1. Let’s talk about your personal information
The policy explains how ‘we’ or ‘Adrian Dunne Pharmacy’ uses your personal information, whether using our healthcare services or having a prescription made up at your local pharmacy.
2. Our promise to you
3. Who’s in control of your information?
4.1 About Cookies
Cookies are small files that are created and saved on your phone, tablet or computer when you visit a website. The term cookies can refer to cookies set in your web browser (e.g. Chrome, Safari, Edge, Firefox or Brave) as well as a number of similar technologies including tracking pixels/web beacons, local shared objects/flash cookies and access to device information.
They store information about how you use our website, such as the pages you visit on our website and how you interact with the content on some of those pages. If you use the social media buttons on our website and allow the cookies from the companies that own these platforms then they will collect information about you.
Cookies are not viruses or computer programs. They are very small so do not take up much space.
We may use Google Analytics to assist in managing our website to ensure we provide relevant information in an easily accessible format and as a tool to give our customers best service.
Below is a list of cookies that we use:
|__stripe_mid||Necessary||1 year||Stripe sets this cookie to process payments.|
|__stripe_sid||Necessary||30 minutes||Stripe sets this cookie to process payments.|
|_ga||Analytics||1 year 1 month 4 days||Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.|
|_ga_*||Analytics||1 year 1 month 4 days||Google Analytics sets this cookie to store and count page views.|
|_gat_gtag_UA_*||Analytics||1 minute||Google Analytics sets this cookie to store a unique user ID.|
|_gid||Analytics||1 day||Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.|
|_GRECAPTCHA||Necessary||5 months 27 days||Google Recaptcha service sets this cookie to identify bots to protect the website against malicious spam attacks.|
|_hashealth_session||Others||1 hour||Description is currently not available.|
|CONSENT||Analytics||2 years||YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.|
|cookielawinfo-checkbox-advertisement||Necessary||1 year||Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.|
|cookielawinfo-checkbox-analytics||Necessary||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".|
|cookielawinfo-checkbox-functional||Necessary||11 months||The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".|
|cookielawinfo-checkbox-necessary||Necessary||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".|
|cookielawinfo-checkbox-others||Necessary||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.|
|cookielawinfo-checkbox-performance||Necessary||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".|
|CookieLawInfoConsent||Necessary||1 year||CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.|
|VISITOR_INFO1_LIVE||Advertisement||5 months 27 days||YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.|
|YSC||Advertisement||session||Youtube sets this cookie to track the views of embedded videos on Youtube pages.|
|yt-remote-connected-devices||Advertisement||never||YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.|
|yt-remote-device-id||Advertisement||never||YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.|
|yt.innertube::nextId||Advertisement||never||YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.|
|yt.innertube::requests||Advertisement||never||YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.|
When you use Wi-Fi we may collect data about:
- your device
- the volume of data which you use
- the websites and applications which you access
- your usage by access time, frequency and location
We will use the data we collect when you use Wi-Fi in order to capture general trends in wi-fi usage amongst our customers and to monitor and improve the Wi-Fi service.
4.3 Amending Cookie preferences
You can amend your cookie preferences at any time by clicking the ‘My Cookie Settings’ in the footer of our website or by using the ‘Manage your consent’ link in 4.1 above.
5. How we collect personal information about you
We collect personal information about you whenever you shop with us instore or online or use our services. The information you give us directly when, for example, you sign up for our Skincare Loyalty Scheme, post comments on our Facebook page, pre-order your prescription using our online form or have a prescription dispensed in one of our pharmacies.
5.1 Information we get when we acquire new pharmacy
If you’re a customer of a pharmacy business that’s been taken over by Adrian Dunne Pharmacy, we’ll receive your personal information from them as part of the handover process. Where this happens, we place a notice in-store to tell you that your personal information is changing hands. If you don’t wish for your data to be transferred to us, you should speak to our store manager.
5.2 Information we get from your GP or healthcare professional
We provide a range of clinical and healthcare services which are private services or are provided on behalf of the Health Services Executive (HSE). Where these require information to be obtained from or transmitted to your GP, we’ll tell you that this is necessary before providing you with the service. We’ll only share information to meet our regulatory obligations.
5.3 Information we get from social media
We may obtain information posted publicly on social media sites and use it to help us understand how our different customers interact with us. We do this in a way that doesn’t always identify individual customers. For example, we may look at which groups of customers are more likely to talk to us via social media or use social media to talk about products sold by us. If you raise a query or a complaint through Adrian Dunne Pharmacy social media pages, we’ll of course have a record of your user name. This is used only to enable us to correspond with you and resolve the matter you’ve raised.
