Welcome to victoriahealth.com (the "Site"), a website operated in the United Kingdom by Victoriahealth.com ltd, a company incorporated in England and Wales with company registration number 3755987, VAT number 739900802 and whose registered office is located at 25 Farringdon Street, London, EC4A 4AB ("Victoria Health", "we", "us" or "our").
Opting Out of Google Analytics: Visitors who don't want their data used by Google Analytics can install the Google Analytics opt-out browser add-on. To opt-out of Analytics for the web, visit the Google Analytics opt-out page and install the add-on for your browser. You can find this information here. You may also wish to opt-out of Google Analtyics for Display Advertising and customise Google Display Network ads using the Ads Settings.
- When will we collect data.
- When you visit our website.
- When you purchase a product or service.
- When you sign up to our email list.
- When you engage with us on social media.
- When you contact us via any means with queries, complaints or otherwise.
- When you comment or review products and information on our site.
- Any individual may access personal data related to them, including opinions.
Meaning, that if a comment includes information about the company who provided that product or information, may be passed on to them if requested.
- When you have given a third-party permission to share with us the information they hold about you.
- When our partners share information with us about the service or product you have purchased.
Information we collect about you. With regard to each of your visits to our Site, we may automatically collect the following information:
- Technical information including the Internet Protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- Information about your visit including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any telephone number used to call our customer service number.
We may receive information about you. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site. We are also working closely with third parties (including, for example sub-contractors in technical, payment and delivery services, advertising networks, marketing services, analytics providers, search information providers, and credit reference agencies) and may receive information about you from them.
WHAT SORT OF DATA DO WE COLLECT?
- If you have an account with us: your name, billing/delivery address, orders, payment type, email address and telephone number. For security we also keep your password encrypted.
- Details of your interactions with us through email.
- Your social media username, if you interact with us through those channels, to help us respond to your interactions.
- Emails for marketing if you opt-in while signing up or through the subscribe section of the website, or again within your account settings.
- Emails for reviews which are sent after purchase
HOW AND WHY DO WE USE YOUR PERSONAL DATA?
The data privacy law allows us to combine the data we have about you to offer the best service we can as part of our legitimate interest in understanding our customers and providing our highest level of service.
If you wish to change how we use your data, you’ll find details in the “What are your rights?” section below. Keeping in mind, if you choose not to share your personal data, or refuse certain permissions, we might not be able to provide some services you’ve asked for.
We may use your phone number to contact you about your order or if you have a query that you wish us to call you about. You can remove this from our site using your account section when logged in.
Your email address will only be used to contact you automatically about your order, unless you optionally select for us to send you news materials and event notices. You can opt out of these in your account section when logged in
HOW WE USE YOUR DATA
- To process orders
- To respond to your queries
- To provide a security verification for your account and purchases
- To see how well our products are selling
- To find areas of improvement in our site
- To prevent fraudulent transactions
- With your consent we will use your data to keep you informed via email, web or telephone to contact you about relevant products and services including special offers, discount promotions etc. You may opt out of this at any time via email, telephone or your online account in the Account Details page under the Communication Preference option:
- To send you relevant updates, about our news, offers, services and products.
- We will not send you information via post, excluding your order unless requested.
- If subscribing to the VH Addicts membership we will send you out monthly emails on the goings on at VH, the news and new brand launches as well as any other gifts we can bestow upon the customer. While signing up to this we will send out three emails at the end of your subscription to let you know it is ending soon.
- To develop, test and improve the systems, services and products we provide to you.
- To comply with our contractual or legal obligations to share data with law enforcement.
- To process and respond to the VH Addicts prescription service.
- Sending data to Google for analyses: How Google uses data when you use our partners' sites or apps
HOW DO WE PROTECT YOUR PERSONAL DATA?
- We secure access to all transactional areas of our site using “https” technology.
- Access to your personal data is password protected, and sensitive data such as payment card information is secured by a payment gateway.
- All order information is held on an offsite server protected by a dedicated firewall and aligns itself to the most up to date policies and security measures. Some data which is processed via email is held on our cloud based Office 365 account and separate distribution email addresses relating to accounts, customer care etc.
- We receive immediate updates from our hosted site provider for possible vulnerabilities, updates.
