Privacy Policy

Privacy Policy

This privacy policy covers (Earls Barton Pharmacy) collection, use and disclosure of information practices while on our website (www.earlsbartonpharmacy.com). This privacy policy together with our terms and conditions and other agreements with you, forms the basis on which we will collect and process your data. In this policy (Earls Barton Pharmacy) is referred to as, we, us, our. The policy describes how we collect, store and process your data on this website.

The collection and use of information by us

What information we may collect from you (the user) when you use our website or services?
  • Contact details such as name, email address, mailing address, phone number.
  • For pharmacy services we collect information such as your medical history, medication history, gender, NHS number, date of birth, GP details.
  • Your preferences information such as product wish lists, order history, marketing preferences, reviews.
  • Information that you provide by filling in the forms on this website.
  • Information you provide when you report a problem or query.
  • Payment details
We try to reduce holding and use of sensitive information.

How we may use your data?

  • To provide you with our services
  • To process your EPS nominations and repeat prescription requests. This will involve send your request to your GP surgery with your personal details. We may provide some services on our website which are supplied by a third party, such as online doctor or travel clinic booking system. By using these services, the third party providers will have access to your personal details.
  • Respond to requests
  • Process your payments for such products and services
  • Create and maintain your account
  • Send you a newsletter if you have consented
  • Respond to your questions and concerns
  • Review and enhance the quality of our services and products
  • Assist in the detection of frau.
  • To process your booking

Why do we collect, process and store your data?

We needs to collect, process and store your data to enable an efficient and legally compliant delivery of services and products to you (all users).

Legal bases for processing data

We needs to collect, process and store your data to enable an efficient and legally compliant delivery of services and products to you (all users).
  • Consent: When you register on our website, you agree and give us consent to process your data for the delivery of products and services to you by us.
  • Legitimate interests: To enable us to conduct our necessary business but not when our interests are overridden by your interests or rights.
  • Allowing us fulfill a contract: We are required to process your personal information in order to provide you with one of our products or services.
  • Vital interests: When processing of your personal data is vital to protect you or someone else’s life.
  • Legal obligation: When we are required by law to process your personal information. We will always try to contact you unless we are restricted by law.

How long do we hold your data?

We may hold your data for as long as it’s legally required and to enable us to maintain your account. User can request to delete their personal data from our system, please refer to the “User access and choices section” of the policy for details.

Data Security

We take security of user data very seriously and take appropriate steps to keep it secure. At no point we will sell your personal data to another company.

Where is the user data stored and who has access?

The user data is saved on secured dedicated servers in United Kingdom. With industry level security and firewalls to stop any external threats accessing information. The information is accessed by the us and our IT services providers (Tech Developer Ltd) in European Economic Area (EEA) and outside of EEA, to ensure that the website runs smoothly and to carry out administrative tasks. To provide certain services, such as, repeat prescription requests and EPS nomination, we will need to share your personal details with your GP surgery. By using this website and our services, you agree to the collection, storing and processing of your personal data by us. Also, we may host carefully selected third party service provider on our website, such as online doctor providers and vaccination booking providers. If you decided to use these service, your personal data will be shared with them to enable them to provide you with the service.

How do we protect your data?

We take the security of your personal information seriously. When you enter sensitive information, we encrypt the transmission of that using secure socket layer technology (SSL). We do not store any credit or debit card information. Payments are processed via a third party payment provider that is fully compliant with Level 1 Payment Card Industry (PCI) data security standards. Any payment transactions are encrypted using SSL technology. We follow generally accepted standards to protect your personal information submitted to us. We take at least a monthly backup of the data stored on our system and is store in UK based dedicated servers.

Commercial sale of your data?

Under no circumstances will we make your personal data available to a third party company for sale. Your data is used to provide products and services to you.

Limitations of internet based systems

We follow generally accepted standards to protect your personal information submitted to us. Due to the nature of digital information transmission, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.

