Vetpharmacy.co.uk Cookie Policy : We use cookies to enhance your user experience. To find out more please view our cookie policy
Privacy & Cookie Policy
Version 1.1.
Last Updated: 17th October 2024
Our Privacy Notice describes the categories of personal data we process and for what purposes.
Introduction and summary
At VetPharmacy we know that your personal data is important to you. That’s why, whenever we use it, we only use what we need to, and we do everything we can to ensure it is appropriately protected.
This notice explains the situations where we may process your personal data and the steps we take to protect it.
Updating this notice
VetPharmacy keeps its privacy policy under regular review, and we may make changes to this notice at any time. Depending on the associated processing risks, we will either contact you with the modified terms, or we will post a copy of these on our website. Any changes will take effect 7 days after the date of our email, or the date on which we post the modified terms on our website, whichever is sooner. Please ensure you regularly check our website for any updated use of your personal data, alongside contact information in the event you have any further queries.
Who we are
VetPharmacy is the trading name for Norchem Healthcare Limited (company number 03465047 registered address Merchants Warehouse, Castle Street, Manchester, England, M3 4LZ). When we say ‘we’ or ‘us’ we mean this company. This company is part of the wider Bestway Healthcare Group of companies, including Bestway Panacea Holdings Ltd (an English and Welsh registered company with company number 09225479, registered address: Merchants Warehouse Castle Street, Castlefield, Manchester, M3 4LZ). When we say ‘Group’ in this notice, we mean other members of our group of companies, including trading and subsidiary companies of Bestway Panacea Holdings Ltd (an English and Welsh registered company with company number 09225479, registered address: Merchants Warehouse Castle Street, Castlefield, Manchester, M3 4LZ) and its trading and subsidiary companies.
How you can contact us
- By Email: sales@vetpharmacy.co.uk
- By Post: VetPharmacy, 18 Oxleasow Road, East Moons Moat, Redditch, B98 0RE.
If you specifically want to contact our Data Protection Officer, you can do so by emailing DPO@bestwayhealthcare.co.uk.
Alternatively, you can write to them at: Data Protection Officer, Merchants Warehouse, 21 Castle Street, Castlefield, Manchester, M3 4LZ.
How we use your personal data
We collect and use your personal data when you:
- Browse our website.
- Register on our website.
- Place an order with us online or by phone.
- Contact us by email, telephone or social media.
- Sign up to our newsletter or other marketing correspondence.
- Enter a competition or prize draw run by us.
What we specifically collect and how we use it depends how you interact with us and the specific services you’ve requested. Some examples of how we use your personal data are as follows:
- When you place an order through our website we will use your name, home address, delivery address, home telephone or mobile number, email address, information about the products you order and payment details.
- If you are purchasing a medicine for your pet you will need to provide health information about your pet.
- When you contact us by email, telephone or social media, we will collect information that we need to respond to your query, and any other supporting information you voluntarily provide to us. This information may include your name, home address, delivery address, home or mobile number, order number, details of products you have purchased or are considering purchasing and health information (if you are enquiring about a medication). The data we collect enables us to respond to your enquiry.
- If you sign up to our email newsletter or another marketing list we have, we will gather your explicit consent to send you communications. This will involve the collection of your name and email address, and if you have ordered with us we may use your purchase history to ensure that the emails you receive are relevant to you. You can opt out at any time by contacting our customer services, or by clicking on the unsubscribe link included in all of our marketing emails (please note that this may take up to 7 days; if we already have a newsletter scheduled to be sent to you then you may still receive this).
- Where you enter into a competition, the type of personal data we will use as a minimum includes your name, email address and home or mobile telephone number. Other information we collect may include your home address, date of birth, and user generated content (e.g. answers to a competition question). We collect this data to carry out prize draws or competitions which you chose to participate in and to determine the winner, or to provide the prize if you win. If we intend to use any of this data for marketing purposes, we will clearly inform you before you enter your details.
When you visit our website, we also collect other information, sometimes referred to as ‘cookies’. Our use of cookies may include the collection of anonymised information about the type of browser you use when visiting our website; your IP and device address; hyperlinks that you have clicked; and other websites you visited before arriving at our website. You can find more about how we use cookies in our Cookie Policy below.