- We also send some data to Google where we can use their systems to analyse the data, this is protected by the google terms of service.
HOW LONG WILL WE KEEP YOUR PERSONAL DATA?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected
At the end of that retention period, your data will be deleted or archived anonymously, for example sales data, such as figures will be kept but customer specific and identifiable data will be removed.
If signing up to the VH Addicts, we will keep you on the VH Addicts mailing list for one year past when you bought the VH Addicts subscription, then remove your details from the system the day after.
When you place an order, we’ll keep the personal data you give us for at least the minimum allowed so we can comply with our legal and contractual obligations.
WHO DO WE SHARE YOUR PERSONAL DATA WITH?
We utilise certain third parties to provide services which you have asked for. For example email sending hosts, postal delivery services, review platforms, payment gateways and any third party we use to provide the services we need to give you our best service.
For example, we provide only the information they need to perform their services. They may only use the data for the exact purpose we specify for them, if we stop using their services, any of your data held by them will be rendered anonymous or deleted. Examples of the kind of third parties we work with are:
- IT companies who develop our website and other business systems, operational companies such as delivery couriers.
- Google Tag Manager
- Google Analytics
- GlobalE (Cross Border solution for international orders. They are the "Merchant of Record")
- Klaviyo (email marketing controlled by Victoria Health)
Information you give to us. We will use this information in relation to:
Administration of our Site and performance of our contract with you: The information you give to us is necessary to enable us to (i) fulfil your order (including acknowledging your order and communicating with you if there is any issue regarding the fulfilment of your order); (ii) to make sure your order is delivered correctly; (iii) to maintain your account; (iv) accounting, billing, reporting and audit;(v) credit checking or screening (vi) authentication and identity checks (vii) credit, debit or other payment card verification and screening; (viii) debt collection; (ix) safety, security, health, training, legal and administrative purposes.
Providing customer service in pursuit of our legitimate interest as a retailer: We ask for your contact details such as your e-mail address and telephone number and order details to enable us to answer any questions you have about using our Site; to notify you about the status of your order or whether you have left a shopping basket with a product in it, and other customer care services such as identifying your requirements and shopping preferences. To provide those customer care services we may use your data for statistical and market analysis; studies, research and development by us, or a third party we appoint as a data processor pursuant to applicable laws. Direct Marketing: In order to improve your shopping experience with us we want to keep you up-to-date on our latest products, promotional offers and events. If you are an existing customer, we may contact you by electronic means (email or text) about goods and services similar to those which were the subject of a previous sale or negotiations for a sale. We may contact you as an existing customer by direct postal mail as it is in our legitimate interests to do so as a retailer seeking to market similar products or products we think you may be interested in. If you are a new customer, and where we permit selected third parties to use your personal information, we (or they) will contact you by electronic means only if you have expressly consented to this or we are otherwise permitted to do so in accordance with applicable laws.
We may use the information you provide and the information we collect about you to build a picture of your interests so that we may tailor our communications to you to ensure they are relevant and of interest to you and so that when you visit our site we can tailor your experience so that it is easier to shop with us.
Opt-out of Direct Marketing : You can at any time tell us not to send you marketing communications (i) by e-mail by clicking on the unsubscribe link within the marketing e-mails you receive from us; (ii) by telephone to our customer care team (iii) by postal mail by following the instructions that may be included in a particular promotion.
From time to time we retain the services of other carefully selected and monitored companies and individuals to perform functions on our behalf in connection with the successful operation and continuous improvement of this Site. These companies and individuals are appointed as data processors or as joint controllers. We may share your information with such third parties including:
(a) Suppliers and sub-contractors for the performance of any contract we enter into with them or you (e.g. in order to process your order and maintain your account, including the authorisation and validation of credit or debit card transactions, the provision of delivery services, the analysis of data.). These companies or individuals may be provided with access to your personal details in order to fulfil their function but may not use such information for any other purpose.
(b) Advertisers and advertising networks we appoint to assist us and who require the data to select and serve relevant adverts to you on our behalf including our third-party advertising partners and their service providers in order to deliver to you banner advertisements and other advertising tailored to your interests when you visit certain websites. Our advertising partner will make the data we provide it pseudonymous. We may also work with third parties (such as Facebook and Instagram) to serve ads to you as part of a customized campaign on their platforms. If you prefer not to see customized ads from us, you can opt out by changing your account settings or preferences on such platforms.
