1

Privacy Policy

The Fertility Shop is totally committed to protecting the privacy of users of our services and Website. We understand the sensitive nature of our products and the importance of privacy on the internet. We comply with the Data Protection Act 2018 (DPA) and UK General Data Protection Regulation (UK GDPR) and strive to be market leaders when it comes to digital health and privacy.
This policy explains how we use your personal data for our Healthcare Services and Products and covers:

Who we are;

1. Your personal data that we store and how we obtain it;
2. What we use your personal data for;
3. How and why we share your personal data with others;
4. How long we retain your data;
5. Data storage, security and transfers;
6. Changes to this policy;
7. Your rights.

If you have any further questions about how we process your information, please do not hesitate to get in touch by contacting our Data Protection Officer:

Address: Data Protection Officer, The Fertility Shop , 32 Madeira Avenue, Leigh on Sea, Essex SS9
3EB
Email: salesonline@thefertilityshop.co.uk

1. Who we are

Our mission at The FertilityShop is to support anyone on their fertility journey through providing fertility education, products and services.

Any reference to “The Fertility Shop”, “our”, “us”, “we” are references to The Fertility Shop ,
Sole Trader, 32 Madeira Avenue, Leigh on Sea, Essex SS9 3EB

Definitions:

Website” –  we provide products, content and services via our Website https://www.thefertilityshop.co.uk 

Website Provider” – our website is managed and hosted by the third-party Woocommerce.

Services” – these include Healthcare Consultations, Home Testing Services, referrals, and the sale of products on our Website.

Healthcare Consultations” – our Clinicians provide telephone consultations and video consultations via our Third-Party Clinical System.

Clinicians” – the appropriately qualified medical professionals acupuncturist based in the UK who provide the Healthcare Consultations.

Third-Party Clinical System” – we utilise Cliniko software to provide video healthcare
consultations.

Testing Provider” – we work with Medichecks.com Ltd to offer Home Testing Services.

Home Testing Services”– our range of testing Services that can be undertaken at home.

Products” – we offer a range of fertility products including fertility monitors, ovulation tests,
pregnancy tests, fertility lubricants, vitamins and supplements.

Dropship Partners” – we fulfil some products directly from manufacturers and distributors where
necessary.

2. Your personal data that we store and how we obtain it

The information we collect and store falls into the following categories:
a) Personal details
When you purchase a Product, book Consultation or Home Testing Service, set up an account or subscribe to receive our communications, you provide us with basic information about yourself, such as your name, date of birth, physical address and email address. You are responsible for the accuracy of the information that you provide to us.
b) Health and medical information
Following a Healthcare Consultation or Home Testing Service, we will also hold health and medical information. This will include information about your health, symptoms, treatments, consultations and sessions, medications, and test results. Prior to your Healthcare Consultation you may be asked to complete a pre-consultation questionnaire, from which information will be updated on our Third-party Clinical System. Following or during a Healthcare Consultation or Home Testing Service, one of our Clinicians will update our clinical system with details of the consultation and any test results. You will be given access to these consultation notes through our Third-Party Clinical System. Your purchase history with our Website may be shared with our Clinicians to offer you a better 
experience and for the purposes of providing you with personalized health care. We get some of this information directly from you when you register with us and when you use our healthcare Services. If you have given consent for us to do so, we will send the consultation notes that we take during your Healthcare Consultation and test results with your GP using secure NHS mail. We retain records of our consultations and interactions with you to also enable us to carry out audits to ensure a high quality of care is provided to you, and to allow us to learn from them to improve the quality of our Services. To monitor our service quality, we may retain records of when you contact our support teams via email, phone or our interactive chatbot and live chat service on our Website.
c) Financial information
If you make any payments on our Website or Third-Party Clinical System, your credit/debit card details are processed directly by a third-party processor that will store all payment information and transaction details. We will only retain details of transactions on secure servers and we will not retain your credit or debit card information.
d) Technical information and analytics
When you use our Website or Third-Party Clinical System, we may automatically collect the
following information where this is permitted by your device or browser settings:
i. Technical information, including the IP address used to connect your device to the Internet, your login information, system and operating system platform type and version, device model, browser or app version, time zone setting, language and location preferences, wireless carrier and your location (based on IP address); and
ii. Information about your visit, including how many times you have visited the Website, when you first used it and last used it, the content, Products and Services you have viewed or used, and interaction information (such as Website link clicks, email opens and clicks).