Who we share your personal data with
In the previous section we described instances where we share your personal information with others. There are also other third parties that we use to help us deliver and improve our services to you. In this section, we have summarised the types of third parties who we may share your data with.
- If you wish to purchase an age-restricted product from our website, we have a regulatory responsibility to verify that you are of a suitable age before completing the purchase. We do this alongside a trusted third party supplier. We only use your personal data for this very specific purpose and ensure there are security measures in place to protect your information.
- Where we store your personal information related to a purchase you have made, a third party company may supply the system where this information is securely held.
- When you make a payment for goods or services, a third party company may process this payment.
- We may use third party postal services and couriers to deliver items you purchase.
- Where necessary, we may need to share your personal data with law enforcement agencies where we are required to do so by law. This will most likely be for the detection or prevention of crime, or to exercise or defend a legal claim.
- We may also share your personal data with third party regulators. This may include the Veterinary Medicines Directorate (VMD) or the Information Commissioner’s Office (ICO).
Whenever we use third parties, we will always ensure that only the minimal amount of relevant information is shared and that data is securely deleted once it is no longer required.
Where we process your personal data
We may need to transfer your information outside the UK to service providers, agents, and subcontractors in countries where data protection laws may not provide the same level of protection as those in the European Economic Area. Where this happens, we agree specific safeguards and assurances in our contracts with those providers to ensure there are appropriate controls in place to protect your data. Where necessary, we also ensure we have conducted a full ‘Transfer Risk Assessment’ alongside any necessary contractual obligations. This is an area of legislation that is subject to change, so we always ensure we are fully up to date with updates from the UK Government, the Information Commissioner’s Office, and the European Commission.
Your privacy rights and how to exercise them
Under data protection laws, you have the following rights:
- Right of Access (typically called a “Subject Access Request” or “SAR"): you have the right to know how we process your personal data (as explained in this notice) and also a right to receive a free copy of your personal data.
- Right to Rectification: you can ask us to change or complete any inaccurate or incomplete personal data held about you.
- Right to Object: you have the right to object, in certain circumstances, to us processing your personal data. For example, you can object to us sending you marketing material, or using your personal data to create a profile about you that is related to direct marketing.
- Right to Erasure: in certain circumstances, you can ask us to delete your personal data. For example, where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis to keep it.
- Right to Portability: you have the right to ask us to send a copy of certain elements of your personal data (predominantly information you have shared directly with us) to another company.
- Right to Restrict Processing: you can ask us to restrict the personal data we use about you where you have asked for it to be erased (and the erasure has not taken place, or we were unable to erase the data when we should have) or where you have objected to our use of it.
To make a subject access request, or to exercise any other data subject rights, you can contact us using the information provided in this notice.
It is free to exercise your privacy rights and we will respond to any request as quickly as we can. Under current data protection laws, we have 30 days to respond to any request, unless an exemption applies. We will contact you as soon as we can where we are applying an exemption, which may extend the time we have to process your request.
Children’s data and safeguarding
VetPharmacy will never knowingly process personal data related to children for any purpose other than in the following unique circumstances:
- Where welfare or safeguarding concerns are raised about a child or children. This may involve VetPharmacy liaising with local authorities to ensure the protection of those involved. Wherever this occurs, Chemist.net will always consider whether consent is appropriate and, if it is not, another legal basis will be established.
- Our website collects cookies, which may inadvertently relate to children who visit our website. However, the resulting cookie activity (e.g. to improve the functionality of our website) does not cause a sufficient level of harm to impact children.
There may be occasions where it becomes necessary to safeguard individuals, either from others or themselves. We always take any decision around sharing data of this nature with other authorities or bodies incredibly seriously, and we ensure that our internal policies also reflect this. Data protection laws are still applicable, and, in serious cases, the sharing of personal data will likely be done using one or more of the following legal bases:
- Vital interests (to protect those of the data subject/s).
- Reasons of substantial public interest, which may include:
- Preventing or detecting unlawful acts.
- Protecting the public.
- Safeguarding of children and individuals at risk.
- Safeguarding of economic wellbeing of certain individuals.
We also have a responsibility to safeguard adults who lack mental capacity under the Mental Capacity Act (2005). VetPharmacy always weighs up the necessity of sharing any personal data for purposes above and beyond that which the data subject is already aware of and considers whether consent is an available option. Any personal data this is ultimately shared will be done so after internal consideration alongside VetPharmacy’s Data Protection Officer and other senior responsible individuals, and only the minimum amount of information is securely shared.
