Security & Privacy

 

Owen Mumford Limited (“us” or “we”) are committed to protecting and respecting your privacy. We will retain data about you which is obtained as a result of your visiting our websites at www.medicalshop.co.uk or Simplitudebyme.com (in each case the “Website”). This data may be:

  • anonymised data collected by us through the use of “cookies”, the collection and use of which is governed by our cookie policy which you can read by clicking here; or
  • personal data, our collection and use of which is governed by this Policy.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it and regarding cookies.

If you have not already read our Website Terms & Conditions, please do so by clicking here

We are the data controller of the personal data we collect through the Website. We are a company registered in England and Wales under company number 01257871 and our registered office address is Brook Hill, Woodstock, Oxfordshire OX20 1TU. We are VAT registered under number GB195 9293 07.

Information We May Collect from You

We may collect and process the following data about you:

  • information that you provide to us by filling in forms on the Website or otherwise by contacting us using the Contact form provided on the Website.
    - this information may include your name, address, date of birth, email address and any other information you provide to us when contacting us for any other reason;
  • information that you provide to create an account on the Website;
  • information that you provide to us when making, or in connection with, purchases through the Website (which might include contact details as set out above or transaction records relating to your order. We do not receive bank or card details as these are handled by our payment processing services providers such as Apple Pay and/or Shopify Pay);
  • records of your correspondence (if any) with us; and
  • details of your visits to the Website including, but not limited to, traffic data, the Internet protocol (IP) address used to connect your device to the Internet, location data, files downloaded, weblogs and other communication data.

We may also collect, use and share special categories of personal data (for example, about your physical or mental health) if you give this information to us.

IP Addresses and Cookies

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and statistical analysis. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. We may also use cookies to collect information about how visitors use our site, in accordance with our cookie policy which you can read by clicking here.

Where We Store Your Personal Information

All information you provide to us or that we collect from you is stored on our secure servers or on the servers of our respective hosting service providers, which we may change from time to time. We may share your personal data with other Owen Mumford group companies and our servers may be located outside the EEA. Therefore, the information that we collect from you may be transferred to, and stored at, a destination outside the EEA. It may also be processed by staff operating outside the EEA who work for us or for one of our group companies or suppliers.

Whenever we transfer your personal data out of the EEA, we ensure that a similar degree of protection is afforded to it to that applying within the EEA by ensuring that at least one of the following safeguards is implemented:

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data outside the EEA.

The transmission of information via the internet is not completely secure. Although we will use our best endeavours to protect your personal data, we cannot guarantee the security of your data transmitted to the Website and any transmission is at your own risk. Once we have received your information, we will use suitable procedures and security features to try to prevent unauthorised access.

Uses Made of the Information

We (and where applicable our group companies) use information held about you in the following ways:

  • to ensure that content from the Website is presented in the most effective manner for you and for your computer;
  • to correspond with you and to address any queries you may raise through the Website;
  • to enable your access to certain areas of our Website (including access to our educational support information);
  • to carry out our obligations arising from any contracts entered into between you and us;
  • to use data analytics to improve the Website, products/services, marketing, customer relationships and experiences; and
  • to provide you with information regarding our products or services that you request from us or which we feel may interest you where you have consented to be contacted for such purposes.

Except as provided in this Policy or our Cookie Policy, we do not sell, trade or rent your personal information to third parties and will not share your personal information with third party advertisers.

If we wish to use your data for marketing purposes, we will always inform you (before collecting your data) and either request your consent or, if permitted by law, provide you with the opportunity to opt out. You can exercise your right to prevent such processing by contacting us at info@owenmumford.co.uk or by clicking “unsubscribe” on any marketing emails you receive from us.

Disclosure of Your Information

We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. For example, group companies may share hosted servers for the storage of their data or personal data may be shared between group companies to achieve organisation-wide goals.

We may disclose your personal information to third parties:

  • who provide us with hosting services;
  • who provide us with marketing and customer relationship management services;
  • who provide us with e-commerce or payment processing services (and in particular the Simplitude ByMe Website is supported by Shopify and Shopify Payments, whose privacy policy is available at https://www.shopify.com/legal/privacy/customers);
  • who provide us with logistics and fulfilment services;
  • if all or the relevant part of our business is acquired by a third party, in which case personal data held by us about our
    customers will be one of the transferred assets;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to
    enforce or apply our Website Terms of Service or any other terms or agreements.

Purposes for Which We Process Your Data and the Legal Basis for Doing So

We have set out below, in table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data on more than one lawful legal basis depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal basis we are relying on to process your personal data where more than one basis has been set out in the table below.