(c ) Analytics and search engine providers that assist us in the improvement and optimisation of our Site.
We do not provide your personal details to other companies or individuals for their marketing purposes.
We may disclose your personal information to other third parties:
(a) In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
THIRD PARTY WEBSITES
Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
DO WE SHARE DATA WITH THIRD PARTIES FOR THEIR OWN PURPOSES?
The only third-party services that we would allow to use your data would be in the investigation of fraudulent use of our site; including law enforcement bodies.
WHERE IS THE DATA PROCESSED?
All our data is held on a cloud server for Bigcommerce, AWS, Veeqo (WMS), Reviews.io, Klaviyo; however the nature of our data protection may require the data to be moved to another server for security, updates or moving service.
All companies using data from the EEA (European Economic Area) are required to adhere to the strict rulings of its procedures, including all EU member countries. Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.
We store data for as long as it is necessary to provide products and services to you and others and so long as we are legally required to do so. Information associated with your account will be kept until your account is deleted, unless we no longer need the data to provide products and services, or until any legal requirement to keep it no longer exists. When we no longer need personal data, we securely delete and destroy it.
WHAT DO YOU HAVE THE RIGHT TO REQUEST?
- Access to the personal data we hold about you, free of charge in most cases.
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing.
- That we stop any consent-based processing of your personal data after you withdraw your consent.
- Review by Victoria Health of any decision made based solely on automatic processing of your data (i.e. where no human has seen or yet reviewed the outcome and criteria for the decision).
- You have the right to request a copy of any information about you that we hold at any time and also to have that information corrected if it is inaccurate.
- The right to withdraw consent
- You have the right to change your mind about the consent given to us at any time.
To ask for your information, please contact Customer Care, Victoria Health, Unit 5 Atlantic Business Centre, Stirling Way, Borehamwood, UK, WD62FQ, or email firstname.lastname@example.org. To ask for your information to be amended, please update your online account, or contact our Customer Care team. If we choose not to action your request we will explain to you the reasons for our refusal.
CHECKING YOUR IDENTITY AND CHILDREN'S ONLINE PROTECTION
We do not knowingly or intentionally collect any information from children under the age of 18. If you are under the age of 18 you may look at our Site but you may not make a purchase, register or submit any personal information to us. If we become aware that we have inadvertently received personal information from a visitor under the age of 18 on the Site, we will delete the information from our records. Our Services are intended for general audiences, and are not intended for anyone under 18. Ordering our products should only be done by people who are at least 18 years old or older.
If you feel your data has not been handled correctly, or you are unhappy with our response to any requests you made to us regarding the use of your personal data, you have the right to lodge your complaint to the ICO (Information Commissioner’s Office.) within the UK. If you live outside the UK you must check which regulatory body to contact.
IF YOU LIVE OUTSIDE THE UK
By using our services or providing your personal data to us, you expressly consent to the processing of your personal data by us or on our behalf. Of course, you still have the right to ask us not to process your data in certain ways, and if you do so, we will respect your wishes.
Sometimes we’ll need to transfer your personal data between countries to enable us to supply the goods or services you’ve requested. In the ordinary course of business, we may transfer your personal data from your country of residence to ourselves and to third parties located in the UK.
By dealing with us, you are giving your consent to this overseas use, transfer and disclosure of your personal data outside your country of residence for our ordinary business purposes.
This may occur because our information technology storage facilities and servers are located outside your country of residence, and would include storage of your personal data on servers in the UK.
We’ll ensure that reasonable steps are taken to prevent third parties outside your country of residence using your personal data in any way that’s not set out in this Privacy Notice. We’ll also make sure we adequately protect the confidentiality and privacy of your personal data.
LAW, JURISDICTION AND LANGUAGE
This Site, any content contained herein, and any contracts entered into as a result of usage of this Site are governed by English law. The parties to any such contract agree to submit to the exclusive jurisdiction of the courts of England and Wales. All contracts are concluded in English.
We hope this Privacy Notice has been clear in setting out the new policies of handling personal data and your rights to control it. Any questions, please contact us here or by post to:
Unit 5, Atlantic Business Centre
This notice was last updated: November 2022.