PRIVACY POLICY

Our website and marketing is owned and managed by The Organic Pharmacy Limited (“The Organic Pharmacy”) registered in England and Wales with company number 04022675 and whose registered office address is at Units 7&8 Vision Industrial Park, Kendal Avenue, London W3 0AF. At The Organic Pharmacy we are committed to protecting and preserving the privacy of our visitors when visiting our site or communicating electronically with us.

This privacy notice explains when and why we collect personal, how we use it, the conditions under which we may disclose it to others and how we keep it secure. Whilst we will keep all of your personal information confidential, we reserve the right to disclose this information in the circumstances as set out within this policy. We confirm that we will keep the information on a secure server and that we will comply fully with all applicable UK and EU General Data Protection legislation (GDPR).

We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes.

Any questions regarding this Policy and our privacy practices should be sent by email to info@theorganicpharmacy.com.

 

We are The Organic Pharmacy Limited, a proud British Luxury and Organic Skincare brand.

 

The GDPR sets out the following rights applicable to data subjects (please refer to the parts of this policy indicated for further details):

    • The right to be informed;

    • The right of access;

    • The right to rectification;

    • The right to erasure (also known as the ‘right to be forgotten’);

    • The right to restrict processing;

    • The right to data portability;

    • The right to object; and

    • Rights with respect to automated decision-making and profiling.

The GDPR seeks to ensure that personal data is processed lawfully, fairly, and transparently, without adversely affecting the rights of the data subject. The GDPR states that processing of personal data shall be lawful if at least one of the following applies:

    • The data subject has given consent to the processing of their personal data for one or more specific purposes;

    • The processing is necessary for the performance of a contract to which the data subject is a party, or in order to take steps at the request of the data subject prior to entering into a contract with them

    • The processing is necessary for compliance with a legal obligation to which the data controller is subject;

    • The processing is necessary to protect the vital interests of the data subject or of another natural person

    • The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller; or

    • The processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

If the personal data in question is “special category data” (also known as “sensitive personal data”) (for example, data concerning the data subject’s race, ethnicity, politics, religion, trade union membership, genetics, biometrics (if used for ID purposes), health, sex life, or sexual orientation), at least one of the following conditions must be met:

    • The data subject has given their explicit consent to the processing of such data for one or more specified purposes (unless EU or EU Member State law prohibits them from doing so);

    • The processing is necessary for the purpose of carrying out the obligations and exercising specific rights of the data controller or of the data subject in the field of employment, social security, and social protection law (insofar as it is authorised by EU or EU Member State law or a collective agreement pursuant to EU Member State law which provides for appropriate safeguards for the fundamental rights and interests of the data subject);

    • The processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent;

    • The data controller is a foundation, association, or other non-profit body with a political, philosophical, religious, or trade union aim, and the processing is carried out in the course of its legitimate activities, provided that the processing relates solely to the members or former members of that body or to persons who have regular contact with it in connection with its purposes and that the personal data is not disclosed outside the body without the consent of the data subjects;

    • The processing relates to personal data which is clearly made public by the data subject;

    • The processing is necessary for the conduct of legal claims or whenever courts are acting in their judicial capacity;

    • The processing is necessary for substantial public interest reasons, on the basis of EU or EU Member State law which shall be proportionate to the aim pursued, shall respect the essence of the right to data protection, and shall provide for suitable and specific measures to safeguard the fundamental rights and interests of the data subject;

    • The processing is necessary for the purposes of preventative or occupational medicine, for the assessment of the working capacity of an employee, for medical diagnosis, for the provision of health or social care or treatment, or the management of health or social care systems or services on the basis of EU or EU Member State law or pursuant to a contract with a health professional, subject to the conditions and safeguards referred to in Article 9(3) of the GDPR;

    • The processing is necessary for public interest reasons in the area of public health, for example, protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of EU or EU Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject (in particular, professional secrecy); or The processing is necessary for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes in accordance with Article 89(1) of the GDPR based on EU or EU Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection, and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject.