How long we retain your personal data
VetPharmacy will retain your personal data for as long as we are legally or contractually required to do so, or for a period which is justifiable to meet our business needs. The exact retention period varies depending on the type of information and purpose for use, and our internal policies support this activity.
Marketing and communications
If you have given your consent, or if we believe legitimate interests may apply, we will, from time to time, contact you about the products and services we offer.
The marketing we send to you may be tailored to make it more relevant. This is done by analysing the data we hold on you (e.g. services previously used, age, address, previously stated health and wellbeing interests) to create a profile. If you want to receive marketing from us, but do not want this to be tailored then you can object to the profiling as described under "What are your privacy rights and how can you exercise them?". Alternatively, unsubscribing from marketing will also cease the profiling activity we conduct.
We may also contact you in the following scenarios:
- To request that you take part in customer feedback and surveys. This allows us to collect insights on the service we provide and what our customers may want from us in the future.
- To provide an update on an order you have placed.
- To confirm a delivery slot for an order you have placed.
We will send these communications to you either by email, post - or both - depending on the content and context of the communication. Every marketing communication we send will include instructions on how to opt-out. Some of our communication will be contractual in nature, however if our communication is of a direct marketing nature, you can change your marketing preferences at any time using the contact information provided in this notice.
Cookie Policy
When you visit our website we collect anonymised information about the type of browser you use when visiting our website, your IP and device address, hyperlinks that you have clicked, websites you visited before arriving at our website and information collected by cookies or similar tracking devices. The use of cookies lets us know if you have visited us before and your preferences so we can provide you with a personalised experience. When you first visit our website on a device there is a pop-up message; you consent to the use of these non-essential cookies when you tick the box in this message. You can provide/revoke consent at any time via your browser settings.
The table below lists the cookies we collect and the information they store.
| Cookie Name | Cookie Description |
| CART | The association with your shopping cart. |
| CATEGORY_INFO | Allows pages to be displayed more quickly. |
| COMPARE | The items that you have in the Compare Products list. |
| CUSTOMER | An encrypted version of your customer id. |
| CUSTOMER_AUTH | An indicator if you are signed into the store. |
| CUSTOMER_INFO | An encrypted version of the customer group you belong to. |
| CUSTOMER_SEGMENT_IDS | Stores your Customer Segment ID. |
| EXTERNAL_NO_CACHE | A flag that, indicates whether caching is on or off. |
| FRONTEND | Your session ID on the server. |
| GUEST-VIEW | Allows guests to edit their orders. |
| LAST_CATEGORY | The last category you visited. |
| LAST_PRODUCT | The last product you looked at. |
| NEWMESSAGE | Indicates whether a new message has been received. |
| NO_CACHE | Indicates whether it is allowed to use cache. |
| PERSISTENT_SHOPPING_CART | A link to information about your cart and viewing history if you have asked the site. |
| RECENTLYCOMPARED | The items you recently compared. |
| SELECTEDOPTION | Used to store your selected product options. Expires after 7 days or when order is successfully placed. |
| STF | Information on products you emailed to friends. |
| STORE | The store view or language you have selected. |
| TERMS_CONFIRM | Indicates when terms and conditions have been accepted. Expires after 7 days or when order is successfully placed. |
| USER_ALLOWED_SAVE_COOKIE | Indicates whether a customer authorised cookies. |
| VIEWED_PRODUCT_IDS | The products that you recently looked at. |
| VP_DISCOUNT_POPUP | Indicated whether you have closed the pop-up banner on the home page. Expires after 7 days. |
| WISHLIST | An encrypted list of products added to your wish list. |
| WISHLIST_CNT | The number of items in your wish list. |
Registering on our website
There is no obligation to register on our website to make a purchase, however registering has a range of benefits including easier checkout and the ability to track your orders. When you register you will need to provide your email address and create a password. You may also need to provide your home address, telephone number and date of birth (to fulfil our legal obligations in regards to the sale of restricted products such as medicines and electronic cigarettes).
Placing an order
The information we collect from you here is required in order to perform our contact with you (sending you the products you request from us); name, home address, delivery address, home telephone or mobile number, email address, information about the products you order and payment details. If you are purchasing a medicine you will also need to provide health information about the pet who will be taking the medication.
