Menu Help Knowledge centre
GB

Privacy Statement

MyHealthCares B.V.

MyHealthCares B.V. is a Dutch company. We are active in the European Economic Area (EEA) and we keep our data on servers in the EEA , unless stated otherwise.

We process your personal data when you use our services, applications, websites and software. We call this the "Service". In this privacy statement we summarize when and how we collect, use and secure your personal data with regard to our Service.

General

We may change provisions of this privacy statement from time to time. If we do that, we will inform you of the changes. However, we also advise you to check for yourself from time to time whether the privacy statement has been changed.

Which personal data do we collect?

There are a number of ways in which we can collect your personal data. In this section we explain which personal data we may collect from you. The personal data is sorted according to the different processing goals. The data retention period also differs depending on the processing goal. This period will also be mentioned below. Note that should there be any legal changes to the possible data retention periods, these legal changes will take precedence over the periods mentioned in this privacy statement.

Personal data collected directly by us or provided directly to us by you

Processing on the basis of a legal obligation

Administrative obligations: we retain this personal data for a maximum of 7 years:

  • your name
  • your address
  • your purchases and purchase orders (if applicable)

If you wish to use our Service, you must provide this personal information to us. The reason for this is that this data need is needed to comply with our legal and fiscal obligations.

Processing necessary for the performance of a contract between you and us, or you and third parties on the platform (delivering the Service),

Non-medical information needed for rendering our Service to you: we will retain this data for as long as you have an active account, and for up to 2 years after the moment your account is no longer active.

  1. non-medical personal data provided to us in the context of our services

    • order history
    • e-mail address
    • address
    • banking account number
  2. other personal information you provide when contacting us

If you wish to use our Service, you must provide this personal information to us, otherwise we will not be able to provide our Service.

Processing necessary for defending of our legitimate interests

  1. Improving our services: we retain this personal data for as long as you have an active account, and for up to 2 years after the moment your account is no longer active.
    - your name
    - a number to identify you on our services (user or session ID)
    - your IP – address
    - a number to identify your device on our services ( device -ID)
    - a number to identify you on our services (user or session ID)
    - the operating system you are using
    - the time, date and place of login
    - use of the website
     
  2. Keeping the Service safe: we retain this personal data for as long as you have an active account, and for up to 2 years after the moment your account is no longer active.
    - your IP - address
    - a number to identify your device on our services ( device -ID)
    - a number to identify you on our services ( user or session ID)
    - the operating system you are using
    - the time, date and place of login
     
  3. To inform you about our other services (if you have purchased a paid service from us): we will retain this personal data until you indicate that you no longer wish to receive marketing information, but no longer than up to 2 years after the moment your account is no longer active.
    - your e-mail address

We process this personal data on the basis of a weighing of interests. If you do not want to provide the data mentioned in 3.3.1. or 3.3.2  please let us know your reasons for objecting. We will take your reasoning into account and weigh it against our interests. If we come to the conclusion that we do need this personal data, you cannot use our Service if you refuse to provide the personal data. More information about your rights can be found below under the heading 'Your rights'.

You can unregister (‘opt out’) from our mailing list for the processing mentioned under 3.3.3. by following the cancellation instructions that are included with each marketing e-mail. If you opt out, this will not affect our ability to send you important e-mails about the Service and your account. In addition, it does not affect our ability to use your personal data as described in this privacy statement.

Processing with your consent

  1. Medical information: we will retain this personal data for as long as you have an active account, and for up to 15 years after your account is no longer active. This medical information will be acquired from you directly, by way of you filling in a medical questionnaire. The following information will be collected:
    - your name
    - your age / date of birth
    - your gender
    - your country of origin
    - any relevant medical information that you personally share with us by filling in  the online questionnaire, for example: physical and mental conditions, use of medicines, measures of your body.

    This information will be shared with the doctor that is reviewing your medical questionnaire. Please note that when you share medical information with us in a different way than by filling in the medical questionnaire this medical information will be deleted immediately. We cannot answer any medical questions for you. Please consult your doctor when you have medical questions that need to be answered.
     
  2. To inform you (at your request) about the Service we have rendered to you or other services offered by us: we will retain this personal data until you indicate that you no longer wish to receive marketing information.
    - your name
    - your e-mail address
  3. To inform you at your request and to answer your questions: we retain this personal data for up to 2 months after your request or question has been processed.
    - your name
    - your email address
    - other personal data that you enter when contacting Myhealthcares

If you don’t consent to the processing of the personal data mentioned in 3.4.1. this means that we will not be able to provide the Service to you. You are not obliged to provide personal information mentioned in 3.4.2 and 3.4.3 to us. If you do not provide this personal information to us, this will not have any negative consequences for your use of the Service and you can continue to use the Service. We will only process this personal data if you have given permission for this and the data will only be processed once you have actually given your consent or have provided the personal data yourself.

Sharing personal data

We only share your personal data in in the way, and with the parties, mentioned in this privacy statement.

Sharing with processors for which your consent is not necessary

We use other parties to help with the provision of the Service. It is possible that these third parties process your personal data. These third parties are referred to as "Processor" in this privacy statement. We conclude processing agreements with these processors.

We use the following types of processors:

  • companies that provide storage of (personal) data and database management and maintenance;
  • research firms and providers of analytical software to improve our services (eg privacy-friendly Google Analytics that does not share personal data with Google);
  • hosting provider(s);
  • providers of customer management software.
  • Payment Service Provider (PSP) for processing online payments

In some cases, the Processor may collect your personal data on our behalf. We contractually agree with the Processors that they may only use personal data that they obtain from us to enable the provision of the Service. Processors may not use this information for advertisement purposes.

If you provide additional information to these processors yourself, we are not responsible for this. It is wise to inform yourself properly about the Processor and his company before you provide your personal data.

Sharing data with your consent

To provide our Service, your personal data will be shared with doctors and pharmacies. This is necessary, because only a licensed doctor of medicine will be responsible for deciding what medicine will be prescribed to you.

The following information will be shared with the mentioned parties:

  • Pharmacies: Address data and electronic prescription;
  • Doctors: Address data and completed medical questionnaires;

We are not responsible for the way these doctors and pharmacies handle your personal data, they have their own (legal) responsibility. We recommend that you check for yourself the way in which they deal with your personal data, before you decide to use the doctor or pharmacy.

Pharmacies outside of the European Economic Area

In certain circumstances, your personal data (including medical questionnaire) will have to be shared with pharmacies in countries outside the European Economic Area. When this is necessary, you will always be informed up front and the data will only be transferred when you explicitly consent with the transfer of the data. Please note that the following risks are always present when sharing the information with countries outside the European Economic Area:

  • These countries have no or less strict laws and regulations for the protection of personal data, which means that companies can do much more with your data and without your consent than a company bound by the GDPR would be able to do;
  • Because the rules for the digital protection of personal data are probably less strict than under the GDPR, your personal data will be at a bigger risk than they would be if the safety standards were up to the level of the GDPR.
  • When you want to act against the use if your personal data by a company in a country like this, the possibility is present that the legal system in said country will not be of (proper) assistance, making it much harder to protect your interests.

Our legal responsibility

We may also share personal data with third parties if this is:

  1. reasonably necessary or appropriate to comply with our legal obligations; 
  2. necessary to comply with legal requests from authorities; 
  3. is required to respond to any legal claims; 
  4. necessary to protect the rights, property or safety of us, our users, our employees or the public; 
  5. is required to protect ourselves or our users against fraudulent, abusive, inappropriate or unlawful use of the Service.

We will immediately notify you if a government agency makes a request that relates to your personal data, unless we are not allowed to do so on the grounds of the law.