User Access and Choice

As a user, under the GDPR rules, you have the following rights over your data that we store and hold.
  • Right to be informed: we will explain to you in our privacy policy as to how we use your personal data.
  • Right to correction and completion: you have the right to ask us to correct any of your data which might be inaccurate and complete any data that is incomplete.
  • Right to restrict: In some cases you may request to restrict the processing of your personal data. We reserve the right to store enough data to respect your data restriction request in future.
  • Right to data portability: You have the right to request your data to be provided to you for your own use. This request applies to when processing is based on consent or performance of contract and where when processing is done through an automated system.
  • Right to object: you may object to the processing of your personal data.
  • Right to erasure: You may request to have your personal data erased where its not stopping us from complying with legal requirements.
Right to withdraw consent: you have the right to withdraw your consent at any point by contacting us through the details below. In some circumstances, this might not be always possible or you might have to wait for a period of time for this to take place. Contact us for if you would like to discuss this in detail.

Opt-out Preferences

If you wish to subscribe to our newsletter(s), you can do at the time of registration. We will use your contact details to send the newsletter and other relevant materials that we believe are of benefit to you.You may choose to stop receiving our newsletter by sending us an email request.

Additional Information

Links to 3rd Party Sites

Our website may contain links to other 3rd party websites. The privacy policies of these third party websites will differ from that of ours. It’s your responsibility to read the privacy policy and rules for any 3rd party websites that is linked to us. Your information is governed by their privacy policy. We recommend that you read privacy policy of any 3rd party website before submitting any personal information.

Testimonials

We ask our customers to provide us with feedback in the form of rating and a comment about their experience. This information will be displayed on our website, with the customer first name, in the form of a testimonial. If you wish to update or delete your testimonial, you can request this by emailing us.

Social media widgets

This website includes social media widgets and buttons which are linked to our accounts on the respective social media platforms. These platforms are governed by their own set of privacy policies and terms of use, please check before using any of these platforms.

General Privacy Information

Tracking Technologies / Cookies

A cookie is a small text file that is stored on your computer when you open our website. The information we collect through the cookies is used to find out about your preferences and making your browsing experience more personalised. Please refer to our Cookie policy for details.

Changes to this Policy

We reserve the right to make changes to this privacy policy at any time to reflect the way we handle data at our organisation.

Contact Us

We welcome any questions, comments and requests about this privacy policy and you can reach us on our contact details below.
Earls Barton Pharmacy
26-28 The Square, Earls Barton, Northampton, NN6 0NA
T:01604 812736
E:earlsbartonpharmacy@gmail.com
Hey there! Thanks for reading our privacy policy (you’re living proof that lawyers should exist 👩🏻 💼). As with our T&Cs, we’ve written this in both legalese (in italics) as well as in plain English (in bold).

This privacy policy applies between you (the User of this Website) and us (Habitual Health Ltd., or Habitual for short), the owner and provider of this Website. We take the privacy of your information very seriously. This privacy policy applies to our use of any and all Data collected by us or provided by you in relation to your use of the Website.

  1. Intros & terminology
Legal docs use a bunch of formal terms. Here are the definitions of everything you’ll see in this document.

1.01. WE are Habitual (the trading name for Habitual Health Ltd), a company registered in England and Wales at The Frames, 1 Phipp St, Unit 411, London EC2A 4PS, company number 12193474. In this document we will be referred to as “Habitual”, “we”, and “us”.
1.02. YOU are the lovely person who’s decided to browse our Website or sign up for our program (we’ll refer to you as “the User” and “you”).
1.03. This document (referred to as “the Agreement”) is legally binding between you and Habitual.
1.04. When we refer to our “Website”, this includes tryhabitual.com and all associated subdomains, including your tracking app.
1.05. When we refer to the “Program”, this means our weight loss and habit-change program which includes total diet replacement food products, expert articles, a health tracking web app, and virtual social networks with others going through the Program.
1.06. When we refer to Data, this means collectively all information that you submit to us via the Website and Program. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws.
1.07. When we refer to Cookies, this means a small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website.
1.08. Data Protection Laws refer to any applicable law relating to the processing of personal Data, including but not limited to the Directive 96/46/EC (Data Protection Directive) or the GDPR, and any national implementing laws, regulations and secondary legislation, for as long as the GDPR is effective in the UK. GDPR refers to the General Data Protection Regulation (EU) 2016/679;
1.09. UK and EU Cookie Law refers to the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011. In this privacy policy, unless the context requires a different interpretation:

  1. the singular includes the plural and vice versa;
  2. references to sub-clauses, clauses, schedules or appendices are to sub-clauses, clauses, schedules or appendices of this privacy policy;
  3. a reference to a person includes firms, companies, government entities, trusts and partnerships;
  4. “including” is understood to mean “including without limitation”;
  5. reference to any statutory provision includes any modification or amendment of it;
  6. the headings and sub-headings do not form part of this privacy policy.

