How do we collect information from you?
Fox Pharma Ltd (‘we’ / ‘us’) obtains information about you when you use our website, for example, when you contact us about products and services, or when you place an order with us.
What Personal Information do we collect?
Personal information we collect may include the following:
- General identification and contact information such as: your name; address; email; IP address; telephone details; date and place of birth; your location.
- Sensitive information such as: Patient/client details from Prescription records, and other records from regulatory authorities and associations.
- Documents and details to verify your identity: I.D documents and utility bills
- Your professional details you may send to us: For example, details relating to your qualifications, training certificates, insurance cover, affiliations to associations.
What legal basis do we rely on to process your Personal Information?
- Consent – On some occasions, we process your personal information with your consent. Where we do so, you have the right to withdraw your consent at any time. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.
- To fulfil a contract – We may process your personal information when this is needed to fulfil a contract with you, such as providing you with products and services under our terms of service.
- Legitimate Interest – We also process your personal information when it is in our legitimate interests to do this and when these interests are not overridden by your data protection rights. Our legitimate interests include:
- Ensuring the security and integrity of our services and in ensuring that our websites and apps operate effectively;
- Offering and supplying goods and services to our customers;
- Protecting customers, employees and other individuals and maintaining their safety, health and welfare;
- Promoting, marketing and advertising our products and services;
- Sending promotional communications which are relevant and tailored to individual customers;
- Understanding our customers’ behaviour, activities, preferences, and needs;
- Improving existing products and services and developing new products and services;
- Handling customer contacts, queries, complaints or disputes; and
- Where the processing is necessary because of a legal obligation that applies
Who do we share your Personal Information with?
We may share your personal information with:
- Our Service Providers – This includes external third-party service providers, such as accountants, auditors, experts, lawyers and other outside professional advisors; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; document and records management providers; technical engineers; data storage and cloud providers and similar third-party vendors and outsourced service providers such as Royal Mail, DPD, etc that assist us in carrying out business activities.
- Governmental Authorities and Public Authorities – We may share your (or your Patient/client’s) personal information with governmental or other public authorities (including, but not limited to, regulatory authorities, courts, law enforcement, tax authorities and criminal investigations agencies); and third-party civil legal process participants and their accountants, auditors, lawyers and other advisors and representatives as we believe to be necessary or appropriate: (a) to comply with applicable law (b) to comply with legal process; (c) to respond to requests from public and government authorities (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our group companies; (f) to protect our rights, privacy, safety or property, and that of our group companies, you or others; and (g) to allow us to pursue available remedies or limit our damages.
How we use Personal Information?
We use personal information for some or all of the following:
- Communicate with you to conduct our business;
- Send you important information regarding changes to our policies, other terms and conditions;
- Carry out market research and analysis, including satisfaction surveys;
- Provide marketing information to you (including information about other products and services offered by selected third-party partners) in accordance with preferences you can express to us;
- Allow you to participate in contests, prize draws and similar promotions;
- Facilitate social media sharing functionality;
- Manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management;
- Resolve complaints, and handle requests for data access or correction;
- Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism; comply with legal process and respond to requests from public and governmental authorities).
- Establish and defend legal rights; protect our operations or those of any of our group companies or insurance business partners, our rights, privacy, safety or property, and/or that of our group companies, you or others; and pursue available remedies or limit our damages.
International Transfers of Personal Information
Your personal information will generally be kept within the UK/EU/EEA or in countries deemed by the European Commission to have an adequate level of protection; only for limited purposes and temporarily may data be transferred to other countries. This is where we need 24/7 technical support to maintain our IT infrastructure, and where the support teams of our service providers are located outside the UK/EU/EEA.
In all cases, however, we have technical, organisational, and contractual protections in place to keep the information safe and to ensure an adequate level of protection. Contractually, transfers outside the UK/EU/EEA to countries without an adequacy decision by the European Commission will be based on standard data protection clauses adopted by the European Commission, a copy of which may be obtained by contacting us. For transfers to the USA and other third country transfers we rely solely on standard contractual clauses, SCC’s.
How Long do we keep your Personal information for?
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Marketing and Advertising
- Direct Advertising and Communication – We use various digital and non-digital forms of direct advertising such as E-newsletters, SMS, social media, Online messaging, hard copy leaflets, etc for advertising. You may opt-out of any advertising of Fox Pharma’s products and services however please be aware this may impact on the effectiveness of how we manage your customer account with us. For example, we may promote a discount on a particular product you have purchased in the past which we would not be able to make you aware of if you have opted out of.
Where you provide us with personal data about your patients /clients
When you collect personal data on behalf of a patient/client and then provide us with that information to forward the data to fulfil a prescription, you are collecting personal information and are jointly responsible for the data subject on handling, storing, transferring of this data.
By using our services, you are entering into a declaration that the personal information you have collected and submitted to us has been carried out lawfully under the Data Protection Act 2018.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal data on our specific instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable authority of a suspected breach where we are legally required to do so.
Your Rights as a Data Subject
You have the following rights with regards to the processing of your personal information:
- Access – You have a to right to obtain a copy of all the personal information we hold about you.
- Processing – If you believe we are processing your personal data unlawfully or you believe that we no longer need your personal data you have the right to request that we restrict the processing of your personal data.
- Deletion- You have the right to request that we delete your personal data if you believe we no longer have a lawful basis to process it.
- Portability – You have the right to request that we move your personal information to another provider. This right only applies when processing data in certain circumstances. We currently do noy process your data in a manner for which this right applies.
- Automated Profiling – Where profiling or automated decision making produces a legal effect or similarly significantly affects you, you have right to object. We currently do noy process your data in a manner for which this right applies.
If you wish to exercise any of the above rights, please contact us.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at [email protected] or write to FAO Data Privacy, Fox Group International, 6800 Cinnabar Court, Daresbury Park, Warrington, Cheshire, WA4 4GE if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at [email protected] or write to FAO Data Privacy, Fox Group International, 6800 Cinnabar Court, Daresbury Park, Warrington, Cheshire, WA4 4GE.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Who to contact about your Personal Information
You can contact us at [email protected] or write to FAO Data Privacy, Fox Group International, 6800 Cinnabar Court, Daresbury Park, Warrington, Cheshire, WA4 4GE.