We respect your right to privacy. Visitors are advised that each time they visit a Website, two general levels of information about their visit can be retained. The first level comprises statistical and other analytical information collected on an aggregate and non-individual specific basis of all browsers who visit the site. The second is information which is personal or particular to a specific visitor who knowingly chooses to provide that information. The statistical and analytical information provides general and not individually specific information about the number of people who visit this Website; the number of people who return to this site; the pages that they visit; where they were before they came to this site and the page in the site at which they exited. This information helps us monitor traffic on our Website so that we can manage the site’s capacity and efficiency. It also helps us to understand which parts of this site are most popular and generally to assess user behaviour and characteristics in order to measure interest in and use of the various areas of the site. Through this Website you may have an opportunity to send us information, such as through the “registration” pages or any other area where you may send e-mails, provide feedback, etc. By choosing to participate in these, you will be providing us with some level of personal information relating to you. This information will only be used by this site for:

  • the purposes for which it was provided by you;
  • verification purposes and statistical analysis; and
  • marketing and administration purposes.

Your rights as a data subject

A Data Subject is anyone who has shared data with us through our website or otherwise. As a Data Subject you are entitled to the following rights regarding the information we hold about you:

  • Right to Transparent Communication

  • Right to Basic Information

  • Right of Access

  • Right of Rectification

  • Right to Erasure (the “right to be forgotten”)

  • Right to Restrict Processing

  • Right to Object

  • Right to lodge a complaint with a supervisory authority

Should you wish to exercise any of your rights as a Data Subject, or make any enquiries regarding your data please contact:

Stephen Butler, Finance Director Hickey’s Pharmacy Support Office, Unit 3 Northwood Court, Santry Demesne, Dublin 9 OR email stephen.butler@hickeyspharmacies.ie

Collection and use of personal information

Personal information: information that is associated with your name or personal identity. This site Website does not collect any personal data about you on this Website, apart from information which you volunteer (for example, by emailing us, or registering with us). Any information which you provide in this way is not made available to any third parties (with the exception of job applications, see Candidate Manager below), and is used by this site only in line with the purpose for which you provided it. Emails or other communications received through the website are initially viewed by our marketing manager. These emails may be shared with other members of our senior management team if it is necessary to do so for the purpose the email was intended (e.g. a query on medication may be shared with our Pharmacist; a pricing query may be shared with our Purchasing Manager). All personal information received can be maintained on our servers for a period of no more than 30 days, but will ordinarily be deleted as soon as the query or request is dealt with.

candidate manager

If you click on “View Current Vacancies” in the Careers section of the website you will be diverted to a website hosted by our recruitment partner, Candidate Manager. Hickey’s Pharmacy are satisfied that Candidate Manager are compliant with all Data Protection Legislation and have taken appropriate steps to ensure that all data collected by them through our recruitment section is stored responsibly and securely. Furthermore, this data will only be used for the purpose it was intended, i.e. recruitment applications, and will not be shared with any other parties. All personal data held by Candidate Manager will be stored by them for a maximum of 365 days.

COLLECTION AND USE OF NON-PERSONAL INFORMATION

Non-personal information: data collected for statistical purposes which is not associated with a specific identity. This site collects and analyses technical information in order to evaluate our Website. The type of technical information we log is confined to the following:

  • The IP address*1 of the visitor’s Web server
  • The top-level domain-name used (for example .ie, .com, .org, .net)
  • The pages visited on the this site Website, i.e. URL’s*2 visited
  • The previous Website address from which the visitor reached us, including any search terms used
  • Clickstream data which shows the traffic of visitors around this Website (for example, pages accessed)

Third party websites

The website may contain links to other websites. We are not responsible for the privacy policies or practices of third party websites.

Submitting your information in-store

When a customer has submitted their personal details in one of our stores, we do not pass these details onto any third party and use only the information provided for the purposes intended as outlined at the time of the visit.  To opt out from receiving information from Hickey’s Pharmacy, you can contact the Support Office by email: stephen.butler@hickeyspharmacies.ie or send correspondence by post to: Stephen Butler, Hickey’s Pharmacy Support Office, Unit 3 Northwood Court, Santry Demesne, Dublin 9.  If opting out from the mobile text service, please text ‘HICKEYS STOP’ to 51444.