5.4 Information provided by other people on your behalf
5.4.1 Booking appointments for other people
If someone books an appointment on your behalf we’ll ask them for basic details about you, which may include health details. Of course, we’ll check with you when you come to your appointment to make sure the information we’ve been given is accurate.
If you’re booking an appointment for someone else, please make sure they’re happy for you to provide their personal information on their behalf and that they understand why we need to ask for it. We don’t use it for any other purpose.
5.4.2 Dispensing services: care homes
If you or a relative are a resident of a care home to which we provide dispensing services, we will receive personal information from them to enable us to dispense prescriptions safely and comply with our legal and regulatory obligations.
6. How and why we use your personal information
We use your personal information for a number of different purposes. Some are essential for us to provide the services you use or to fulfil our legal obligations, some help us run our business efficiently and effectively, and some enable us to provide you with more relevant and personalised offers and information. In all cases, we must have a reason and a legal ground for processing your personal information. Some of the most common legal grounds we rely on are briefly explained below.
Where we are processing your personal information for marketing purposes you’ll see a consent tick box on our forms – this may be on a form instore or on our website.
We may use consent where we’re asking you to confirm your marketing preferences to ensure we only contact you via the medium you have chosen i.e. phone, text or email.
We may ask you for your consent when you’re entering any sort of competition.
Important: You have the right to withdraw your consent at any time if you no longer want to be part of our marketing activity. However, please note that any processing carried out before you withdraw your consent will remain valid. We may be unable to provide a certain number of our services to you if you withdraw your consent.
Processing personal information for the purposes of providing a service or product to you.
When you choose to use certain services, such as administering your prescriptions or booking an appointment with a healthcare professional in-store or online, or making a purchase online, by providing your personal information voluntarily you consent to us using your personal information to provide that service to you.
6.3 Legal obligation
We provide a range of clinical and healthcare services. As part of this, we are required to share certain amounts of personal information with the HSE in order to meet legal obligations.
6.4 Legitimate interest
We have an interest in making sure our marketing is relevant for you, so we may process your information to send you marketing material that’s tailored to your interests.
As a healthcare provider, we’re regulated by the Pharmaceutical Society of Ireland (PSI), all of which may set out standards and codes of practice with which we need to comply. Where we provide pharmacy services in our pharmacies on behalf of the HSE, we also have to comply with HSE information governance requirements.
6.5 Things we need to do to provide you with the services you’ve requested
6.5.1 Providing our products and services
We use your personal information to provide our products and services, for example to set up and run your account, process orders and transactions, respond to queries and comments and provide you with the best possible level of customer service. We may use it to contact you about orders you’ve placed, appointments you’ve booked or to send you reminders (e.g. about repeat prescriptions). We may also contact you in emergency situations such as an urgent product recall or where we have a duty of care to notify you of information that relates to your health.
6.5.2 Can I object to having my data used for this?
No, this covers the many procedures and legal obligations that we need to carry out in order to provide you with the service(s) you’ve requested and also to protect you in emergency situations.
6.5.3 Keeping our records up to date
We have a legal obligation to keep the personal information we hold accurate and up to date.
The information we hold about you on our prescription dispensing system originates from your prescriber (usually your GP or a hospital) and is used only in connection with dispensing prescriptions. Any updates you make to information held elsewhere in our text messaging service or in-store loyalty schemes, aren’t applied to information held on this system.
6.5.4 Can I object to this?
Yes, however there may be legal and regulatory requirements that require us to keep your information up to date if you’re our service.
6.5.5 Crime prevention and detection
Like all retailers, we undertake certain activities that enable us to provide our customers and colleagues with a safe, secure and legal environment in stores.
In our stores, we use CCTV to prevent and detect crime. Where we do this we display clear signage.
6.5.6 Can I object to this?
Yes, however there may be legal and regulatory reasons that these activities need to be carried out as mentioned above. Therefore, we may not be able to prevent processing your data for this reason as it’s essential to protect our customers, our colleagues and our business.
6.6 Things we do to provide you with a better service
The following are things we do as a business to help us operate effectively and efficiently, and in turn provide you with better and simpler services. It’s in our legitimate interests to do these things and we do them in a way that respects and minimises any impact on your privacy.
6.6.1 Learning more about our customers and our business
We carry out basic analytics on the information we hold about you to help us understand who you are, how you use our services, and how you interact with us. This enables us to plan our business – for example stock and staffing levels make sure we offer in-store, maximise the effectiveness of our advertising and understand how our business is performing. We don’t do this in a way that enables you to be identified. It’s not related to the direct marketing or special offers that we send to you based on your use of the Adrian Dunne Pharmacy Group services.
