Policy
1 Introduction
1.1 We take your privacy seriously. This Privacy Policy Terms of Use sets out details about your privacy rights and how we gather, use and share your personal data – including the personal data we already hold about you now and any further personal data we might collect about you, either from you or from a third party when you use this website (the Website), become a customer or supplier of Healthcare Pharma.
1.2 If you have any questions about how we use your personal data, please contact dataprotection@healthcarepharma.co.uk
2 About us
2.1 When we say Healthcare Pharma in this Privacy Policy, we mean Healthcare Pharma Limited and other members of the Munro Healthcare Group Limited group of companies, including holding and subsidiary companies.
2.2 Each of the Munro Group companies are 'controllers' of your personal data and are referred to as 'we', 'us' or 'our' in this Privacy Policy.
3 Your Privacy Rights
3.1 In addition to the right to be informed about how we use your personal data (as set out in this Privacy Policy), you have various other rights in respect of the personal data we hold about you – these are set out in more detail below. If you wish to exercise any of these rights, please contact dataprotection@healthcarepharma.co.uk:
• Right to object: You can object to our processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes. Please contact us as noted above, providing details of your objection.
• Access to your personal data: You can request access to a copy of your personal data that we hold, along with information on what personal data we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision-making.
• Right to withdraw consent: If you have given us your consent to use your personal data, you can withdraw your consent at any time. In particular, if you have given us consent to send you marketing emails, you can withdraw your consent by by emailing us at unsubscribe@healthcarepharma.co.uk writing to us at Munro Data Officer, 3 Young Place, East Kilbride, Glasgow, G75 0TD.
• Rectification: You can ask us to change or complete any inaccurate or incomplete personal data held about you.
• Erasure: You can ask us to delete your personal data where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.
• Portability: You can ask us to provide you or a third party with some of the personal data that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
• Restriction: You can ask us to restrict the personal data we use about you where you have asked for it to be erased or where you have objected to our use of it.
• No automated decision-making: Automated decision-making takes place when an electronic system uses personal data to make a decision without human intervention. You have the right not to be subject to automated decisions that will create legal effects or have a similar significant impact on you, unless you have given us your consent, it is necessary for a contract between you and us or is otherwise permitted by law. You also have certain rights to challenge decisions made about you. We do not currently carry out automated decision-making in relation to customers and suppliers, but we will notify you by updating this Privacy Policy if this changes.
3.2 We may need to verify your identity in order to process your request and ask you to provide valid identification documents to allow us to do so.
4 Information We Collect About You
Information you give us
4.1 We will collect your name and contact details, if you have submitted an enquiry via the Contact Us page on the Website.
4.2 When you become a customer and register for an online customer account or complete hard copy application forms, we collect and use the following:
(a) full name;
(b) age;
(c) address, e-mail address and contact details;
(d) a copy of your, financial, bank and credit card information;
(e) your account passwords and customer numbers; and
(f) you may also be required to give us information about your business, business partners, beneficial owners or directors in which case you must ensure that you have permission to do this.
4.3 We collect and use the following personal data about you when you become a supplier and fill in forms on the Website or hard copy application forms:
(a) full name;
(b) address and contact details; and
(c) you may also be required to give us information about your business, business partners, beneficial owners or directors in which case you must ensure that you have permission to do this.
(d) a copy of your, financial, bank and credit card information;
Other Information we collect
4.4 We also collect and use the following personal data about you indirectly:
(a) if you are a customer or supplier of Healthcare Pharma, information obtained from any credit checks or other checks we are required to carry out for legal and regulatory purposes (see the section on 'Anti Money Laundering/ Sanctions' below for further information);
(b) in order to administer the Website and understand how the Website is used, we collect technical information including your IP address, your login information, products you have viewed or searched, browser type, plug-ins you use, operating systems and platforms, URL, page response times, download errors, length of visits to certain pages, page interaction information, methods used to browse away from a page;
(c) any phone number used to contact Healthcare Pharma; and
(d) information collected using CCTV surveillance in our depots.
5 How We Use Your Personal Data and Legal Basis
5.1 We use personal data held about you for the following purposes in line with our legitimate interests to administer the Website, to engage with users when they request our products and services, and provide us with products and services and to protect and exercise our rights as a business:
(a) to respond to your queries;
(b) to manage any customer trading account with us and update the records we hold about you from time to time;
(c) for customers who hold credit accounts, to carry out credit checks;
(d) to provide you with your goods and information about your goods and our services and to provide you with information via post, email, telephone or SMS about other goods and services we offer that are similar to those you have already purchased or enquired about and that may be of interest to you, to make suggestions and recommendations to you about goods or services that may interest you (for further information, see the section on 'Marketing' below);
(e) to welcome you into our depots and say goodbye to you when you leave and to tell you when you are in the vicinity of our depots;
(f) to analyse your purchases and purchase behaviour so we can provide a better service to you and to keep our website safe and secure;
(g) we may anonymise the data we hold about you or your business and share it with our suppliers for their own reporting or marketing activities;
(h) where you use EPOS or place orders directly with us using an electronic ordering system then we may automatically collect and use sales and purchase data to analyse sales of our products. We may anonymise this data and share it with selected market research agencies for the same purpose who may also share the anonymised data with third party suppliers and partners for their sales and market research purposes;
(i) if false or inaccurate information is provided and fraud is suspected or identified then this will be recorded and details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information. The information may also be used to prevent theft, fraud and money laundering for example, when checking details for customer registrations, credit applications or managing credit accounts; and
(j) in relation to CCTV, for the prevention of crime and for security purposes.