  1. What this policy does and doesn’t apply to (scope)
We often link to external websites, however this privacy policy only applies to this Website and associated subdomains.

2.01. This privacy policy applies only to the actions of Habitual and Users with respect to this Website. It does not extend to any websites that can be accessed from this Website including, but not limited to, any links we may provide to social media websites. You are advised to read the privacy policy or statement of other websites prior to using them.
2.02. For purposes of the applicable Data Protection Laws, we are the “data controller”. This means that we determine the purposes for which, and the manner in which, your Data is processed.

  1. Which data we collect
If you choose to participate in the Habitual program, we will collect your personal and health data. We also collect data on your website usage (doing so is all the rage these days).

3.01. We may collect the following Data, which includes personal Data, from you:
3.01.01. personal data (including but not limited to first and last names, date of birth or age, address, email, and phone number)
3.01.02. lifestyle or health data (including but not limited to height, weight, medical and medication history, blood test readings, sleep and eating habits, sleep quality, mood, and GP contact details, );
3.01.03. details of your visits to the Website and the resources that you access (including, but not limited to, traffic data, location data, weblogs, other communication data, and the resources that you access). in each case, in accordance with this privacy policy.
3.01.04. We may also use data supplied from third party marketing services providers to acquire new customers.

  1. How we collect data
Some data is collected automatically, but there’s lots of data you will give to us, primarily through online forms or applications.

4.01. We collect Data both automatically as well as when you give us data.
4.02. Data that is given to us by you may be collected as follows:
4.02.01. When you contact us through the Website, by telephone, post, e-mail or through any other means.
4.02.02. When you elect to receive marketing communications from us
4.02.03. Via online forms on our website and/or hosted by various other third-parties in each case, in accordance with this privacy policy.
4.03. Data that is collected automatically may be collected as follows:
4.03.01 We automatically collect some information about your visit to the Website. This information helps us to make improvements to Website content and navigation, and includes your IP address, the date, times and frequency with which you access the Website and the way you use and interact with its content.
4.03.02. We will collect your Data automatically via cookies, in line with the cookie settings on your browser. For more information about cookies, and how we use them on the Website, see the section below, headed “Cookies”.
4.03.03. We automatically collect information about your interactions with our email marketing communications and product-related emails, such as whether or not you open the email.

  1. How we use data
Data is incredibly powerful and helps us to not only improve your experience but also to ensure your safety and success as you go through our program.

5.01. Any or all of the above Data may be required by us from time to time in order to provide you with the best possible service and experience when using our Website. Specifically, Data may be used by us for the following reasons:
5.01.01. internal record keeping;
5.01.02. improvement of our products / services;
5.01.03. transmission by email of marketing materials that may be of interest to you;
5.01.04. contact for market research and/or marketing purposes which may be done using email, telephone, fax or mail. Such information may be used to customise or update the Website;
5.01.05. evaluating your suitability for the program;
5.01.06. daily tracking information including weight, sleep, mood, and eating, exercise, and mental habits, is used for the purpose of calculating a daily “health score” as well as monitoring your progress;
5.01.07. in order to provide the User with more relevant advice and tips;
5.01.08. and daily journaling for the purpose of allowing you to reflect on your progressin each case, in accordance with this privacy policy.
5.02. We may use your Data for the above purposes if we deem it necessary to do so for our legitimate interests. If you are not satisfied with this, you have the right to object in certain circumstances (see the section headed “Your rights” below).
5.03. For the delivery of direct marketing to you via e-mail, we require your explicit consent, which will be recorded before you share your email information with us.
5.04. Product-related data including daily tracking information and health history will be de-identified during internal reviews and for analytics. By using our services, you consent to your profile data being used for the purposes outlined above.

  1. Who we share data with
We’ll never sell your data, and we only share it with our employees, agents, and professional advisors in order to improve your experience.