Updating information

Please let us know if the personal information which we hold about you needs to be corrected or updated. If you have any questions about this privacy policy or our treatment of your personal information, please email: stephen.butler@hickeyspharmacies.ie or send correspondence by post to: Stephen Butler, Hickey’s Pharmacy Support Office, Unit 3 Northwood Court, Santry Demesne, Dublin 9.

If you click on “View Current Vacancies” in the Careers section of the website you will be diverted to a website hosted by our recruitment partner, Candidate Manager. Hickey’s Pharmacy are satisfied that Candidate Manager are compliant with all Data Protection Legislation and have taken appropriate steps to ensure that all data collected by them through our recruitment section is stored responsibly and securely. Furthermore, this data will only be used for the purpose it was intended, i.e. recruitment applications, and will not be shared with any other parties. All personal data held by Candidate Manager will be stored by them for a maximum of 365 days.

A ‘Cookie’ is a file in your web browser that enables us to recognise your device when you visit hickeyspharmacies.ie.

When you visit our website, these cookies have two main functions:

(i) Site functionality and performance: to allow you to navigate the site, use our features and improve the performance of our website

(ii) Site analytics: to allow us to measure and analyse how our customers use our website, for example, what pages are visited and how many people return to the site).

The cookies on our website don’t store sensitive information such as your name or address. The information is aggregated, and we use it only to help us improve the way the website works.

By using our site, you agree to us placing these cookies on your device and accessing them when you visit the site in the future. If you’d prefer to restrict or delete cookies from the Hickey’s Pharmacy website, you can use your browser to do this. If you would like more information on cookie technology and how to manage and delete them, visit www.allaboutcookies.org.

Our website uses the following cookies:

NameDescriptionDuration
_ga
_gid
_gat
Google Analytics cookie, used to distinguish users and throttle request rate. Read moreDecided by Google
gsScrollPos-####Google Maps cookie, used to store the scroll position on embedded maps on the siteDecided by Google
eucookielawThis cookie is used to determine if the user has clicked to hide the cookie notice on the site or not365 days

PRIVACY POLICY - HICKEY'S PHARMACY APP

The Hickey’s Pharmacy App (“Application”) collects certain Personal Data from its Users.

Data Controller and Owner

Hickey’s Pharmacy Limited, whose registered office is Unit 3, Northwood Court, Santry Demesne, Dublin 9, is the Data Controller of any personal data you provide in the context of engaging our services.

We are committed to protecting your personal data in compliance with data protection principles and this privacy policy sets out why we require your personal data, how we process it in compliance with data protection legislation and what your rights are under the legislation.

Your rights as a Data Subject

A Data Subject is anyone who has shared data with us through our Application or otherwise. As a Data Subject you are entitled to the following rights regarding the information we hold about you:

i. Access to Personal Data Where you wish to access a copy of your personal data held by us, you may do so by contacting us in writing and we will respond to this request in 30 days.

ii. Rectification or Erasure of Personal Data Where you wish the data that we hold on you to be rectified, you have the right to request this in writing. Where you wish to exercise your right to have your personal data erased, we will do so without undue delay, subject to the exemptions provided for in Article 17(3) of the GDPR.

iii. Restriction of processing You have the right to obtain restriction of processing of your personal data where you contest the accuracy of the data for a period allowing us to verify the accuracy of the data; where the processing is unlawful and you oppose the erasure of your data and request the restriction of its use instead; where we no longer need the data for the purposes for which it was collected but it is required by you for legal purposes; where you have objected to the processing pursuant to Article 21(1).

iv. Right to Data Portability You have the right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

v. Right to Object You have the right to object to the processing of your personal data where your data is processed on the basis of our legitimate interests.

vi. Right to Complain You also have the right to complain to the Data Protection Commission where you believe that your personal data has not been processed in compliance with this legislation. Should you wish to exercise any of your rights as a Data Subject, or make any enquiries regarding your data please contact: Stephen Butler, Finance Director Hickey’s Pharmacy Support Office, Unit 3 Northwood Court, Santry Demesne, Dublin 9 OR email stephen.butler@hickeyspharmacies.ie

Categories of Data collected

The types of Personal Data that this Application collects include: Name (including the name of the person you are collecting the prescription for), Address, Date of Birth, Contact phone number, Email address which we require for the purposes of verifying your identity when you download the app and to accurately register you on our database to keep a record of the prescriptions you purchase for the purposes of patient safety and where you select the option of having your prescription delivered to you. We store your email address and password for authentication purposes only.