5.2 We will also use your personal data, for example, your name, address and contact details, to carry out our contractual obligations to provide you with products or services which you have ordered or purchased from us and to contact you in relation to such products and services.
Anti Money Laundering/ Sanctions
5.3 As we are a regulated business, we are required by law to verify the identity of our customers and suppliers and carry out Anti Money Laundering and Sanctions checks.
5.4 We will process your personal data, including your name, address and identity verification documents, for the purposes of preventing money laundering or terrorist financing, as it is necessary in order to prevent unlawful acts and for the purposes of meeting regulatory requirements.
5.5 We are legally permitted to hold this information for no more than five years from the end of your business relationship with Healthcare Pharma.
6 Special Categories of Personal Data
6.1 Special protection is given to certain kinds of personal data that is particularly sensitive. This is information about your health status, racial or ethnic origin, political views, religious or similar beliefs, sex life or sexual orientation, genetic or biometric identifiers, trade union membership ('special categories of personal data') or about your criminal convictions or offences.
6.2 Where we collect any special categories of personal data, we will take appropriate steps to ensure that we have explicit consent or another legal basis to hold, use and retain the information. In particular, we collect special category personal data in relation to Anti Money Laundering and Sanctions checks and our legal basis for using this personal data is as set out at 5 above.
7 Disclosure of Your Personal Data
7.1 We may share your personal data:
(a) with other members of the Healthcare Pharma – for example, for administration or reporting purposes, or for marketing purposes where you have indicated that you wish to receive marketing from other group companies;
(b) selected third parties for the performance of our contractual obligations with you such as suppliers;
(c) sub-contractors we may use in technical, payment and delivery services;
(d) where you have agreed to receive marketing emails from us, we need to pass your personal data on to our service providers who help us with these marketing activities;
(e) analytics and search engine providers that assist us with improvement and optimisation of our site who may anonymise the information and send on to third parties for statistical purposes; and
(f) credit reference agencies and other background check providers for Anti Money Laundering/ Sanctions purposes.
7.2 Occasionally, we may also share personal data with relevant third parties where:
(a) you have given us your consent to do so;
(b) we sell or buy any business or assets or if we are under a duty to disclose or share your personal data to comply with a legal obligation (for example, we may need to share CCTV footage of you with the police) or to enforce or apply our Terms of Use, Cookies Policy or Terms and Conditions of Sale; or
(c) it is fair and reasonable for us to do so in the circumstances.
8 Where We Store Your Personal Data
8.1 We may need to transfer your information outside the UK to service providers, agents, subcontractors and regulatory authorities in countries where data protection laws may not provide the same level of protection as those in the European Economic Area ("EEA"), such as the USA.
8.2 We will only transfer your personal data outside the EEA where either:
(a) the transfer is to a country which the EU Commission has decided ensures an adequate level of protection for your personal data, or
(b) we have put in place our own measures to ensure adequate security as required by data protection law. These measures include ensuring that your personal data is kept safe by carrying out strict security checks on our overseas partners and suppliers, backed by strong contractual undertakings approved by the relevant regulators such as the EU style model clauses. Some US providers may also be certified under the EU-US Privacy Shield which confirms they have appropriate measures in place to ensure the protection of your data.
8.3 If you would like further information, please contact dataprotection@healthcarepharma.co.uk.
9 Keeping You Up To Date
9.1 If you are a customer, we will send you our catalogues and communicate relevant news and information about products and services similar to those you have purchased or enquired about by post, email, telephone, SMS or other electronic messages, unless you tell us that you do not wish to receive them.
9.2 You can unsubscribe at any time by clicking the "unsubscribe" link in any marketing email which you receive, by emailing us at unsubscribe@healthcarepharma.co.uk, writing to us at Munro Data Officer, 3 Young Place, East Kilbride, Glasgow, G75 0TD.
10 How Long We Hold Your Personal Data
10.1 We will not retain your personal data for any longer than is necessary for our purposes, including for the purposes of satisfying any legal, accounting or reporting requirements. If you have any questions about data retention than please email dataprotection@healthcarepharma.co.uk.
10.2 Where we have been using your personal data to provide you with marketing, we will remove you from our marketing list if you ask us to do so, but we may still need to keep your information for ongoing contractual purposes if you continue to be our customer and for legal, accounting and regulatory reporting reasons.
11 Right to Complain
You can make a complaint to us by contacting us via dataprotection@healthcarepharma.co.uk or to the data protection supervisory authority – in the UK, this is the Information Commissioner's Office, at https://ico.org.uk/.
12 Changes to this Privacy Policy
This Privacy Policy will be reviewed periodically and we will update it if we make any material changes to the manner in which we process and use your personal data.
New paragraph
