Your Rights, Our Responsibilities
We are Aposave Limited (Company number , VAT number ). Our registered office address is at Floor 30, The Leadenhall Building, 122 Leadenhall Street, London EC3V, United Kingdom. We are registered with the Information Commissioners Office as required by the Data Protection Act. We take your privacy and the security of your information very seriously. This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
- People contacting us through the online webform or email
- Visitors of our website (Cookies)
1. General information
Your personal information will be shared with our service providers in order to make use of their services. These service providers are bound by our instructions and will only process your personal information in accordance with this policy.
Aposave ltd. may disclose your personal information in order to respond to lawful request(s) by public authorities and law enforcement agencies. Your personal information may also be part of our internal review procedures to address our compliance with various legal obligations.
Information we collect
When you purchase prescription medication from Aposave, we will collect and store the following pieces of information about you:
- Name, address, phone number, email, bank information
- Medical history
How we use the information
Your personal information will be used for the following purposes:
- To be able to deliver your medicine to you and to communication with you about your order. We process this information on the basis of the General Data Protection Regulation (GDPR), Art. 5 (1)(b) in order to fulfil a contract with you.
- Fulfilling our legal obligation as a pharmacy when selling prescription medication. Our processing of your personal data is based on the requirements set out in Part 12, Chapter 2 of The Human Medicines Regulations 2012 and in accordance with the General Pharmaceutical Council.
Disclosure of personal information
If we suspect a prescription has been falsified we will share information with the physician who provided the prescription in order for us to verify the legitimacy of the prescription.
Retention of your personal information
Private prescriptions will be stored for two years in accordance with Regulation 253(2)(a) of the Human Medicine Regulations of 2012. All NHS prescriptions will be sent to NHSBSA at the end of each month according to our contract with the NHS.
Information about your purchase will be stored until ten years after your death in accordance with the NHS Code of practice.
Information we collect
When you communicate with us by email or through our website we’ll be collecting and processing the following information about you:
- Name, email address, telephone number
- Any information you submit to us in your messages.
How we use the information
The purpose of our processing of your personal information is to be able to communicate with you and is based on our legitimate interest in accordance with the General Data Protection Regulation (GDPR) article 6(1)(f).
Retention of your personal information
Aposave ltd. stores emails for six months with the exception of emails containing sensitive information. Sensitive information will be stored until we have sufficiently responded to you enquiry.
4. Your rights
Under the General Data Protection Regulation, you have rights as an individual which you can exercise in relation to the information we hold about you. This includes the right to:
- Get access to the data we process;
- Rectification of inaccurate or incorrect information about you;
- Deletion of your personal information (in certain circumstances);
- Restrict our processing of your personal information (in certain circumstances);
- Object to our processing of your personal data;
- Have your personal information provided to you in a machine-readable format.
If you want to invoke any of these rights, please send your request to Privacy@Aposave.com.
You can read more about these rights at the Information Commissioner’s Office or webpage or at the European Commission’s webpage.
If you have any complaints regarding Aposave’s processing of your personal information, you can log an official complaint with the Information Commissioner’s Office.
Aposave ltd. is an online pharmacy registered with the General Pharmaceutical Council with registration number 9010743 and the Information Commissioner’s Office with registration number ZA091297.
If you have any questions about how we process your personal information that has not been answered in the above sections, please contact us at:
Aposave ltd. (Data Controller)
The Leadenhall Building
122 Leadenhall Street
Telephone: +44 20 3753 4601
What is a cookie?
A cookie is a tiny element of data that is stored on your computer’s hard drive by your web browser when you access a website. The Site makes use of the following types of cookie technology:
- A “Session cookie”, which contains a random ID number automatically allocated to your computer by the webserver for the duration of your visit. It is meant to make your use of the Site faster and easier. It will be deactivated after thirty minutes of inactivity on the Site and will be automatically removed from your computer when you close your browser.
- A “Script generated cookie” is automatically allocated to your computer when you register to access any restricted areas of the Site and on each subsequent visit. It only contains an identifier which will enable the Site to identify you as a registered user so that you do not have to identify yourself again while you move from one server to another during your visit. It will remain on your computer after your visit until you remove it. It will be placed again at your next visit. We are using session and persistent cookies in order to enable certain shop functions (such as checkout) in interaction with your browser. Please note that our cookies do not collect any personal information. In addition to that, we are using analytical tools which track the user’s activities solely for the reason to improve our service to you. The collected data will be pseudonymised which means that they cannot be associated with you and will not be transmitted to any 3rd party.
We may use third-party advertising companies or affiliates to display advertisements on our website. These third-party advertising companies or affiliates may separately place or recognise a cookie file on your browser in the course of delivering advertisements to the Site. We cannot see the information collected or stored in third party cookies. We do not provide personal data about you to these third party advertisers or affiliates or to any other third party.
Removing and disabling cookies
If you don’t want us to place cookies on your computer at all, you can set your browser to disable or reject cookies. This will mean that no websites will be able to place cookies on your computer. You can do this by adjusting the preferences within your browser. This may mean, however, that you will not be able to enjoy full use of all parts of the Site.
If you want to remove previously-stored cookies, you can manually delete the cookies at any time. This will not prevent websites from placing further cookies on your computer.
To find out exactly how to disable/remove, please go to http://www.allaboutcookies.org/manage-cookies/index.html
Data collected by web servers and cookies are not transferred to any third parties, except to process your order request.
Subject access rights
At law you have the following rights
- a subject access right which enables you to be told whether we hold any personal data about you and to obtain a copy of that information;
- a right to get personal data relating to you rectified, completed, updated, blocked or erased when incomplete, unclear, obsolete or processed unlawfully;
- a right to object to the processing of data relating to you on legitimate grounds and a right to object free of charge to the use of data for solicitation purposes.
We will comply with such rights as provided under applicable law. If you wish to exercise your subject access right, please contact us in writing at the address set out on the Site with sufficient information to identify yourself and the information you require. We will respond to your request within 40 days. We reserve the right to charge £10 for complying with a subject access request.
Except if provided to others in the circumstances set out in this Policy, the data supplied by you will be kept on the Site’s secured servers and computer systems, protected from outside intrusions.
We reserve the right to make changes to this Policy from time to time and reserve the right to do so. Any changes to the Policy will appear on this page, which you should check from time to time. By continuing to use the site you are deemed to accept changes to this Policy.
If you have any questions about any aspect of this Policy or want to discuss how we handle your data you can contact us by email, post or telephone.