6.01. We may share your Data with our employees, agents and/or professional advisors in order to contact you with more information about the Habitual Program as well as to improve your experience on the Program.

  1. Keeping data secure
The security of your data is incredibly important to us, and we take multiple measures to ensure it is stored safely and securely.

7.01. We will use technical and organisational measures to safeguard your Data, for example:
7.01.01. access to your account is controlled by a password and a username that is unique to you.
7.01.02. we store your Data on secure servers.
7.02. Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by emailing dpo@tryhabitual.com
7.03. If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

  1. Data retention
We only hold onto your data for the purposes outlined in section 5.

8.01. Unless a longer retention period is required or permitted by law, we will only hold your Data on our systems for the period necessary to fulfil the purposes outlined in this privacy policy or until you request that the Data be deleted.
8.02. Even if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes.

  1. Your rights
You own your data, which means you have tons of rights, including the right to view, correct, and erase it. Please direct all requests related to your data to dpo@tryhabitual.com.

9.01. You have the following rights in relation to your Data:
9.01.01. Right to access – the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive.” Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
9.01.02. Right to correct – the right to have your Data rectified if it is inaccurate or incomplete.
9.01.03. Right to erase – the right to request that we delete or remove your Data from our systems.
9.01.04. Right to restrict our use of your Data – the right to “block” us from using your Data or limit the way in which we can use it.
9.01.05. Right to data portability – the right to request that we move, copy or transfer your Data.
9.01.06. Right to object – the right to object to our use of your Data including where we use it for our legitimate interests.
9.02. To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us by emailing dpo@tryhabitual.com.
9.03. If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner’s Office (ICO). The ICO’s contact details can be found on their website at https://ico.org.uk/.
9.04. It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.

  1. Changes of business ownership and control
In the case that we sell all or part of the business, your data may be transferred to the new owner.

10.01. We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of Habitual Health Ltd. Data provided by Users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy policy, be permitted to use the Data for the purposes for which it was originally supplied to us.
10.02. We may also disclose Data to a prospective purchaser of our business or any part of it.
10.03. In the above instances, we will take steps with the aim of ensuring your privacy is protected.

  1. Cookies (yum)
Cookies are delicious, and also a nifty technical tool which allows us to improve your experience on our website. You can choose to opt in or out of cookie use.

11.01. This Website may place and access certain Cookies on your computer. We use Cookies to improve your experience of using the Website. We have carefully chosen these Cookies and have taken steps to ensure that your privacy is protected and respected at all times.
11.02. All Cookies used by this Website are used in accordance with current UK and EU Cookie Law.
11.03. Before the Website places Cookies on your computer, you will be presented with a message bar requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling us to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.
11.04. This Website may place the following Cookies:
11.04.01. Strictly necessary Cookies: These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
11.04.02. Analytical/performance cookies: They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
11.05. You can find a list of Cookies that we use in the Cookies Schedule.
11.06. You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser.
11.07. You can choose to delete Cookies at any time; however you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings.
11.08. It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
11.09. For more information generally on cookies, including how to disable them, please refer to aboutcookies.org. You will also find details on how to delete cookies from your computer.

  1. General
Some general terms of this policy. Nothing too exciting.

12.01. You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.
12.02. If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.
12.03. Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
12.04. This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.

  1. Changes to this privacy policy
13.01. We reserve the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the privacy policy on your first use of the Website following the alterations. You may contact Habitual Health LTD by email at dpo@tryhabitual.com should you have any questions or concerns about this policy or changes to it.
Cookies schedule ‍ Below is a list of the cookies that we use. We have tried to ensure this is complete and up to date, but if you think that we have missed a cookie or there is any discrepancy, please let us know.
Cookie
Description
Duration
Type
_ga
This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
2 years
Analytics
_gid
This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
1 day
Analytics
_gat_gtag_UA_148894388_1
Google uses this cookie to distinguish users.
1 minute
Analytics
__hstc
This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
1 year
Analytics
hubspotutk
This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.
1 year
Analytics
__hssrc
This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
Necessary
__hssc
This cookie is set by HubSpot. The purpose of the cookie is to keep track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
30 minutes
Functional