6.6.2 Can I object to this?
Yes, you have the right to object to the way we use your data if you believe our legitimate interest in doing it is outweighed by your right to privacy. This type of basic analysis is important in enabling us to operate efficiently. As we carry it out in a way that doesn’t identify individuals, we believe it has no impact on your privacy.
6.6.3 Using your data with your consent – sending you marketing material
We use your information to send you offers and information via text and/or email. You’ll always be asked if you want to receive offers and information and via what channels you’d like to receive them.
6.6.4 Can I object to this?
Yes, you can change your mind about receiving marketing material from us at any time by following the OPT OUT instructions on any text message you receive from us, or by using the unsubscribe link at the bottom of any of the emails you receive from us.
If you apply for an open role with us with us, personal details gathered will only be used for that purpose. Your data will be shared with colleagues within the Company where it is necessary for them to undertake their duties with regard to recruitment. This includes, for example, the HR department and hiring managers and staff who are responsible for screening your application and interviewing you.
In some cases, we may collect data about you from third parties, such as employment agencies.
Your data will be shared with third parties if you are successful in your job application. In these circumstances, we will share your data in order to obtain references as part of the recruitment process.
If we have sought and gained your consent to keep your data on file for future job vacancies, we will keep your data for one year once the recruitment exercise ends. At the end of this period, we will delete or destroy your data, unless you have already withdrawn your consent to our processing of your data in which case it will be deleted or destroyed upon your withdrawal of consent.
If your application is successful, your data will be kept and transferred to the systems we administer for employees. We have a separate privacy notice for employees, which will be provided to you.
8. Online orders
We need to collect and process personal data about you via the information you provide to us when carrying out and completing an online transaction. If you are purchasing an over the counter medicine, you will be required to confirm you are over the age of 18 (a legal requirement enforced by the Pharmaceutical Society of Ireland). Please note, we are legally obliged to share the information pertaining to your transaction with governing bodies such as PSI, IPU, and HSE if we are required to do so.
All credit/debit card payments are securely handled by an industry-leading payment processor and are never stored on our website.
The data we collect from you when you complete a transaction:
• Postal address
• Email address
• Telephone number
• Passwords (optional)
• Order history/wishlist (optional)
• Payment Details (we will never store your payment details)
By entering into a contract with us, you agree to our retention of records of every transaction up to a period of six years as required by the Irish Revenue.
9. Adrian Dunne Pharmacy & Healthcare service
As a healthcare provider, we are regulated by the Pharmaceutical Society of Ireland who set out the standards and code of practice with which we need to comply. Where we provide HSE services in our pharmacies we also have to comply with the HSE Information Governance requirements.
9.1 Important: using information about your prescriptions
When you use our services, some of the information we collect may be about your health includes data from HSE bodies such as your GP or hospital. We understand the sensitivity of this information and will only use it to provide you with these services and fulfil our legal obligations to the HSE or similar bodies. As a healthcare provider, we’re regulated by the Pharmaceutical Society of Ireland (PSI) who may set out requirements which we need to comply with when processing personal information. This includes timescales for keeping data, reporting requirements and professional codes of practice. Where we provide HSE services, we’re required to comply with HSE Information Governance requirements.
Where we’re contracted to provide a service to or on behalf of the HSE, we’ll use your personal information to help us meet our contractual requirements to the HSE.
9.2 Dispensing prescriptions
The information we hold on your personal medical record is used only to enable us to dispense your prescription legally, safely and to fulfil our requirements to you and the HSE.
9.3 Can I object this?
No. If you request us to carry out this service we need to use this information to dispense your prescription safely and legally.
9.4 Prescription details
We’ll never use information about your prescriptions for marketing, although we may use it to let you know about services we provide that might be useful and relevant to you when you come into our pharmacy. For example, when you collect a prescription our Pharmacist might ask if you’d like to take advantage of a pharmacy service such as vaccination, ambulatory blood pressure monitoring or other similar services that may be relevant and useful to you. These services are voluntary, but if you choose to use them we’ll need to ask you some health-related questions in order to fulfil our legal and contractual obligations to the HSE (where the service is provided in partnership with the HSE). The information you give us will only be shared with the HSE, where this is required, and we won’t use it for any other purpose.
9.5 Sharing with the HSE
We share information with the HSE to fulfil our legal obligations as a provider of pharmacy services, or where we have a duty of care to do so. For example, to obtain payment for the services we provide and to measure the effectiveness of services.