If you have placed an order and would like to delete your account, this will be considered on a case by case basis as it will depend on what you have purchased from us as to what our legal and regulatory obligations are; please contact us and we will advise accordingly.
Contacting us by email, telephone or social media
The information we collect when you contact us will depend on the nature of the enquiry and whether you are querying an order you have already placed; we will only collect information that we need to respond to your query and/or that you voluntarily provide to us. This information may include your name, home address, delivery address, home or mobile number, order number, details of products you have purchased or are considering purchasing and health information (if you are enquiring about a medication). The data we collect enables us to respond to the enquiry that you initiate.
Signing up to our newsletter
We will only send you our email newsletter if you explicitly consent to this; this can be done when you register for your account, or via the separate registration link. We collect your name and email address, and if you have ordered with us we may use your purchase history in order to ensure that the emails you receive are relevant to you. You can opt out at any time by contacting customer services or by clicking on the unsubscribe link included in all of our marketing emails. Please note that this may take up to 7 days; if we already have a newsletter scheduled to be sent to you then you may still receive this.
Entering a competition or prize draw run by us
The data we will collect will depend on the competition being run but will include as a minimum: name, email address and home or mobile telephone number. Other information we collect may include your home address, date of birth, and user generated content (e.g. answers to a competition question). We collect this data to carry out prize draws or competitions which you chose to participate in and to determine the winner or to provide the prize if you win. If we intend to use any of this data for marketing purposes, we will clearly inform you before you enter your details.
5) Processing Personal Data about children
Our website is intended for adults.
6) How do we keep your Personal Data safe?
We maintain appropriate technical and organisational measures to protect the Personal Data you provide. This includes, but is not limited to, using only secure servers and payment providers, rigorous and regular staff training, DBS checks and compliance with NHS Information Governance requirements and the NHS Code of Practice on Confidential Information.
7) What about third party companies?
We may need to share your information with third party companies to fulfil our contract to you and/or to fulfil our legal obligations. Depending on the nature of the product/service you request from us, and whether you consent to marketing emails, these organisations may include:
- Parcel couriers, including Royal Mail and DX.
- Payment providers such as Opayo (formerly Sage Pay) and PayPal.
- Companies that provide fraud and money laundering checks.
- Companies that enable us to run the website and associated services, such as web hosting, development, email delivery, reviews and feedback surveys.
We provide the minimum amount of information that these third parties require in order to fulfil the services that are outsourced to them. We have contracts in place to ensure that these companies also keep your personal information secure and confidential.
8) Sharing your information outside the European Economic Area (EEA)
Personal data can be transferred, processed and stored within the EEA (comprising all of the European Union countries, Iceland, Liechtenstein and Norway) safely and securely as they offer an adequate level of protection in comparison to the UK.
Most of our data is stored and processed within the EEA, however we also transfer your data to India, where our web development team is based. We ensure that your personal data is subject to the same standards of protection and security by means of standard contractual clauses. We also conduct a full review of all new suppliers’ processes and procedures.
9) How long do we keep your Personal Data?
We hold your personal information for as long as we have a legal or business reason to do so, which generally means as long as you remain our customer or as required to meet our legal obligations. To fulfil our obligations to the NHS or regulatory bodies, we may need to retain your health-related information for a period of time after you cease to be our customer. We will always store your data securely and won’t use it for any other purpose.
10) Your rights
Under the GDPR (General Data Protection Regulation) you have the eight rights listed below:
For more information on these rights, please visit https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
To exercise your rights, please contact our customer services team and request a call/email from our Data Protection Officer.
If you wish to stop receiving marketing emails you can do so by clicking the unsubscribe link on any of the marketing emails you receive or by contacting our customer service team.
Please note that withdrawing your consent will not affect the lawfulness of the processing before the withdrawal.
Making a complaint with the Information Commissioner’s Office
If you think that any of our processing activities violates data protection laws, you can lodge a complaint with the (www.ico.org.uk).
11) Other Information
Our website may contain links to external websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
Find out more about protecting your information and staying safe online: https://www.getsafeonline.org/get-safe-top-10/
12) Changes to our Privacy Policy
We may change this Privacy Policy from time to time by posting the updated version of the Privacy Policy here so we recommend that you check this page regularly. The date of the current Privacy Policy can be found at the top of this page.