Privacy and security Policy
This privacy statement is issued by PharmaRight.com to enable us to meet our obligations to the EU General Data Protection Regulation (GDPR). PharmaRight.com is a licensed pharmacy located in Vanuatu, and our privacy statement applies to all our customers in the EU and elsewhere.
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as:
“any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
How do we use your personal data?
All personal information we collect from you on this web site will be securely stored. Access to that information will be restricted to the specified purposes, as defined in this privacy statement, which are:
- Collecting and using your personal data for processing orders.
- Sourcing personal information via email, fax, telephone, or any other means and sources.
Our commitment to you
We will ensure that the information we collect and use is appropriate for the purpose intended and does not invade your privacy.
Why do we need your personal data?
We need your personal data so that we can fill your order and meet our legal obligations. The information we need to do this is:
- Your name, address and billing details.
- Your date of birth to confirm you are an adult.
- Confirmation that the products you buy are for your own use and not for resale.
How do we interact and communicate with you?
You will be able to choose how we interact with you, such as by using website cookies, and how we can communicate with you about products and promotions. You can change your options at any time either directly on the site, or by contacting us directly.
Will my personal data be shared?
While we are processing your order, it may be necessary for us to share some of your personal data with a third party service provider. Also, with our bank or our payment processor contracted to PharmaRight.com .
Any third party receiving your personal data is obliged to maintain security and only use the data to fulfil the service required to process your order and facilitate payment.
Once your personal data is no longer required, it must be disposed of, to comply with privacy regulations and our procedures.
If we need to pass on your personal data to a third party, this would only be done with your consent, unless we are legally required to do so without your consent.
How will my personal data be used?
The way we process your personal data, which includes collection, storage and use, must comply with the EU General Data Protection Regulation (GDPR). We will do our very best to ensure that your personal data is accurate and current, and we will not keep it longer than we need it.
Factors affecting how long we need to keep your personal data include:
- Legal requirements to comply with income tax and audit regulations
- Specific business-sector requirements and agreed purposes
- Individual business needs
Will I be contacted by PharmaRight.com?
You will only be contacted by PharmaRight.com if absolutely essential. We will not be intrusive by asking unnecessary and irrelevant questions. All the personal data you provide will be protected by our rigorous procedures that aim to minimize the risk of unauthorized access or disclosure.
How can I find out the personal data you hold about me?
You may request at any time to know what personal data we hold and how it is processed. This includes the following information:
- The categories of personal data collected and processed, and how long it will be stored
- The source of any personal data not collected directly from you
- The identity and contact details of the person or organization involved in processing your personal data, which may be an EU representative; also the data protection officer, where appropriate
- The purpose and legal basis for processing your personal data.
- Information about legitimate interests held by us or a third party
- Information about recipients of your personal data
- Your rights to correct, erase, restrict or object to the processing of your personal information
- Your rights to withdraw consent at any time
- How to lodge a complaint with the supervisory authority
- The nature of any automated decision making used, such as profiling, or any meaningful information about the logic involved, as well as the significance and expected consequences of such processing of your personal information
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract
- Whether you are obliged to provide the personal data and the possible consequences of failing to provide such data
Note: If we intend to transfer the personal data to a third country or international organization, you can request information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
What identification will I need to access information about my personal data?
When you request access to information about your personal data, we will accept the following:
- Passport, driving license or birth certificate
- A recent utility bill from the last three months to confirm your address
Contact details of the Data Protection Officer / GDPR Owner: