Last Updated: 12-07-2023
By accessing or using our Website and Services, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, please refrain from using our Website and Services.
1. Information We Collect
1.1 Personal Information: We may collect personal information that you provide to us voluntarily, such as your name, email address, postal address, telephone number, date of birth, and any other information you choose to provide when using our Website and Services.
1.2 Health Information: In the context of providing healthcare-related services, we may collect and process sensitive personal information, including medical history, health conditions, prescriptions, and any other health-related data necessary for the provision of our Services.
1.3 Usage Information: When you visit our Website or use our Services, we may automatically collect certain information about your device, browser, IP address, and your interactions with our Website and Services. This information is collected through cookies, web beacons, and similar technologies.
2. Use of Information
2.1 We may use the personal information we collect for the following purposes:
2.2 We will only process sensitive health information as necessary to provide the requested Services, with your consent, or as permitted by applicable laws and regulations.
3. Disclosure of Information
3.1 We may share personal information in the following circumstances:
3.2 We will not sell, rent, or lease your personal information to third parties without your consent, except as disclosed in this Policy.
4. Security Measures
4.1 We implement appropriate technical and organizational measures to protect the security and confidentiality of your personal information. However, please note that no method of transmission over the internet or electronic storage is completely secure.
4.2 We cannot guarantee the absolute security of your personal information, and you provide information at your own risk. If you have reason to believe that your interaction with us is no longer secure, please notify us immediately.
5. Your Choices
5.1 You have certain rights regarding the personal information we hold about you, including the right to access, update, and delete your personal information. To exercise these rights, please contact us using the information provided at the end of this Policy.
5.2 You may choose to opt out of receiving promotional communications from us by following the instructions in the communications or by contacting us directly.
6. Children’s Privacy
Our Website and Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from individuals under the age of 18. If you are a parent or guardian and believe that we may have collected information from your child, please contact us, and we will promptly delete the information.
7. Changes to this Policy
We reserve the right to modify this Policy at any time. Any changes to this Policy will be effective when we post the updated Policy on our Website. Your continued use of our Website and Services after any changes constitutes your acceptance of the revised Policy.
This Confidentiality Policy (“Policy”) outlines the practices of Meds for Less (“we,” “us,” or “our”) regarding the handling and protection of confidential information, including patient details, within our organization. We are committed to maintaining the highest level of confidentiality and safeguarding the privacy of our patients.
By being employed by or affiliated with our organization, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, please refrain from accessing or using confidential information and notify us immediately.
1. Definition of Confidential Information
Confidential information includes any and all information related to our patients, employees, business operations, and any other information that is not publicly available. This includes, but is not limited to:
2. Confidentiality Obligations
2.1 All individuals employed by or affiliated with our organization are required to adhere to the following confidentiality obligations:
2.2 Confidentiality obligations apply during employment or affiliation with our organization and continue even after the termination of employment or affiliation.
3. Disclosure of Confidential Information
3.1 We will only disclose confidential information in the following circumstances:
4. Reporting and Breach of Confidentiality
4.1 Any suspected or actual breaches of confidentiality must be reported immediately to the designated authority within our organization.
4.2 In the event of a breach of confidentiality, we will conduct a prompt investigation and take appropriate disciplinary and legal actions, as necessary, to address the breach and mitigate any harm caused.
5. Training and Awareness
5.1 We will provide appropriate training and awareness programs to all employees and individuals affiliated with our organization to ensure their understanding of this Policy and their obligations regarding the protection of confidential information.
6. Compliance with Laws and Regulations
6.1 We will comply with all applicable laws, regulations, and industry standards regarding the protection of confidential information, including but not limited to privacy laws and healthcare regulations.
This Cybersecurity Policy (“Policy”) outlines the practices of Meds for Less Limited (“we,” “us,” or “our”) regarding the protection and security of information assets, including data, systems, and networks. We are committed to implementing and maintaining robust cybersecurity measures in accordance with ISO 27001 standards.
By being employed by or affiliated with our organization, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, please refrain from accessing or using our information assets and notify us immediately.
1. Information Security Management System (ISMS)
1.1 We have implemented an Information Security Management System (ISMS) based on the ISO 27001 standard to effectively manage and mitigate information security risks.
1.2 The ISMS encompasses the following key components:
2. Responsibilities and Accountability
2.1 All employees and individuals affiliated with our organization have a responsibility to adhere to the following cybersecurity principles:
2.2 Management is responsible for:
3. Information Security Controls
3.1 We implement a range of technical, physical, and administrative controls to protect our information assets. These controls include, but are not limited to:
4. Security Incident Management
4.1 We have established an incident response process to effectively respond to and manage security incidents. This includes:
5. Third-Party Management
5.1 We ensure that third-party vendors and service providers who have access to our information assets adhere to similar cybersecurity practices. This includes conducting due diligence on their security controls, establishing contractual obligations, and monitoring their compliance.
6. Compliance and Audit
6.1 We regularly review and assess our cybersecurity controls to ensure their effectiveness and compliance with ISO 27001 standards.
6.2 Internal and external audits may be conducted periodically to evaluate the adequacy of our cybersecurity controls and identify areas for improvement.
7. Training and Awareness
7.1 We provide regular training and awareness programs to all employees and individuals affiliated with our organization to ensure their understanding of cybersecurity risks, policies, and procedures.
8. Contact Us
If you have any questions, concerns, or reports related to the confidentiality of information within our organization, please contact:
Meds For Less Limited, 9 Walkern Road, Stevenage, 9QD 1SD, [email protected], 020 3409 0678