Data Protection

  • Home
  • Data Protection

Data Controller and Key Information

This notice explains how 247-drugstore.com Pharmacy (the “Website”) processes personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller: 247-drugstore.com Pharmacy, represented by Landon Sterling.

Registered Correspondence Address: 614 S Main St, Smith Center, KS 66967, United States.

Primary Contact Email: [email protected].

If you have any questions about this notice or your rights, please contact us using the details above.

Scope and Legal Framework

This notice applies to personal data processed about visitors, registered users, newsletter subscribers, and customers located in the United Kingdom in connection with the Website’s information, advisory, and related services.

All processing is carried out under the UK GDPR, the Data Protection Act 2018, and other applicable UK data protection laws.

Definitions

“Personal data” means any information relating to an identified or identifiable natural person. “Processing” means any operation performed on personal data, such as collection, storage, use, disclosure, or deletion. “Special category data” includes data concerning health.

Categories of Personal Data We Process

  • Identity Data: names, titles, and age range.
  • Contact Data: email address, telephone number, postal address.
  • Account Data: usernames, passwords, security credentials, preferences.
  • Transaction Data (if purchases are offered): order details, billing information, fulfillment records; payment card data is handled by our payment processors and not stored in full by us.
  • Technical and Usage Data: IP address, device identifiers, browser type, operating system, pages viewed, time stamps, cookies and similar technologies, referral URLs, interaction logs.
  • Communication Data: enquiries, support requests, survey responses, and marketing preferences.
  • Health and Special Category Data: only if you voluntarily provide information about medical conditions, medications, or related health details for advisory purposes; we aim to limit such collection to what is strictly necessary.

Purposes and Lawful Bases for Processing

  • Providing and Operating the Website and Services: to deliver content, features, and user accounts; lawful bases: performance of a contract (where applicable) and our legitimate interests in operating a secure and useful service.
  • Customer Support and Communications: to respond to enquiries and provide assistance; lawful bases: performance of a contract (where applicable) and legitimate interests.
  • Personalisation and Service Improvement: to understand usage and improve content and user experience; lawful basis: legitimate interests; where personalisation relies on cookies or similar technologies that are not strictly necessary, we rely on consent.
  • Marketing Communications: to send newsletters or offers; lawful basis: consent. You may withdraw consent at any time.
  • Compliance, Security, and Fraud Prevention: to comply with legal obligations, enforce terms, prevent misuse, and protect our rights; lawful bases: legal obligation and legitimate interests.
  • Processing of Special Category Data (Health Information): only with your explicit consent (UK GDPR Art. 9(2)(a)) and strictly for the stated purpose, or where necessary for the establishment, exercise, or defence of legal claims (Art. 9(2)(f)). We do not use special category data for marketing without explicit consent.

Cookies and Similar Technologies

We use cookies and similar technologies to operate the Website, remember preferences, measure performance, and, where consented, provide analytics or advertising features.

  • Strictly Necessary Cookies: required for core functionality (lawful basis: legitimate interests/necessary for the service).
  • Preference Cookies: remember choices (lawful basis: consent, where required).
  • Analytics Cookies: help us understand usage to improve services (lawful basis: consent).
  • Advertising/Targeting Cookies (if used): to deliver relevant content (lawful basis: consent).

You can manage your choices via our cookie controls (where provided) and through your browser settings. Withdrawing or refusing non-essential cookies will not affect strictly necessary operations but may limit certain features.

Sources of Personal Data

  • Directly from you: when you create an account, contact us, subscribe, or provide information through forms.
  • Automatically: through your use of the Website (Technical and Usage Data).
  • From third parties: such as payment processors, analytics providers, or service partners that support our operations, where permitted by law.

Sharing of Personal Data

We share personal data only as necessary and in accordance with applicable law.

