Group 8

Book Your Flu Vaccine Here

Group 9

Free Click & Collect

Group 10

Spend €49 and get Free Delivery

Security & Privacy

Contents

1. Introduction
2. Purposes of Data Collection
3. Categories of Data Collected
4. How is your Data Processed?
5. Who will this information be shared with?
6. How long will we hold your information?
7. Transfers to Third Countries
8. Your Rights
9. Security
10. Amendments of this Privacy Notice
11. Third Party Sites
12. Governing Law and Jurisdiction

 

 

1. Introduction

McCauley Health & Beauty Pharmacy Ltd is a private limited company, registered address 3054 Lake Drive, Citywest Business Park, Dublin 24, Wexford, Company Registration Number 65349 and is the data controller of any personal data you provide in the context of engaging our services.

 

We are committed to protecting your personal data in compliance with data protection principles. You may contact us at any time to exercise your rights as a data subject or where you require further clarification on the information provided in this policy by emailing dpo@smcc.ie

By using this Website you are agreeing to the use of your personal data as described in this Privacy Notice.

 

2. Purposes of Data Collection

i.Performance of a Contract

Where you provide your personal data to us to receive goods you have purchased from our website, we rely on Article 6(b) of the GDPR to provide the legal basis for collecting and processing your personal data for this purpose i.e. we require your personal data to fulfil the performance of this agreement with you. We also rely on this legal basis where you voluntarily submit those details for the purposes of enquiring about our products or services.

ii.Consent

We rely on Article 6(1)(b) and Article 9(a) to process special categories of data where it may be possible to infer the status of your health or any particular condition that you have through the purchase of healthcare or medicinal products on our website.

 

iii.Legitimate Interests

We also rely on Article 6(f) of the GDPR to process your personal data for the purpose of running analytics on our sales and website to determine how we can optimise and improve our business for the benefit of our customers.

 

iv.Performance of a Contract

We collect and process your personal data for the purposes of contacting you where you provide these details to us in the context of enquiring about our services or products. Where you voluntarily submit your personal details for the purposes of engaging our services we rely on Article 6(b) of the GDPR to provide the legal basis for collecting and processing your personal data for this purpose i.e. we require your personal data to fulfil the performance of this agreement with you.

 

3. Categories of Data Collected

We only collect personal data that is provided by you i.e. name, address, telephone number, email address. We do not collect payment details and all payments are routed through a secure payment gateway.

We also use your personally identifiable information for the purpose of website analytics i.e. we use your IP address for the purpose of identifying the number of visitors to our website, page impressions etc, however, we do not have the capability of identifying you from your IP address.

We use cookies on our website for the purposes of website functionality and optimising your browsing experience. We also use cookies for the purposes of suggesting products that you may be interested in purchasing through the Google Ad Display Network and through your Facebook profile (if you have one). For more information on cookies please refer to our cookies policy.

 

4. How is your Data Processed?

Your data is automatically synced with our mail servers and e-commerce system and will be processed internally for these purposes.

 

5. Who will this information be shared with?

Your privacy is very important to us. Your personal data may be shared with business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you. For example, we will share your details with our mail delivery partners for the purposes of ensuring the goods you purchase are delivered to you.

In the event of a purchase or sale of the business, we may disclose your personal data to third parties who are prospective buyers or sellers of such businesses or assets. If the Company or its assets are sold to a third party, personal data will be transferred as part of the transaction. However, the Company will ensure to the best of its ability that the privacy of your personal data is maintained on an ongoing basis.

Personal information may also be disclosed to law enforcement, regulatory, or other government agencies, or to other third parties, in each case to comply with legal or regulatory obligations or requests.

 

6. How long will we hold your information?

We will hold your information for the duration required to fulfil our contractual and statutory obligations. Where you would like your information to be deleted, please refer to section 8 below.

 

7. Transfers to Third Countries

Where personal data that is processed for the purposes of providing our services to you and where this requires the transfer of this data outside of the EEA .

Where personal data is transferred outside of the EEA, your rights as a data subject are protected by data transfer mechanisms such as Standard Contractual Clauses and EU/US Privacy Shield.

 

8. Your Rights

You have a number of rights as a data subject which you may choose to exercise at any time by contacting us at dpo@smcc.ie 

 

i. Access to Personal Data

Where you wish to access a copy of your personal data held by us, you may do so by contacting us in writing and we will respond to this request in 30 days.

 

ii. Rectification or Erasure of Personal Data

Where you wish the data that we hold on you to be rectified, you have the right to request this in writing. 
Where you wish to exercise your right to have your personal data erased, we will do so without undue delay, subject to the exemptions provided for in Article 17(3) of the GDPR.

 

iii. Restriction of processing

You have the right to obtain restriction of processing of your personal data where you contest the accuracy of the data for a period allowing us to verify the accuracy of the data; where the processing is unlawful and you oppose the erasure of your data and request the restriction of its use instead; where we no longer need the data for the purposes for which it was collected but it is required by you for legal purposes; where you have objected to the processing pursuant to Article 21(1).

 

iv. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

 

9. Security

We use reasonable technical and organisational security measures to protect your data and to prevent the loss, misuse or unauthorised alteration of any data in our control and will use our reasonable endeavours to ensure that such information is kept as secure as possible.

 

10. Amendments of this Privacy Notice

This Privacy Statement may be updated to reflect changes in privacy legislation, and any changes to this Notice should be reviewed when accessing the website.

 

11. Third Party Sites

Where links to third party websites are provided, we do not accept any liability or responsibility for the content or security of these websites.

 

12. Governing Law and Jurisdiction

This notice and all issues regarding this website are governed exclusively by Irish law and are subject to the exclusive jurisdiction of the Irish courts.