Merger or sale (part) of the company

It may happen that we disclose, share or transfer your personal data when we transfer part of our business. Examples include (negotiations about) a merger, sale of parts of the company or obtaining loans. We will of course try to limit the impact for you as far as possible by transferring personal data only when necessary. The data shared will never include your medical data.

Protection of personal data

Protecting your personal data is of the utmost importance for us. We have therefore taken appropriate technical and organizational security measures in order to protect your personal data. These measures include, but are not limited to:

  • Physical and electronic measures designed to prevent unauthorized access, loss or misuse of personal data as far as possible.
  • We use TLS (Transport Layer Security) technology to encrypt sensitive information or personal data, such as account passwords and other identifiable information about payments.
  • SSL connection.
  • Where reasonably possible, backups of personal data will be made.
  • Sensitive information is only stored encrypted if possible.
  • Vulnerabilities in the software are dealt with as quickly as reasonably possible.

We would like to point out that absolute security for sending personal data via the internet or storing personal data cannot always be guaranteed. We advise you to take this into account when deciding whether or not to give consent for processing your personal data.

Links to third party sites

Our platform may contain links to other websites and services. In addition, our platform can also provide advertisements from third parties. Third party websites and services can collect and retain information about you. If you provide your personal data to third parties, then we are not involved. We have no control over this sites or the activities of the third parties. In that case, the privacy policy of the third party applies. We are not responsible for the content of the privacy policy of these parties and the way in which these parties deal with personal data. We encourage you to review their privacy and security practices and policies before you provide personal information to them.

Cookies

We will make use of cookies when you visit our website. Cookies are small pieces of software that are installed on your device. Cookies can have several functions, below we will describe which cookies we use and for what purpose.

  • Functional cookies: these are cookies that are necessary for using the website. We don’t need your permission for these cookies and these cookies will not make use of your personal data.
  • Analytical cookies: these cookies are used for analytical purposes, such as tracking the number of visitors to our website, the links they click on and so on. These cookies don’t make use of your personal data, and therefore we don’t need your permission for using these cookies.
  • Tracking cookies: these cookies are used to track your ‘behaviour’ on our website. By using these cookies we can make a digital profile of you and the way you use our website. We can also link that to the Services we provide to you. Because these cookies make use of your personal data, we need your explicit consent for using the cookies and you can of course refuse to let us install the cookies on your device.

Your rights

You can check, update, change, correct or delete the personal data collected by us in your online account and you can request us to limit the processing of your personal data. 

You can ask us to transfer the personal information we process about you to another entity. If you wish to do so, we request you to indicate which information you wish to see transferred. We will comply with such a request when it concerns information processed on the basis of article 3.2 or 3.4 of this privacy statement, unless this information also contains personal data about other persons or another reason prevents this.

When you wish to make use of the aforementioned rights, please contact us. Our contact details can be found in article 8 of this privacy statement. 

We will review your request to see if the legal requirements have been met and to check if your request does not violate our legitimate interests. For example, we have a legitimate interest if we need the personal data to be able to provide our Service to others, to resolve disputes, to maintain the applicable terms of use, for technical and / or legal requirements and / or if required by the Service or law.

To access your own personal data, you must provide sufficient proof of your identity in the manner that we ask of you. If we are not sure whether you are the person whose personal data it involves, we may refuse your access to the personal data.

We will respond within 4 weeks to all your requests as described in this article. For complex applications, we can extend the period for a further four weeks. If we extend the term, we will notify you within 4 weeks of the submission of the request.

You have the right to file a complaint with the competent privacy authority about how we handle your personal data . For the Netherlands this authority is the Dutch Data Protection Authority, which you can reach at https://autoriteitpersoonsgegevens.nl/ .

Contact

If you have questions, concerns or comments about this Privacy Statement or our data processing, please contact us via e-mail customercare@myhealthcares.eu or by calling our Customer Service Centre +31 85 2250 109