This Policy was last revised on 24 May 2018.
Rx Mens Health is committed to respecting our customers’ privacy and protecting their personal information from misuse or un-authorized disclosure and complying with privacy laws. Rx Mens Health values its reputation and aims to maintain high ethical standards in the conduct of our business affairs.
2 Organisation Contact Details
Data Controller Details
Email Address: [email protected]
Email Address: [email protected]
4 Description of Processing
The following is a very broad description of the way this organization/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organization has provided or contact the organization directly to ask about your personal circumstances
We process personal information to enable us
to receive payments and provide services
to maintain our accounts and records
to promote our services
to correspond with you and offer support
to comply with legal obligations
to prevent malicious activity
5 Data We Collect – Online Services
Your Company/Organization details
Information you may enter or attach on our contact form regarding your inquiry.
From people who are interested in a career at Rx Mens Health we will also collect your name, address, CV, and any information it contains and your desired remuneration as well as information you may enter on “How did you hear about this job?” form
From our job application page, we may also collect any links you send us to any Website, Blog, portfolio, and LinkedIn link.
From any emails you send to our contact or support email addresses we will collect all the information you write or attach in the email.
For visitors who go on to register for one of our services we may collect:
Account information: Credentials, Account currency
User details: First name, Last name, Email address, Date of birth, Full residential address, Mobile number
Credit card and bank account details
Full KYC documentation (including identity and residential documents)
Support information sent by the user to our support team
Session information: Login attempts, Login IP address(es), Login browser user agent(s)
For business Users we may collect:
Business details: Business name, Business address, Business Category, Business website
Credit card and bank account details
Full KYB documentation (including identity and residential documents)
Merchant(s) referring user to Rx Mens Health (if applicable)
6 When, Why and How we gain Consent (Legal Basis)
We will not collect any information about you without your explicit consent.
We will ask your consent every time we need to collect personal information about you unless you are signing up to one of our services when we will then have a contractual obligation to collect this data.
We will explain in clear and simple terms why we want to collect your information and what we will do with it before seeking your consent, so you are fully informed, and you will be given a clear and unambiguous option to opt in to any communications or services we might want to offer you.
7 Why we collect Personal Data
We collect information about you to provide you the products/services provided by Rx Mens Health, such as shipping address, preferred shipping method etc.
We collect information about you to manage your account and to protect your account against malicious activity.
We may collect and analyze information for the purpose of providing personalized products/services.
We also use it to recommend things we think you will like or to notify you about things you’ve told us you like.
We also use your information for business, regulatory and legal purposes such as dealing with any requests you make or content you submit.
Getting in touch if we need to tell you about something, like a change to our policies or issues with a service.
We also collect information for employment purposes.
8 Who Processes the Data We Collect (Who are the recipients of your data)
We will store and process your data following industry best practices and security standards.
Most of that processing takes place at Rx Mens Health in USA, UK and EU.
Some of the processing may take place in areas outside of the USA, UK and EU but within the EEA and covered by GDPR.
Where processing takes place by one of our trusted data processors, we ensure that our contracts with those 3rd parties contain the appropriate GDPR model clauses and that all our 3rd parties are also compliant with the GDPR, this affords your data the same protection away from our organization, as it does within it.
The data we collect through our online services may be processed by one or more of the following:
Trusted service providers such as technology, support, marketing, and sales service providers
Money Laundering prevention companies
Other companies within the group (if any)
9 Where we might send your personal data (Geographically)
We process data within the EEA and countries deemed by the European Union as having adequate safeguards for protecting personal data. These countries are recognized by the EU as having suitable safeguards for the rights and freedoms of individuals and recourse processes by which data subjects can exercise their rights.
We will only consider transferring your data outside of the EU if the following conditions are met.
A transfer, or set of transfers, may be made where the transfer is:
Made with your explicit informed consent;
Necessary for the performance of a contract between the you and this organization or for pre-contractual steps we need to take at your request;
Necessary for the performance of a contract made in your interest between this organization and another person;
Necessary for important reasons of public interest;
Necessary for the establishment, exercise or defense of legal claims;
Necessary to protect your vital interests or those of other persons, where you are physically or legally incapable of giving consent;
Made from a register which under USA, UK or EU law is intended to provide information to the public (and which is open to consultation by either the public in general or those able to show a legitimate interest in inspecting the register).
10 How long do we keep your data
We keep your information in line with our data retention policy. For example:
we keep transaction information for a period of seven years from the end of our relationship with you;
we keep your personal account information for a period of five years from closure of account;
when you apply for a job with us, we keep your resume and correspondence for a period of one year.
This enables us to comply with legal and regulatory requirements or use it where we need to, for our legitimate purposes such as managing your account and dealing with any disputes or concerns that may arise. We may need to retain your information for a longer period where we need the information to comply with regulatory or legal requirements or where we may need it for our legitimate business purposes, such as to respond to queries or complaints, fighting fraud and financial crime and responding to requests from regulators. Information that exceeds the retention periods is deleted or removed using industry standard practices.
11 Our Rights as an Individual in Respect of the Data We hold
We respect the rights and freedoms of individuals and as such we would like to make you aware of the following. You have the:
Right to access – you can ask us whether we’re processing your personal data, including where and for what purpose. You can also request an electronic copy of your personal data free of charge
Right to restrict processing – in certain circumstances, you can ask us to restrict our use of your personal data
Right to rectification – you can already ask us to correct inaccurate personal data we hold about you
Right to erasure (right to be forgotten) – in certain circumstances, you can ask us to erase your personal data
Right to data portability – you can ask us to provide you with a copy of your personal data in a commonly used electronic format so that you can transfer it to other businesses
Right to object to automated decision-making – in certain circumstances, you can ask us not to make automated decisions about you based on your personal data that produce significant legal effects
Right to lodge a complaint – you can lodge a complaint with us or your local data protection authority
To exercise your rights above please contact our Data Protection Officer, Data Controller or Company representative via any of the channels provided.
12 Data Sources – where did you get my data
Any and all data in respect of – Data We Collect, is collected directly from you, the individual.
We do not collect any of your personal data from any other sources. This included any publicly accessible list and or data sources, whether in the public domain or if we have a legitimate interest to be able to access those sources legally.