At CareMed Direct Ltd, we recognise that our customers are concerned about the manner in which information is collected and stored on the internet. We are committed to ensuring that your privacy is protected.
We adhere to requirements of the General Data Protection Regulation (GDPR), Data Protection Act 1998 and the Privacy and Electronic Communications Regulations (PECR).
Who are we?
When we say ‘we’, ‘us’, ‘our’ or ‘CareMed Direct’ in this policy, we are referring to CareMed Direct Ltd. We are a company registered in Ireland under company number 493824. Our registered office is Unit 1 Westside Monavalley Business Park, Tralee, County Kerry, V92 K258, in Ireland.
When do we collect your personal data?
We collect your personal data in the following situations:
- When you create an account with us on our website.
- When you place an order with us online, or on the phone.
- When you contact us by email, via our contact form, by post or any other means.
What information do we collect about you?
We will process the following personal information for our legitimate interests. This information is used by us to provide you with the best service and to communicate with you on any matter relating to the provision of the service.
Your name – When you register an account or place an order, we will require your first and last name so that you can be identified. We gather this information to allow us to process your order.
Email address – We store an email address against all orders placed online. This will be used for transactional and confirmation emails that relate to your order or account.
Phone numbers – We use your phone number to update you on the progress of your delivery if urgent reply is needed. When providing your mobile number, you agree that we can provide delivery carriers with your number solely for the purpose of these updates.
Company name, invoice & postal addresses – This information is used to ensure goods and services are delivered to the address specified and is necessary to provide our service to you.
Communication with Customer Services – Details of your interactions with us through our Customer Services online. For example, we may collect notes from our conversations with you, details of any feedback you give and details of purchases you made.
Payment card information – If you place an order, we will require your payment card details e.g. credit/debit card number and expiry date.
Other data provided by you and stored in your account – When you use our website you might enter personal information relating to your account. You will remain the data controller for all such data that is stored within our systems.
Analytical data – To deliver the best possible web experience, we use Google Analytics to collect technical information about your internet connection, browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, and any search terms you entered. Including details of your visits to our website, and which site you came from to ours.
How do use your personal data?
- To process any orders that you make on CareMed Direct online. If we do not collect your personal data during checkout, we will not be able to process your order and comply with our legal obligations.
- To respond to your queries, refund requests and complaints. Handling the information you send enables us to respond. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
- To protect our business and your account from fraud and other illegal activities. This includes using your personal data to maintain, update and safeguard your account. We will also monitor your browsing activity with us to quickly identify and resolve any problems and protect the integrity of our websites. We do all of this as part of our legitimate interest.
- To process payments and to prevent fraudulent transactions. We do this on the basis of our legitimate business interests. This also helps to protect our customers from fraud. If we discover any criminal activity through our fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing unlawful acts.
- To send you relevant, personalised communications by email in relation to updates, offers, services and products. We ask for your agreement before sending you this information.
- To develop, test and improve the systems, services and products we provide to you.
How will we protect your information?
We are committed to maintaining the necessary technical and organisational security measures to safeguard your personal data to the highest standard. All data is encrypted when transmitted from our secure servers to your browser using secure and modern forms of encryption.
All credit card transactions are processed using SSL encryption. Card information is transmitted, stored, and processed securely on a PCI-compliant network. This protects your data while being sent over the internet from being intercepted and misused by third parties.
We continuously test and update our infrastructure to identify and patch security vulnerabilities, and we carry out penetration testing to identify ways to further strengthen security. We know how much data security matters to all of our customers. With this in mind, we will take all appropriate steps to to keep up with the state-of-the-art in web security and protect your data.
Payment card protection
Point to Point Encryption protects our customers’ payment data at the point of interaction all the way through to settlement in order to protect it from fraud.
Where you have chosen (or where we have provided) a password that enables you to access secure areas of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone for any reason. We recommend that you change your password periodically and avoid re-using the same password for multiple online accounts.
How long will we keep your personal data?
If you have not used your account on it will be deleted after 2 years.
Any data related to a completed order will be deleted after 2 years.
Any data related to an order that has been cancelled will be deleted after 30 days.
Any credit card information will be deleted after 2 years, if no new purchases were made during that time.
Who do we share your personal data with?
We sometimes share your data with trusted third parties. Here is the policy we apply to those organisations to keep your data safe and protect your privacy:
- We only provide the information required to perform their specific services.
- They may only use your data for the purpose we specify in our contract with them.
- If we stop using their services, your personal data held by them will be deleted or rendered anonymous.
Examples of the kind of third parties we may work with are:
|Operational services||To facilitate delivery of your order, we will share your details with operational companies such as delivery couriers or suppliers.|
|Professional services||We may share your details with professional service companies such as accountants.|
|Payment service providers||We may share your details with companies who provide us with payment services for taking payments from credit/debit cards.|
|Technical service providers||We may share your details with providers we use who support our website and other business systems.|
|Fraud management||Under special circumstances, we may share information about fraudulent activity in our systems. This may include sharing data about individuals with law enforcement bodies.|
|Disclosures required by law||Under special circumstances, we may be required to disclose your personal data to the police or other enforcement, regulatory or government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and we take the privacy of our customers into consideration.|
We will not share your data with third parties for the purposes of any marketing without your consent.
Newsletter mailing list
If you’ve given permission, we may contact you to provide you with information about our services or products which we think may be of interest to you. As a registered customer, you could benefit from special prices, regular updates, and selected promotions.
If you have consented to receive marketing emails, you may opt out at anytime. You can unsubscribe by clicking the “unsubscribe from this list” hyperlink at the end of all CareMed Direct email messages, or by sending us an email at firstname.lastname@example.org
Links from this site to other sites
Our site may contain links to websites of other organizations, manufacturers, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Updating your details
As a registered customer, you can view and edit your personal data. If any of the information that you have provided to us changes, (e.g. your email address, home address, name, contact number or payment details) please update your account details under My Account.
Accessing your information
You have the right to request a copy of the personal information that we hold about you
Should you wish to, please contact Customer Services using the contact details provided below. You will need to include a brief description about the information you require and proof of identification. We will then respond to you within one month of receipt of the request.
If, at any time, you wish to have your information removed from our databases, please send an email entitled “REMOVE FROM DATABASE” to email@example.com. If you do any of these actions, we will take steps to ensure that your preferences are updated or the information is deleted as soon as reasonably practicable.
How to contact CareMed Direct
If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy or the way your personal information is processed, please contact us by one of the following means:
By email: firstname.lastname@example.org
Unit 1 Westside
Monavalley Business Park
If you have any concerns about the way that we handle your personal data, you have the right to raise this with the Irish Data Protection Commission. Please go to https://forms.dataprotection.ie/contact to find out more.
This page was last updated on 07/12/2020.