We work with partners who provide us with analytics and advertising services (for our Services only and not for third party advertising). This includes helping us understand how users interact with our Services, providing our advertisements on the internet, and measuring performance of our Services and our adverts. Cookies and similar technologies may be used to collect this information, such as your interactions with our Services.
Cookies
Cookies are a small file containing letters and numbers that are stored in your browser or the hard drive of your device and it is used to transfer information. You can prevent the setting of cookies by adjusting the settings on your browser or your mobile phone.
Cookies : This website may at times use cookies indirectly by making use Google Analytics (opt out of Google Analytics here) which tracks website traffic producing detailed statistics about site activity. 
To the best of our knowledge, it is our understanding that other Plugins used to make up the WordPress created website do not make use of plugins.

3. What we use your personal data for

We only collect, keep, use or share your information for legitimate interests, when you have approved us to do so, or when we are obliged to legally. These purposes are as follows:
a) Providing products and services
We collect and use your personal details and financial details to develop and deliver our contractual agreement with you for the provision of the Services. We obtain and use your health and medical information for medical purposes, including medical diagnosis and the provision of healthcare or treatment. This includes the information collected through our Healthcare Consultations with you and our Home Testing Services.
b) Service and product improvement
We will use your medical information to improve our healthcare Products and Services for the purpose of ensuring high standards of quality and safety of healthcare to safeguard your rights. Strict confidentiality and data security provisions apply at all times to safeguard your rights and you can at any time ask us to stop using your medical information in this way. We may also anonymize certain parts of the information that you provide to us before aggregating it with other data in a manner that means that it cannot be de-anonymized and used to subsequently identify you (for example, so that we can analyze trends within, say, women aged between 18-30). This anonymized aggregated data may be used by us to develop our business and identify trends and shall not be subject to data protection laws.
c) Other uses
We continually strive to improve our business and for the purpose of enabling us to do this by identifying potential user experience or technical issues we may analyze data about your use of our Products and Services. Analysis of this data also enables us to forecast demand for our products and services to help us to match our capacity with demand. Strict confidentiality and data security provisions will apply at all times and we will not use your medical information for this purpose. Where necessary, we may need to share personal and financial details for the purposes of fraud prevention and detection as otherwise required by law or regulation. In all cases we shall only act
where suitable and specific measures exist to safeguard your rights. We will also audit consultations and your other interactions with our Services for safety, regulatory and compliance purposes as necessary to ensure appropriate standards are being met in respect of the provision of healthcare or treatment. Strict confidentiality and data security provisions will apply at all times to any such audit
and access.
d) Communicating with you
As part of our contractual agreement to provide Products and Services, we use your email address, phone number and/or other details to contact you by email or telephone to update you on your product order (including order confirmation, dispatch confirmation), Healthcare Consultation or Home Testing Service. Where you have opted in to receive marketing communications, we may use your email address, phone number and/or other details to present you with occasional updates, marketing messages and research requests (such as surveys and focus groups). To help improve the relevancy of our marketing messages we may utilize your personal details and medical information (such as local events in your area, and content tailored for specific medical conditions). You have the right to opt out of marketing communications at any time by clicking the “unsubscribe” link in our emails or by contacting us using the details above.

4. How and why we share your personal data with others

We will never sell information that can be used to personally identify you to a third party. However, we may share and disclose your personal data to certain third parties as set out in the following section. Information sharing with third-party service providers We may share personal information about you in respect of our Website, Products and Home Testing Services with our service providers and partners, which include our Testing Provider, Fulfilment Partner, Dropship Partners, our ecommerce platform provider (Woo-commerce), product
review platform (Reviews.io), our payment service providers (PayPal, Stripe, Amazon Pay), our cloud service providers Clinko, and email marketing provider (Mailchimp). Through Woocommerce we use a number of third-party apps to provide services such as the regular back up of data and to manage delivery costs per product. A full list of our third party providers can be obtained from contacting salesonline@thefertilitshop.co.uk.

Cliniko servers are based in the UK however, we may transfer your personal data outside of the UK and the European Economic Area (EEA) (e.g. Woo-commerce and Mailchimp in the United States). This will always be in accordance with data protection law, including mechanisms to lawfully transfer data across borders, and subject to strict safeguards.

