Rafe Pendry 14 Oct 0

Data Controller

This Privacy Policy explains how OurMeds (Website: ourmeds.su) processes personal data. The data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 is Rafe Pendry, trading as OurMeds, IKEA Nottingham, Giltbrook Retail Park, IKEA Way, Giltbrook, Nottingham, NG16 2RP, United Kingdom. You may contact the controller at [email protected].

Scope and Applicability

This Policy applies to personal data collected through our website and related online services. It is intended for users in the United Kingdom and is drafted to comply with the UK GDPR, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR). By using our website, you acknowledge that your personal data will be processed in accordance with this Policy.

Definitions

"Personal data" means information that identifies or can reasonably identify an individual. "Processing" means any operation performed on personal data, including collection, storage, use, disclosure, and deletion. "Controller" means the party determining the purposes and means of processing. "Processor" means a party that processes personal data on behalf of the controller.

Personal Data We Collect

Data you provide to us

  • Contact data: name, email address, and any information you include when you contact us.
  • Preferences: your consent choices and communication preferences.
  • User submissions: any content you choose to submit (e.g., feedback). Please avoid sharing special category data (such as health information) in free text.

Data collected automatically

  • Usage data: pages viewed, links clicked, time spent, referrers, device and browser type, operating system.
  • Technical data: IP address, approximate location derived from IP, device identifiers, and cookie identifiers.
  • Server logs: timestamps, request URLs, status codes, and error diagnostics.

Data from third parties

  • Analytics and measurement partners may provide aggregated or pseudonymised statistics about site usage, subject to your consent where required.

Purposes and Lawful Bases for Processing

Website operation and delivery (Legitimate interests)

We process technical and usage data to operate, secure, and improve the website, diagnose issues, and ensure content is delivered effectively. Our legitimate interest is the efficient and secure provision of our services.

Communications and enquiries (Legitimate interests or Consent)

We process contact details to respond to enquiries you send us. Where we rely on consent (for example, for certain optional updates), you may withdraw your consent at any time.

Analytics and performance (Consent)

We use cookies and similar technologies, and associated analytics tools, to understand how our website is used and to improve user experience. Non-essential cookies are used only with your consent under PECR.

Marketing (Consent)

If we send you direct electronic marketing, we will do so only with your consent (or as otherwise permitted by law). You can opt out at any time.

Security, fraud prevention, and compliance (Legitimate interests and Legal obligation)

We may process data to prevent fraud or misuse, to protect our rights, and to comply with applicable legal obligations.

Special Category Data

Our website provides educational content and does not require you to provide special category data (such as health data). Please do not include health or other sensitive information in free-text fields. If you choose to provide such data in your communications, we will process it only as necessary to respond, based on your explicit submission and our legitimate interests, and will delete it when no longer required.

Cookies and Similar Technologies

We use cookies and similar technologies (such as pixels and local storage) to operate our website and, with your consent, for analytics and performance. Non-essential cookies are placed only after you provide consent via our consent banner or settings.

Types of cookies we may use

  • Strictly necessary cookies: required for core site functionality, security, and network management. These do not require consent.
  • Performance/analytics cookies: help us understand site usage to improve content and usability. Used only with your consent.
  • Functionality cookies: remember your preferences and choices. Used with your consent where required.

Managing cookies and consent

You can manage your cookie preferences at any time via our cookie banner or settings and by adjusting your browser controls to block or delete cookies. Withdrawing consent does not affect the lawfulness of processing before withdrawal.

Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including to meet legal, accounting, or reporting requirements:

  • Enquiries and correspondence: generally up to 12 months after resolution.
  • Consent records and marketing preferences: retained while your consent is active and for up to 24 months thereafter to demonstrate compliance.
  • Analytics data: typically 24 months, or a shorter period where supported by our tools.
  • Server logs and security records: typically up to 12 months, unless extended for investigation or legal reasons.

Where precise retention periods cannot be fixed, we apply criteria-based assessments (e.g., the nature of the data, risks of harm, and legal obligations).

Sharing and Disclosure

We do not sell your personal data. We may share personal data with:

  • Service providers (processors) who support hosting, security, analytics, email delivery, and site functionality and who are bound by contractual confidentiality and data protection obligations.
  • Professional advisers (e.g., legal or accounting) under confidentiality duties.
  • Authorities, regulators, or courts where required by law or to protect our rights or users.
  • Successors in business reorganisation, merger, or transfer, subject to appropriate safeguards.

International Data Transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards, such as the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or reliance on a UK adequacy regulation. You may contact us for further details of the specific safeguards in place.

Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction, considering the state of the art, costs, and the nature of processing. However, no internet transmission or storage system can be guaranteed to be fully secure.

Your Rights

Under the UK GDPR you have the following rights, subject to conditions and exceptions:

  • Right of access to your personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure (right to be forgotten).
  • Right to restriction of processing.
  • Right to data portability.
  • Right to object to processing based on legitimate interests and to object to direct marketing at any time.
  • Right to withdraw consent at any time where processing is based on consent.
  • Right not to be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects. We do not engage in such decision-making.

Exercising your rights

To exercise your rights, please contact [email protected]. We may need to verify your identity before responding. We aim to respond within one month, or within the statutory period where extensions are permitted. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your rights have been infringed.

Direct Marketing

We will send direct electronic marketing communications only with your consent or as otherwise permitted by law. You can withdraw consent or opt out at any time by using any unsubscribe mechanism provided or by contacting us at [email protected]. We do not share your details with third parties for their own direct marketing purposes.

Children’s Privacy

Our website is intended for a general audience and is not directed to children under 16. We do not knowingly collect personal data from children under 16 without appropriate consent where required by law. If you believe a child has provided personal data, please contact us so we can take appropriate action.

Third-Party Links and Services

Our website may include links to third-party websites or services. We are not responsible for the privacy practices of such third parties. We encourage you to review their privacy policies before providing personal data.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will post any changes on this page and update the “Effective date” below. Material changes will be signposted where appropriate.

Contact Information

Controller: Rafe Pendry (OurMeds)

Postal address: IKEA Nottingham, Giltbrook Retail Park, IKEA Way, Giltbrook, Nottingham, NG16 2RP, United Kingdom

Email: [email protected]

Effective Date

Effective date: 14 October 2025

Categories

Popular Post

Ranitidine and Osteoporosis: What the Latest Research Says

August 13, 2025

Nitroglycerin in the Military: Evolution, Roles, and Modern Uses

October 21, 2025

Acer Drug Dosage & Administration Guide

September 19, 2025

Airol Drug Guide: How First‑Time Users Can Take It Safely

October 13, 2025

Ticlopidine for Kids: Safety, Effectiveness & Dosage Guidelines

August 25, 2025

Popular Tags