    • Adequate, Relevant, and Limited Data Processing

The Organic Pharmacy will only collect and process personal data for and to the extent necessary for the specific purpose or purposes of which data subjects have been informed (or will be informed) 

Accuracy of Data and Keeping Data up to date

    • The Organic Pharmacy shall ensure that all personal data collected, processed, and held by it is kept accurate and up to date. This includes, but is not limited to, the rectification of personal data at the request of a data subject.

    • The accuracy of personal data shall be checked when it is collected and at regularintervals thereafter. If any personal data is found to be inaccurate or out-of-date, all reasonable steps will be taken without delay to amend or erase that data, as appropriate.

Data Retention

    • The Organic Pharmacy shall not keep personal data for any longer than is necessary in light of the purpose or purposes for which that personal data was originally collected, held, and processed.

    • When personal data is no longer required, all reasonable steps will be taken to erase or otherwise dispose of it without delay.

Secure Processing

    • The Organic Pharmacy shall ensure that all personal data collected, held, and processed is kept secure and protected against unauthorised or unlawful processing and against accidental loss, destruction, or damage. 

 

Data we use

    • First name, Surname, Login email address, IP address, physical address plus postcode, messages, emails, date of account creation, date of account cancellation, date of birth, gender etc.

    • Others may include: a cookie ID*, the advertising identifier of your phone, data held by a hospital or doctor - which could be a symbol that uniquely identifies a person.

 

We may on pass your personal data on to third-party service providers contracted to The Organic Pharmacy in the course of dealing with you such as auditors, consultants, and legal advisers. Any such third parties that we may share your data with are obliged to keep your details securely, and to use them only to provide our products and services to you. When they no longer need your data to fulfil this service, they will dispose of the details in line with The Organic Pharmacy’s retention policy. If we wish to pass your sensitive personal data onto a third party, we will only do so once we have obtained your consent unless we are legally required to do otherwise. Any other personal information we collect, not described in any of the categories above will be brought to your attention with a message at the point of collection from you.

 

The Organic Pharmacy will not transfer your personal data outside of the EEA.

Where you give us your consent to process your personal data, you can at any time withdraw your consent.

If you wish to raise a complaint about how we have handled your personal data, or if you want to exercise any of these rights, you can email info@theorganicpharmacy.com. If you are not satisfied with our response of believe we are not processing your personal data in accordance with the law, you can lodge a complaint with the Information Commissioners Office. More details are available at https://ico.org.uk/concerns/. You are not obliged to provide The Organic Pharmacy your personal information, but failure to do so may result in our inability to provide you with our products and services. 

 

We use Klarna as the provider of our checkout. This means that we might transfer your personal data in the form of contact and order details to Klarna when the checkout is loaded, in order for Klarna to manage your purchase. Your personal data transferred is processed in line with Klarna’s own privacy notice.

 COOKIES POLICY

BACKGROUND: 

This website www.theorganicpharmacy.com  (“Our Site”) uses Cookies and similar technologies in order to distinguish you from other users. By using Cookies, We are able to provide you with a better experience and to improve Our Site by better understanding how you use it. Please read this Cookie Policy carefully and ensure that you understand it. Your acceptance of Our Cookie Policy is deemed to occur when you press the  "accept" button on Our Cookie pop-up OR when you have selected your preferred Cookie options in Our Cookie pop-up. If you do not agree to Our Cookie Policy, please stop using Our Site immediately.  

