HYDROPEPTIDE LIMITED
Privacy Policy
1. Who we are
hydropeptide.co.uk is a site operated by Wigmore Medical Ltd (“we”, “our” and “us”) and we are the company that collects your personal data and controls how it will be used (the “controller”). We are registered in England and Wales under company number 03310740 and have our registered office at 23 Wigmore Street, London W1U 1PL. Our main trading address is 23 Wigmore Street, London W1U 1PL. Our VAT number is GB 707 513 646.
hydropeptide.co.uk is owned by HydroPeptide Limited, which is registered in England and Wales under company number 14167040 with their registered office at Camburgh House, 27 New Dover Road, Canterbury, Kent CT1 3DN. The VAT number is 417249984.
2. Scope of this policy
Personal data means information that can directly or indirectly identify you ("Personal Data"). This typically includes information such as your name and email address but can also include other information such as an IP address.
This policy (together with our Terms of Website Use, Cookies Policy, Conditions of Sale, and any other documents referred to within) sets out the basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your Personal Data. By visiting www.wigmoremedical.com (our site) you are accepting and consenting to the practices described in this policy.
For the purpose of the General Data Protection Regulations (GDPR), the data controller is Wigmore Medical Ltd of 23 Wigmore Street, London W1U 1PL.
Wigmore Medical has appointed a Data Protection Officer (DPO) who can be contacted at:
DPO@Wigmoremedical.com
Data Protection Officer
Wigmore Medical
23 Wigmore Street
London W1U 1PL
We know that you value your privacy and the security of personal information held about you. We are committed to handling your Personal Data and personal sensitive data in line with data protection law and principles, which means that your data will be:
• Used lawfully, fairly and in a transparent way.
• Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
• Relevant to the purposes we have told you about and limited only to those purposes.
• Accurate and kept up to date.
• Kept only as long as necessary for the purposes we have told you about.
• Kept securely.
This website is not intended for children, and we do not knowingly collect data relating to children.
You should ensure that you have read and understood this policy before providing your Personal Data to us.
This website may include links to our social media pages, advertisers and affiliates, third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
Communication, engagement and actions taken through external social media platforms that this website and the Company participate are done on the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question.
Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
3. How do we collect your personal data, what do we collect and what do we do with it?
We use different methods to collect data from and about you, including through:
Direct interactions: You may give us your Personal Data by speaking to us in person, filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
• Apply for or buy our products or services;
• Create an account on our website;
• Subscribe to our service or publications;
• Request marketing to be sent to you; or
• Give us some feedback.
Automated technologies or interactions: As you interact with our website, we may automatically collect data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, and other similar technologies.
Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources as set out below:
• Technical data from analytics providers such as Google based outside the UK (please see our Cookies Policy);
• Contact and financial data from providers of technical, payment and delivery services such as Klarna or Paypal based inside or outside the UK.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
To see what personal data we collect, for what purpose, how we use it, retain it and secure it, please see the different categories below.
| How and what personal data do we collect? | What do we do with it and why? |
|---|---|
| We collect your full name, title, delivery address, billing address, email address, phone number and date of birth (should you choose to provide it) when you make a purchase via our website and/or register for an account with us.. | • register your account with us • if you wish us to do so, store your details so it is easier for you to order on your next visit • process and deliver any orders you place with us • send you updates about our web-services (including updates to our terms and policies). • to send our latest information and news to you by email, SMS and/or post (unless you specifically tell us you do not want us to) • we may share your name, email address or phone number with the social media sites on which we present our adverts to check whether you use that social media site and (if you do) to present adverts for our products to you on that site. When we share your email address in this way, we always share a hashed version of your email address (which means the full address is not available to the social media site). |
| We collect your credit/debit card details when you make a purchase via our website. | • to process your purchase. • to comply with our legal and regulatory obligations. |
| We collect your date of birth when you make a purchase via our website (but only if you choose to provide this to us) | • to tailor the messages we send to you based on what we think will be of interest to you based on your age. • to provide you with discounts and offers on or around your birthday (unless you specifically tell us that you do not want us to). |
| We collect your full name, email address, telephone number and postal address (unless you choose not to provide such information to us) when you create an account/register to receive our latest news and information. | • to store this on our internal database and, unless you tell us you do not wish to receive messages from us, to ensure you receive all the latest news and information about our new product releases, offers, discounts and events to your preferred contact method(s). |
| If you make a purchase via our website, details of your shopping history, including spending data, types of orders and frequency of orders. | • to analyse your shopping patterns compared to other customers (although we will aggregate your personal data before we use it for this purpose).