In some circumstances, we might need to let your GP know we’ve prescribed an item or given you a particular service.
If you’ve asked us to register you for a HSE scheme or service such as the Drug Payments Scheme, we’ll pass your personal information to the HSE using a secure method of data transfer. This is so the HSE can register you for the relevant scheme or service.
If you choose to have one of the HSE funded services provided in our pharmacies, such as a Covid-19 Booster vaccination or the Winter Flu Vaccination Service, we’ll ask you for health-related information which is needed to fulfil our contractual obligations to the HSE. We share this information only with the HSE and your GP, and won’t use it in any other way, although we may use your contact details to send you reminders about any follow-up appointments.
9.6 Changes to our business
If ownership of all or part of our business changes, or we undergo a reorganisation, including an acquisition we’ll transfer your personal information to the new owner or successor company so we can continue to provide our services.
9.7 How long do we keep your personal information?
We hold your personal information for as long as we have a legal or business reason to do so, which generally means as long as you remain our customer or as required to meet our legal obligations, resolve disputes or enforce our agreements. To fulfil our obligations to HSE, regulatory or similar bodies, health-related personal information may need to be retained for a period of time after you cease to be our customer. We’ll always store it securely and won’t use it for any other purpose.
10. Staying in control of your information: your rights
We respect the fact that your personal information is your information, and we’ll make it easy for you to update or change your personal details or marketing permissions.
Please help us to help you by letting us know if your contact details change, or if you spot any errors in the information we hold about you. You can exercise any of these rights by submitting a request to firstname.lastname@example.org or call into your pharmacy to speak with one of our managers. For all requests to exercise the rights mentioned below, there is a 30 day limit to which the Adrian Dunne Pharmacy Group must respond by and you’re required to provide proof of your identity.
10.1 Your right of access
You have the right to request a copy of the personal information held by us about you and to access certain information in relation to the processing of your personal information. You’ll be asked to provide confirmation of your identity before this information is provided to you. If you’d like a copy of the information that we hold about you, including a copy of your patient medication record, you can request the pharmacy providing your medicines to provide this to you or please contact email@example.com.
10.2 Your right to move your data (Data Portability)
Under certain circumstances you can request that we move your data to another service provider. This isn’t an automatic right, depending on the type of data that we hold about you and the reason we process the data will depend on what we are able to do.
10.3 Your right to object to processing
You have a right to object at any time to the processing of your personal information where we process your personal information based on our legitimate interests.
You also have the right to request that we stop certain data processing activities that involve processing your personal information. This can be processes such as collecting your name and address on an account to deliver goods to you, among other examples given above. This isn’t an automatic right, depending on the type of data that we will hold about you, and why, will depend on what we are able to do.
10.4 Your right request deletion
10.5 Your right to withdraw your consent
You can withdraw your consent at any time where we rely on your consent to process your personal information. However, please note that any processing carried out before you withdraw your consent will remain valid. We may be unable to provide certain of our services to you if you withdraw your consent.
10.6 Your right to rectification
You have the right to request that we amend any inaccurate personal information that we have about you. Please help us to help you by letting us know if your contact details change or if you spot any errors in the information we hold about you.
10.7 Your right to restriction
You have the right to ask us to restrict processing your personal information.
10.8 Your right to complain to the DPC
Although we hope it never comes to this, you do have the right to complain to the DPC about any of our processing activities at through the Data Protection Authority Ireland.
If you require access to CCTV footage, for example if you’re the victim of a crime that takes place on our premises, you should contact us to check availability at firstname.lastname@example.org
We’ll ask the date and approximate time of the incident you wish to view and as much detail as you can to help us locate the correct footage. We’ll do our best to help, but there are situations in which we may be unable to make CCTV footage available to you, such as where the incident occurred some time ago or if we believe that allowing you to view it would breach someone else’s privacy.
12. Security of your Data
We use industry standard security measures to protect your information and to prevent the loss, misuse or alteration of any information in our control. All our personnel are subject to strict confidentiality obligations. However, as effective as modern security practices are, no security system is entirely secure and we cannot guarantee the security of your information.
13. Links to other websites
Our website may contain links to other websites. We are not responsible for the privacy practices or the content of such other websites. If you link to or visit another website, please review the privacy statement for that website.
14. Who to contact
For all questions relating to this policy please contact email@example.com
We may change this Privacy Statement from time to time. If we make changes, they will be posted here so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it.
Each time you use this website the then current Privacy Statement will apply and you should review it each time you use the website to satisfy yourself that you are happy with it.