Anonymized information

We may display on our marketing communications, Website and internal reporting, aggregated and anonymized data that does not personally identify you, but which shows general statistics and trends, for example, survey results and customer review rating.

Legal Disclosures

We may preserve or disclose information about you to comply with a law, regulation, legal process,  or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of our Services or the physical safety of any person.
f) Third Party Purchaser
We may also disclose your personal information (other than your medical information) in connection with a corporate merger or amalgamation with another entity, a sale of all or a substantial portion of our assets or stock, including as part of any due diligence exercise carried out
in relation to the same, provided that the information disclosed continues to be used for the purposes permitted by this Privacy Policy by the entity acquiring the information. Except as described above, we will never share your personal information with any other party
without your consent.

5. How long we retain your data

We will keep your personal data and health and medical information for as long as it remains necessary for the identified purpose or as required by law, which may extend beyond the termination of our relationship with you. We may retain certain data as necessary to prevent fraud or
future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personallyidentifiable data, account recovery, or if required by law. All retained personal information will remain subject to the terms of this Privacy Policy and our retention policy, which is available on request by contacting us using the details above. If you request that your data be removed from our
databases, it may not be possible to completely delete all your personal information due to technological and legal constraints and/or if it is necessary for us to retain some or all of it in order to comply with a legal or regulatory obligation.

6. Data storage, security and transfers

We store all your personal data and health and medical information on secure Cliniko Services
servers in the UK. We use Woocommerce as our ecommerce platform provider in respect of sales of Products and Home Testing Services via our website. Where you submit personal data to our website it transfers
through Woocommerce’s servers before we receive the relevant details, under normal circumstances Woocommerce will use its servers in the USA or in other parts of the world may be used. There is no intention that your data will be accessed or manipulated while it is on those servers and therefore this is deemed to be transferred within the UK. Where you have chosen a password that enables you to access your personal account, you are responsible for keeping this password confidential. We ask you not to share the password with anyone.

We do not store any credit or debit card information. Payments are processed via a third-party payment provider whose servers are located within either the UK, the EEA or the US that is fully compliant with Level 1 Payment Card Industry (PCI) data security standards. Any payment transactions are encrypted using SSL technology.

We encrypt data transmitted to and from the Website. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
Your data may be processed or stored via destinations outside of the UK and the European Economic Area (EEA), but always in accordance with data protection law, including mechanisms to lawfully transfer data across borders, and subject to strict safeguards. For example, we work with third parties who help deliver our Services to you, whose servers may be located outside the UK or
EEA. Those safeguards may include the transfer of personal information to countries that have been
assessed by the European Commission (EC) as providing an adequate level of protection for personal information. Where we transfer data to companies within the US or elsewhere outside of the EEA we will ensure that appropriate contractual arrangements are in place to protect your personal data which may include standard model clauses in a format approved by the EC.

7. Changes to this policy

We may update this policy from time to time and, if we make any material changes, we will notify you when we do so. We will provide you with the opportunity to review such changes. By continuing to use our Products and Services after the changes have been made and we have notified you of them, the way we use your personal data will be subject to the terms of the updated policy.

8. Your rights

As indicated above, whenever we rely on your consent to process your personal data, you have the right to withdraw your consent at any time by unsubscribing from our communications or contacting us at: salesonline@thefertilityshop.co.uk

Under data protection law, you have rights including:
Your right of access- You have the right to ask us for copies of your personal information (also known as a subject access request).

Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

Your right to not be subject to automated individual decision making – you have the right to not
be subject to decisions based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you. You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at salesonline@thefertilityshop.co.uk if you wish to make a request. If you click unsubscribe on one of our marketing emails, you will no longer receive our emails immediately. If you email us to ask us to no longer send you any marketing (by email or SMS) or for your data to be deleted, please allow one calendar month for your request to be processed. It may not be possible to completely delete all your personal information due to technological and legal constraints and/or if it is necessary for us to retain some or all of it in order to comply with a legal or regulatory obligation.

Contacting The Information Commissioner’s Office
If you are not happy with the way in which we have dealt with your personal data or your enquiries relating to that personal data, it is your right to make a complaint to the data protection regulator.

The regulator is the Information Commissioner’s Office:
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113 (local rate).
ICO website: https://www.ico.org.uk
Last updated: 13.12.2021