Sons Privacy Policy

Sons Privacy Policy

  1. INTRODUCTION

Careforsons Limited, with company number 11557956 and registered office at 2 Upper Wimpole Street, London, United Kingdom, W1G 6LD ("Careforsons", "we" or "us") respects the privacy of individuals. We are a "controller" for the purposes of the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (EU) 2003/2426 (collectively referred to as the "Data Protection Laws").

Through our websites and other channels, we make information available to you, and offer you the change to carry out consultations, and purchase products from us (together, the “Online Services”).

We take your privacy very seriously. Please read this Privacy Policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal information. It also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event you have a complaint.

Where we provide you with medical products, we work with certain third parties to help us do so, including:

  • Pharmacy Warehouse Limited (the “Pharmacy”) supports our services by dispensing and delivering products to you. You can find more information about how the Pharmacy uses personal data on their website at https://pharmacy-warehouse.co.uk/privacy-policy/.
  • Certain medications require a prescription. If this applies to you, we may collect information about you, and pass that information to a registered doctor to help them assess (including through a consultation, if appropriate) whether they are able to issue that prescription for you.  We work with accredited GMC and IMC General Practioners (GP’s) for that part of the process, and you can find more information about how they process personal data on their website at

This privacy policy contains important information about the following:

  • the type of information about you that we collect
  • how that information is used
  • who will have access to that information
  • how long we will hold your personal information for
  • our security measures for protection of that information
  • how our processing of your personal data is lawful, and
  • your rights under the Data Protection Laws.

The term "personal data" means any information relating to an identified or identifiable natural person.  An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.   For example, name, contact details and photographs. "Special categories of personal data" relates to more sensitive types of personal data including (amongst others) racial or ethnic origin, physical or mental health or condition and sexual life. These terms are defined in the Data Protection Laws.

  1. INFORMATION WE MAY COLLECT

We may collect and process information including your personal data.  The table below explains what data we collect, how we use it, and who may receive it.

Your data

How we use it

Recipients

Support / enquiry information (Information we receive when you get in touch with us for support)

·        Name

·        Contact details (address, phone number, email)

·        Other personal data you send to us

We process this information either in accordance with the terms of our contract with you, or in pursuit of our legitimate interests in responding to your support and other queries, and in order to improve our Online Services.

If you have questions about products dispensed by the Pharmacy, with your consent, we will process your queries by sharing the information with the Pharmacy so they are able to respond to you.

The Pharmacy will be sent your queries with your consent, as described in this table.

Account data (we collect this from you or generate it from your registration)

·        Name

·        Email, username, password

·        Date of birth

·        Phone number

·        Marketing preferences

We use your account data to provide the Online Services under the terms of our agreement with you.

Depending on your marketing preferences, if you have given your consent, we may provide you with information by email about other products and services offered by us or our partners.

 

Questionnaire data (we collect this from you)

·        Information about you and your health and your needs, collected by our questionnaires.

 

We need this information to ensure that certain products are appropriate for you under the circumstances.

We process this information with your consent.  Please note that, without your consent, we may be unable to provide certain products to you.

We may separately also ask for your consent to use information about you and your health for the purpose of understanding the wider needs of our existing and prospective customers.  If you have given your consent to that use of your personal data, we will normally anonymise and aggregate that data (which will no longer identify you, for example we may note that more men in London in their 30s find our products helpful than those under20 in a different part of the country) to produce reports, which may be made public.

Once we have your consent, we will share your answers to your questionnaire with our  GPs . Our GPs will review your consultation and medical data and determine what products are suitable for you. In certain cases, our GPs will not agree to provide certain products due to contraindications or specific allergies.

Prescription, order and returns data

·        confirmation as to whether or not you were issued a prescription (we receive this fromGPs);

·        information about the orders you place through our Online Service;

·        details of products which you have returned (this information is passed to us by the Pharmacy if you return something to them)

 

We use this information to provide the Online Services under the terms of our agreement with you, including by processing your orders, arranging for them to be dispensed and delivered, and to process returns.

Prescriptions from  GPsare shared with the Pharmacy.

We share your order information with the Pharmacy.

If you return products to the Pharmacy, they will let us know, so we are able to determine whether you are due a refund or replacement.

Analytics (Collected from your device and interaction with our Online Service)

·        How often you visit the Website

·        Which pages you go to

·        Your IP address

·        Device and browser operating system & version, make and model

·        The country of your device

We process this information so that we can analyse and improve our Online Services.

This processing is necessary for us to pursue our legitimate interests of: (i) ensuring that our Online Services function properly so that you and other users have the best experience; and (ii) improving the quality of our Online Services, and providing a better experience to our users.

We use Google Analytics to help us understand how our Online Services are used.

 

Payment information (Collected from you if you make a payment to us)

·        Name

·        DOB

·        Address

·        Billing information

To process payments and provide the Online Services under the terms of our agreement with you.

This information is provided by users to our payment processors, Stripe and Recharge.

Please refer to their privacy policy for more information:

·        https://stripe.com/gb/privacy.

·        https://rechargepayments.com/privacy-policy

 

  1. COOKIES AND SIMILAR TECHNOLOGIES

A cookie is a text file placed onto your device when you access our Online Services. We use cookies and other techniques such as web beacons, local storage, and flash object storage to deliver, improve and monitor our Online Service:

Authentication

To log you in and keep you logged in.

Preferences

To remember information about you such as your preferred language.