Purpose/Activity: To ensure that content from the Website is presented in the most effective manner for you and for your computer

Type of Data: Information that you provide by filling in forms on the Website or otherwise by contacting us using the Contact form provided on the Website, and details of your visits to the Website including, but not limited to, traffic data, location data, files downloaded, weblogs and other communication data.

Legal Basis for Processing, including Basis of Legitimate Interest:

  1. Necessary for our legitimate interests (to define types of customers for our products and services, to keep the Website updated and relevant, to develop our business, to inform our marketing strategy, for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise); and
  2. Necessary to comply with a legal obligation

____________________________________________

Purpose/Activity: To correspond with you and to address any queries you may raise through our Website

Type of Data: Information that you provide by filling in forms on the Website, placing orders or otherwise by contacting us using the Contact form provided on the Website and copies of your correspondence with us. This information may include your name, address, date of birth, email address and any other information you provide to us when contacting us (including any special categories of personal data).

Legal Basis for Processing, including Basis of Legitimate Interest

  1. Performance of a contract with you
  2. Necessary to comply with a legal obligation
  3. Necessary for our legitimate interests (to address our customers’ concerns and queries)

____________________________________________

Purpose/Activity: To register you as a new user to enable your access to certain areas of our Website (including access to our educational support information)

Type of Data: Information that you provide to create an account on the Website, including your email address and password.

Legal Basis for Processing, including Basis of Legitimate Interest: Performance of a contract with you

____________________________________________

Purpose/Activity: To carry out our obligations arising from any contracts entered into between you and us

Type of Data: Information that you provide by filling in forms on the Website or otherwise by contacting us using the Contact form provided on the Website and copies of your correspondence with us. This information may include your name, address, date of birth, email address, transaction details and any other information you provide to us when contacting us (including any special categories of personal data).

Legal Basis for Processing, including Basis of Legitimate Interest: Performance of a contract with you

____________________________________________

Purpose/Activity: To use data analytics to improve the Website, products/services, marketing, customer relationships and experiences

Type of Data: Information relating to your visits to the Website including, but not limited to, traffic data, location data, files downloaded, weblogs and other communication data.

Legal Basis for Processing, including Basis of Legitimate Interest: Necessary for our legitimate interests (to define types of customers for our products and services, to keep the Website updated and relevant, to develop our business and to inform our marketing strategy)

____________________________________________

Purpose/Activity: To provide you with information regarding our products or services that you request from us or which we feel may interest you where you have consented to be contacted for such purposes

Type of Data: Information that you provide by filling in forms on the Website or otherwise by contacting us using the Contact form provided on the Website and copies of your correspondence with us. This information may include your name, address, date of birth, email address and any other information you provide to us when contacting us (including any special categories of personal data).

Legal Basis for Processing, including Basis of Legitimate Interest: Necessary for our legitimate interests (to develop our products/services and grow our business)

____________________________________________

Type of Data: Your email address.

Legal Basis for Processing, including Basis of Legitimate Interest: Necessary for our legitimate interests (to develop our products/services and grow our business).

____________________________________________

 

Security of Information

Where we have given you (or where you have chosen) a password which enables you to access the education support information available to download from our Website, you are responsible for keeping your password confidential. You must not share your password with anyone, or store it in a way that may allow a third party to access it.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know it. They will only process your personal data on our instructions and where they are subject to a duty of confidentiality.

Retaining Your Information

We will retain the information we receive and collect about you for a period which is reasonably required for us to use it in accordance with this privacy policy or in accordance with our legal rights and obligations.

Your Rights

You can request deletion of your personal data from our database by emailing us at info@medicalshop.co.uk

Current data protection legislation gives you the right to access information held about you, subject to certain conditions, and to request its rectification or deletion. These rights can be exercised in accordance with the current data protection laws.

Third Parties

The Website may contain links to and from the websites of our partner networks, advertisers, or other third parties, including links to our social media pages hosted by third-party providers such as LinkedIn, Facebook, Twitter, Google and YouTube. If you follow a link to any of these websites, please note that these websites are operated by third parties and have their own privacy policies governing the use of any personal data you submit through them. We do not accept any responsibility or liability for the use of your personal data by those third parties or under or in connection with those privacy policies. Please check those policies before you submit any personal data through those websites.

Changes to our Privacy and Cookie Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. You should ensure that you review this page from time to time.

Contact Us

If you have any concerns about material which appears on the Website, or any questions or comments regarding our Privacy Policy, please contact us at info@medicalshop.co.uk or by recorded delivery to our postal address at Brook Hill, Woodstock, Oxford, OX20 1TU, United Kingdom.