 1. Definitions and Interpretation 1.1 In this Cookie Policy, unless the context otherwise requires, the following expressions have the following meanings: 

 “Cookie” means a small file placed on your computer or device by Our Site when you visit certain parts of Our Site and/or when you use certain features of Our Site; 

“Cookie Law” means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003 [and of EU Regulation 2016/679 General Data Protection Regulation (“GDPR”)]; 

“personal data” means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data, as defined by the Data Protection Act 2018 AND/OR EU Regulation 2016/679 General Data Protection Regulation (“GDPR”); and 

“We/Us/Our” Means The Organic Pharmacy, a limited company registered in England under company number 04022675, whose registered address is Units 7 & 8 Vision Industrial Park, Kendal Avenue, London, W3 0AF, which is its main trading address. 

 2. Information About Us 2.1 Our Site is owned and operated by The Organic Pharmacy, a limited company registered in England under company number 04022675, whose registered address is is Units 7 & 8 Vision Industrial Park, Kendal Avenue, London, W3 0AF which is its main trading address. 2.2 Our VAT number is 782800128. 

2.3 Our Data Protection Office can be contacted by email at info@theorganicpharmacy.com, by telephone on +44 (0) 207 225 0524, or by post at Units 7 & 8 - Vision Industrial Park Kendal Avenue - Acton W3 0AF. 

 3. How Does Our Site Use Cookies? 3.1 Our Site may place and access certain first party Cookies on your computer or device. First party Cookies are those placed directly by Us and are used only by Us. We use Cookies to facilitate and improve your experience of Our Site and to provide and improve Our products AND/OR services. We have carefully chosen these Cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times. 3.2 By using Our Site, you may also receive certain third-party Cookies on your computer or device.

 Third party Cookies are those placed by websites, services, and/or parties other than Us. Third party Cookies are used on Our Site for advertising services. For more details, please refer to section 4 below. 3.3 All Cookies used by and on Our Site are used in accordance with current Cookie Law. We may use some or all of the following types of Cookie: 3.3.1 Strictly Necessary Cookies 

A Cookie falls into this category if it is essential to the operation of Our Site, supporting functions such as logging in, your shopping basket, and payment transactions. 3.3.2 Analytics Cookies 

It is important for Us to understand how you use Our Site, for example, how efficiently you are able to navigate around it, and what features you use. Analytics Cookies enable us to gather this information, helping Us to improve Our Site and your experience of it. 3.3.3 Functionality Cookies 

Functionality Cookies enable Us to provide additional functions to you on Our Site such as personalisation and remembering your saved preferences. Some functionality Cookies may also be strictly necessary Cookies, but not all necessarily fall into that category. 3.3.4 Targeting Cookies 

It is important for Us to know when and how often you visit Our Site, and which parts of it you have used (including which pages you have visited and which links you have visited). As with analytics Cookies, this information helps us to better understand you and, in turn, to make Our Site and advertising more relevant to your interests. Some information gathered by targeting Cookies may also be shared with third parties. 3.3.5 Third Party Cookies 

Third party Cookies are not placed by Us; instead, they are placed by third parties that provide services to Us and/or to you. Third party Cookies may be used by advertising services to serve up tailored advertising to you on Our Site, or by third parties providing analytics services to Us (these Cookies will work in the same way as analytics Cookies described above). 

3.3.6 Persistent Cookies 

Any of the above types of Cookie may be a persistent Cookie. Persistent Cookies are those which remain on your computer or device for a predetermined period and are activated each time you visit Our Site. 3.3.7 Session Cookies 

Any of the above types of Cookie may be a session Cookie. Session Cookies are temporary and only remain on your computer or device from the point at which you visit Our Site until you close your browser. Session Cookies are deleted when you close your browser. 3.4 Cookies on Our Site are not permanent and will expire as indicated in the table below. 3.5 For more details of the personal data that We collect and use, the measures we have in place to protect personal data, your legal rights, and our legal obligations, please refer to our Privacy Policy www.theorganicpharmacy.com/privacy-policy. 3.6 For more specific details of the Cookies that We use, please refer to the table below. 