  • Service Providers/Processors: hosting, cloud storage, analytics, customer support, email delivery, security, and payment processing providers under written contracts and subject to appropriate safeguards.
  • Professional Advisers: legal, compliance, and accounting advisers under confidentiality obligations.
  • Authorities and Regulators: where required by law, to comply with legal obligations, or to protect rights, property, or safety.
  • Business Transfers: in connection with a reorganisation, merger, or sale of assets, in which case appropriate safeguards will be applied.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the United Kingdom, including the United States, where our controller and some providers may be located. Where we transfer data internationally, we implement appropriate safeguards such as adequacy regulations, the International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, transfer risk assessments, and supplementary measures as required by UK law. Copies of relevant safeguards can be requested by contacting us.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

  • Account and Profile Data: retained for the life of the account and then deleted or anonymised within a reasonable period.
  • Transaction Records (if applicable): retained for up to 6 years to meet tax and record-keeping obligations.
  • Customer Support Communications: retained for up to 3 years after resolution, unless a longer period is required to establish, exercise, or defend legal claims.
  • Marketing Data: retained until you withdraw consent or object, after which we will suppress your details to honour your preferences.
  • Cookies/Analytics Data: retained in accordance with stated lifetimes in our cookie controls.

Security of Processing

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, least-privilege principles, network segmentation, audit logging, vulnerability management, and staff confidentiality commitments. While we strive to protect personal data, no system is completely secure, and residual risks may remain.

Special Category Data and Health Information

We do not require you to submit health information to access general content. If you choose to provide health-related data for advisory interactions, we will process such information with your explicit consent, limit access on a need-to-know basis, and apply heightened security controls. We do not use special category data for marketing without your explicit consent, and we do not make automated decisions based solely on special category data that produce legal or similarly significant effects.

Children’s Data

Our services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us so we can delete it promptly.

Automated Decision-Making and Profiling

We do not conduct solely automated decision-making that produces legal effects or similarly significant effects on you within the meaning of UK GDPR Article 22. Any personalisation we perform is limited and subject to your consent where it relies on non-essential cookies.

Your Rights Under UK GDPR

Subject to conditions and exemptions in law, you have the following rights:

  • Right of Access: to obtain confirmation and a copy of your personal data.
  • Right to Rectification: to correct inaccurate or incomplete data.
  • Right to Erasure: to request deletion of personal data in certain circumstances.
  • Right to Restriction: to request restriction of processing in certain cases.
  • Right to Data Portability: to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible.
  • Right to Object: to processing based on our legitimate interests or for direct marketing, including profiling related to such marketing.
  • Right to Withdraw Consent: where processing relies on consent, without affecting the lawfulness of processing before withdrawal.

How to Exercise Your Rights

To exercise your rights, contact us at [email protected]. We may need to verify your identity before acting on your request. We will respond without undue delay and within one month; this may be extended by two further months for complex or numerous requests, in which case we will inform you.

Complaints to the ICO

You have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO). ICO Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom.

UK Representative

Where Article 27 of the UK GDPR requires the appointment of a UK representative, details will be published here. Until then, please contact the Data Controller directly using the details in this notice.

Third-Party Links and Services

The Website may reference third-party content or services. Your interactions with third parties are governed by their respective notices. We encourage you to review their data protection practices before providing personal data.

Changes to This Notice

We may update this notice from time to time to reflect changes in our practices or legal requirements. Material changes will be highlighted on the Website. Please review this page periodically.

Contact Details

Data Controller: 247-drugstore.com Pharmacy, c/o Landon Sterling.

Postal Address: 614 S Main St, Smith Center, KS 66967, United States.

Email: [email protected].

Effective Date

This notice is effective as of 20 August 2025.

Elliot Buzzetti

Elliot Buzzetti

I am a passionate pharmaceutical expert based in Melbourne, Australia. My work primarily involves researching and developing innovative medication solutions to enhance patient care. I love writing about various topics related to medication, diseases, and supplements, aiming to spread knowledge and empower people about their health. In my free time, you'll find me exploring the outdoors or engrossed in my latest read.

Search

Latest Posts

How to Buy Nasonex Online Safely: Step-by-Step Guide and Best Sources

How to Buy Nasonex Online Safely: Step-by-Step Guide and Best Sources

csmedcenter.net Review: Honest Look at a Trusted Online Pharmacy

csmedcenter.net Review: Honest Look at a Trusted Online Pharmacy

10 Alternatives in 2025 to Fexofenadine: Finding Your Best Allergy Relief

10 Alternatives in 2025 to Fexofenadine: Finding Your Best Allergy Relief

Top 10 Stromectol Alternatives in 2025: Safe and Effective Options

Top 10 Stromectol Alternatives in 2025: Safe and Effective Options

9 Alternatives to Dexamethasone: What Works When the Usual Steroid Won’t?

9 Alternatives to Dexamethasone: What Works When the Usual Steroid Won’t?

Categories

Tags