Analytics

To understand how you use our Online Services, so we can improve them. To carry out research and statistical analysis to help improve our content, products and services.

The information we obtain in this way will not usually contain your personal data. Although we may obtain information about your device such as your IP address, your browser and/or other internet log information, this will not usually identify you personally.

Please note that if you choose to disable cookies, or similar technologies, on your device you may be unable to make full use of our Online Service.

We work with third parties who may also set cookies, for example Google Analytics.

For more information, please refer to our cookie policy here: [LINK].

  1. DATA SHARING

We will share your information with third parties only in the ways that are described in this privacy policy.

Suppliers and other third parties mentioned in this Privacy Policy: We will disclose personal data to any of the third parties mentioned in this privacy policy, for the purposes set out in this privacy policy.  We use Google Cloud for our web hosting, Google analytics services as discussed above, which includes the use of Google Tag Manager, and we also use Hubspot to provide customer relationship management software and services.

Group members, personnel, suppliers or subcontractors: We keep your information confidential, but may disclose it to any member of our group (which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006), our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this privacy policy. However, this is on the basis that they do not make independent use of the information, and have agreed to safeguard it.

Merger or acquisition: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, you will be notified via, account message and/or a prominent notice on our website of any change in ownership or uses of this information, as well as any choices you may have regarding this information.

Required by law: In addition, we may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).

Enforcement: We may also disclose your personal information to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches, or to protect the rights, property or safety of us, our customers, or others.

  1. INTERNATIONAL TRANSFERS

It is possible that your personal information may be transferred outside of the EEA by third parties referred to in the policies as being the recipients of your data. We recommend that you refer to the privacy policies and/or terms and conditions of these third parties if you are concerned about your data being transferred outside the EEA.

Where we transfer your information outside of the EEA, we have measures in place to ensure that appropriate safeguards apply to protect your personal data, which may include contracts with those parties which include standard data protection clauses adopted by a data protection regulator and approved by the European Commission. If you would like to find out more about these safeguards, please let us know via hello@careforsons.com.

  1. 6. DATA RETENTION

We will hold your personal information on our systems for as long as is necessary for the relevant service, or as otherwise described in this privacy policy, or as required by law.  For further information, please let us know via hello@sons.co.uk.

  1. SECURITY

Careforsons implements security measures to help protect the personal information we hold. We do this by implementing and using the appropriate technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing.

We also aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data.

To help maintain the security of your personal information, We ask that you please notify us immediately of any unauthorised visit, access or use of the website or the loss or unauthorised use of

  1. YOUR RIGHTS IN RELATION TO PERSONAL DATA

You have the following rights over the way we process personal data relating to you, as set out in the table below. We aim to comply without undue delay, and within one month at the latest – to make a request please write to hello@sons.co.uk.

  • ask for a copy of data we are processing about you and have inaccuracies corrected

You have the right to request a copy of the personal information we hold about you and to have any inaccuracies corrected.

We will use reasonable efforts to the extent required by law to supply, correct or delete personal information held about you on our files (and with any third parties to whom it has been disclosed).

  • object to us processing data about you

You can ask us to restrict, stop processing, or to delete your personal data if:

  • you consented to our processing the personal data, and have withdrawn that consent;
  • we no longer need to process that personal data for the reason it was collected;
  • we are processing that personal data because it is in the public interest or it is in order to pursue a legitimate interest of ours or of a third party, you don’t agree with that processing, and there is no overriding legitimate interest for us to continue processing it;
  • the personal data was unlawfully processed;
  • you need the personal data to be deleted in order to comply with legal obligations;
  • the personal data is processed in relation to the offer of a service to a child.
  • obtain a machine readable copy of your personal data, which you can use with another service provider

If we are processing data in order to perform our obligations to you, or because you consented, or if that processing is carried out by automated means, we will help you to move, copy or transfer your personal data to other IT systems.

If you request, we will supply you with the relevant personal data in a commonly used, machine-readable and interoperable format. Where it is technically feasible, you can ask us to send this information directly to another IT system provider if you prefer.

  • make a complaint to a supervisory authority
  • If you are unhappy with the way we are processing your personal data, please let us know by contacting us via the support services.
  • If you do not agree with the way we have processed your data or responded to your concerns, an alternative is to submit a complaint to a Data Protection Supervisory Authority.
  1. CHANGES AND CONTACT INFORMATION

Modifications of this Privacy Policy

We may amend this policy from time to time and will alert you via our website or email you when changes are made.

Contact Us

  • By post: Careforsons Ltd, 2 Upper Wimpole Street, London, W1G 6LD
  • By email: hello@careforsons.com, with a subject line containing “Data Protection.”

 

COOKIE POLICY

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The table below explains the cookies we use and why.

Cookie

Duration

Purpose/ Third Party Access

Google Analytics

 two years

This cookie is used to collect information about how visitors use our website. We use the information to compile reports and to help us improve our website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited.

Read Google's overview of privacy and safeguarding data here

Authentication

During your session

To log you into our website and keep you logged in, and to ensure that your shopping basked stays full when you move from page to page.

Preferences

One month

To remember information about you such as your preferred language and configuration.

 

HOW DO I CHANGE MY COOKIE SETTINGS

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org.

Find out how to manage cookies on popular browsers:

To find information relating to other browsers, visit the browser developer's website.

To opt out of being tracked by Google Analytics across all websites, visit the following URL: http://tools.google.com/dlpage/gaoptout.