 

4. What Cookies Does Our Site Use? 

In operating our store, it is essential for us to capture some information about your device, such as your IP address and information related to your visit when you browse our store. For example, this might include time-stamp, the last page or product you visited, the indication that you logged in. 

 We do that in order to:  

● remember who you are after you log in so that you do not need to authenticate at each click; 

 ● monitor if our website is running with the high performance we are dedicated to providing;  

● let you browse between products without having to start back from the home page at each click;  

● remember if you put something in your shopping cart before you decide to checkout;  

● control that your data is processed securely.  

We call the information mentioned above “essential information” and we collect it through the use of cookies. Cookies are small text files that most websites uses.  

A website places cookies in the web browser and then reads the information collected through the cookies every time the user performs an action. We use cookies. Without enabling this mechanism and this kind of cookies (first-party cookies), we could not provide you with the smooth experience that you expect while you are navigating.  

4.1 Our Site uses analytics services provided by Google Analytics. Website analytics refers to a set of tools used to collect and analyse anonymous usage information, enabling Us to better understand how Our Site is used. This, in turn, enables Us to improve Our Site and the products AND/OR services offered through it. You do not have to allow Us to use these Cookies, however whilst Our use of them does not pose any risk to your privacy or your safe use of Our Site, it does enable Us to continually improve Our Site, making it a better and more useful experience for you. 4.2 The analytics service(s) used by Our Site use(s) analytics Cookies to gather the required information. 4.3 The analytics service(s) used by Our Site use(s) the following analytics Cookies: 

 Name of Cookie            Purpose & Type         Provider         Expiration time 

_ga

Used to distinguish users.

Google Analytics

2 years  

_gid

Used to distinguish users.

Google Analytics

24 hours  

_gat

Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_.

Google Analytics

1 minute  

AMP_TOKEN

Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service. 

Google Analytics

30 seconds to 1 year

_gac_  

Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads

Google Analytics

90 days  





 5. Consent and Control 5.1 Before Cookies are placed on your computer or device, you will be shown a pop-up requesting your consent to set those Cookies. By giving your consent to the placing of Cookies you are enabling Us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of Our Site may not function fully or as intended. You will be given the opportunity to allow and/or deny different categories of Cookie that We use. You can return to your Cookie preferences to review and/or change them at any time by changing the settings in your browser. 5.2 In addition to the controls that We provide, you can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all Cookies or only third-party Cookies. By default, most internet browsers accept Cookies but this can be changed. 

For further details, please consult the help menu in your internet browser or the documentation that came with your device. 

 

5.3 The links below provide instructions on how to control Cookies in all mainstream browsers:

5.3.1 Google Chrome 

5.3.2 Microsoft Internet Explorer

5.3.3 Microsoft Edge: (Please note that there are no specific instructions at this time, but Microsoft support will be able to assist)

5.3.4 Safari (macOS) 

5.3.5 Safari (iOS)  

5.3.6 Mozilla Firefox  

5.3.7 Android: (Please refer to your device’s documentation for manufacturers’ own browsers) 

 

6. Changes to this Cookie Policy 6.1 We may alter this Cookie Policy at any time.  [If We do so, details of the changes will be highlighted at the top of this page.] Any such changes will become binding on you on your first use of Our Site after the changes have been made.  You are therefore advised to check this page from time to time. 6.2 In the event of any conflict between the current version of this Cookie Policy and any previous version(s), the provisions current and in effect shall prevail unless it is 

expressly stated otherwise. 

 

7. Further Information 7.1 If you would like to know more about how We use Cookies, please contact Us at info@theorganicpharmacy.com, by telephone on +44 (0) 207 225 0524, or by post at Units 7 & 8 - Vision Industrial Park 7.2 Kendal Avenue - Acton W3 0AF. 7.3 For more information about privacy, data protection and our terms and conditions, please visit the following: 7.3.1 www.theorganicpharmacy.com/privacy-policy; 7.3.2 www.theorganicpharmacy.com/terms-&-conditions.