We use your location data with your permission to show nearby pharmacies, however, we do not store your current location on our servers, and only store the address you provide for the regulatory purposes and for the purposes of fulfilling the order.

We access the camera and the photo gallery on your phone to send a photo of your prescription to the pharmacy. In respect of information collected on your medication, we store the drug name, strength and directions from you registered pharmacy in order for you to view this information from within the app.

We use your debit/credit card details to process your payment but do not store these details on our servers.

Cookie and Usage Data

Other Personal Data collected may be described by dedicated explanation text with the Data collection. The Personal Data may be freely provided by the User, or collected automatically with your permission when using this Application. Failure to provide certain Personal Data may make it impossible for this Application to provide its services.

We only use the information provided for the purposes of fulfilling the order and/or service requested by the User.

Legal Basis for Collecting Personal Data

We do not require information on your health status to use the app, however, from the prescriptions that you order from us, it may be possible to infer information relating to your health from this data, and therefore we may collect information classified as special categories of data as defined under Article 9 of the General Data Protection Regulation (GDPR) and by using this app and uploading prescriptions to it you provide us with your explicit consent to process this category of data on you. We rely on your consent i.e. Article 6(1)(a) to contact you through the app where the pharmacist may have a query in relation to the prescription you have submitted through the app and we also rely on Article 6(1)(b) to fulfil the payment transaction with you and for the purpose of running analytics on our sales and website to determine how we can optimise and improve the app for the benefit of its users.

Mode and place of processing the Data

Methods of processing

The Data Controller processes the Data of Users in a proper manner and shall take appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of the Data. In addition to the Data Controller, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of the Application (administration, marketing), or external parties (such as third party technical service providers, hosting provider, online payment provider) appointed, if necessary, as Data Processors. The updated list of these parties may be requested from the Data Controller at any time.

Place

The Data is processed at the Data Controller’s support office and in the pharmacy selected by the User as their preferred store.

Retention of Personal Data

Where you upload prescriptions to the app, whether on an ad hoc or repeated basis, we retain this information on the system for the purposes of ensuring we accurately dispense the repeat dosages and for the purposes of ensuring your safety and wellbeing as a patient.

We have a statutory basis for retaining this information in the interests of patient safety for a period of three years (five years in the case of unlicensed medicines) as we are obliged under Regulation 10 of the Medicinal Products (prescription and Control of Supply) Regulations 2003 (as amended) to retain prescriptions or duplicate copies of prescriptions on the pharmacy premises from the date of dispensing or in the case of repeat prescriptions from the last date of dispensing. We will therefore take a copy of the prescription when you arrive to collect the medicine and will retain this on our premises for the purposes specified.

The User can always request that the Data Controller suspend or remove the data from the Application. Disclosure of Personal Data

Your data will not be shared with any unauthorised third parties and will only be accessed in limited circumstances by the developers of the app with prior approval from Hickey’s Pharmacies and your explicit consent where their assistance is required with troubleshooting issues with the app. Where you avail of home delivery of your prescription, your name and address details will be shared with the courier company to fulfil the delivery. A data processing agreement has been put in place with this third party in their capacity as data processor of this data to ensure that they adequately protect your data and keep it confidential, safe and secure.

Where required by law to disclose this data to law enforcement authorities we are under a legal basis to do so.

Security

We have implemented appropriate security measures to protect your personal data against unauthorised access, alteration, destruction or disclosure including encryption using industry standard techniques and tokenisation to mask patient details stored on our servers. We use Sagepay to process payment details. Access to and management of data is limited to those staff members who have appropriate authorisation. Where data is stored in hard copy format, we have procedures in place and staff training to ensure that paper records are stored securely.

Unfortunately, no data transmission over the Internet or electronic storage system can be guaranteed as secure, however, we will ensure that the technical and organisational measures in place are regularly reviewed to ensure that they are up-to-date and functioning effectively.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. If a User objects to any of the changes to the Policy, the User must cease using this Application and can request that the Data Controller erase the Personal Data. Unless stated otherwise, the then-current privacy policy applies to all Personal Data the Data Controller has about Users.

Last updated 28th September 2018