• to tailor the messages we send to you based on your shopping history. |
| The fact you have visited our website and the products you have viewed, which may be collected via online identifiers such as cookies, tags and pixels. | • to share this information with social media sites (such as Facebook and Instagram) on which we publish adverts, to enable them to display advertising relevant to your interests. |
| Your name, email address, social media handle and any other information that you include in your message/comment when you send us a message with a comment or question on our website, by post, email, phone or on any of our social media pages (Facebook, Twitter, Instagram, Pinterest or YouTube). | • to deal with your comment/question and to contact you about this, if necessary. • if the comment/message is in relation to a social media competition, to enter you into the competition. |
| Your name, email address, social media handle and any other information you provide to us when you take part in any competition we operate on our website or any of our social media sites. | • to enter you into the competition • to send you details of our products, offers and events which we think will be of interest to you by email, SMS and/or post (unless you specifically tell us that you do not want us to). |
| Technical information about your computer, tablet or phone (including your IP address, screen resolution, browser type, operating system software type and device type). | • to enable you to store your preferences on your device (so you can, for example, save your login details, your preferred language and preferred currency)
• to improve our website, services marketing and customer relationships so our website is easier for you to use. • to analyse your location to understand how best to provide advertising campaigns to you. |
| Other technical information about your computer, tablet or phone (including your IP address, screen resolution, browser type, operating system software type and device type). | • to administer and protect our website through troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data. |
4. Our lawful basis for what we do with your personal data
We will never use your personal data unlawfully. We have set out below our lawful basis for the various ways we use your personal data.
| Our use of your personal data | Our lawful basis |
|---|---|
| Creating and maintaining your account. | Performing our contract with you. Some of this information will also be required for legal reasons such as fraud prevention. |
| Processing and delivering orders to you and dealing with returns, refunds and other customer service queries. | Performance of our contract with you (we need to do this to provide our products to you).
Some of this information will also be required for legal reasons such as fraud prevention and for our legitimate interests of defending against any claims made against us. |
| Sending you details of our products, offers and events by email, SMS and/or post. | Our legitimate interests of communicating with our customers to tell you about our new products, offers, events and competitions and for the purpose of growing and expanding our business. |
| Displaying our products and offers we think will be of interest to you on our site and third party sites (including your social media accounts). | Your consent (where this involves the use of cookies, see our Cookies Policy) and our legitimate interests of marketing relevant adverts to you with a view for you to return to our website and take advantage of the products and offers that are available. |
| Creating a profile of you based on your shopping habits, purchase history, location and, if relevant, date of birth. | Our legitimate interests of ensuring that we are targeting our customers effectively which means that you do not receive news and information we don’t think that you would be interested in and so we can ensure that we are creating the best possible experience for our customers, so they keep coming back to us. |
| Dealing with your comments/questions (where these are not related to a specific order). | Our legitimate interests of ensuring we provide the best possible customer service. |
| Improving and securing our website. | Legal requirement of preventing fraud and our legitimate interests of ensuring that our website works effectively, is secure and reflects our customers’ browsing habits. |
| Administering our competitions. | Performance of our contract with you (we need to use the information to enter you into our competition and tell you if you have won). |
5. Marketing
Where you have made a purchase from our website or created an account with us, we want to make sure that you are kept up to date with all our latest products, events and offers and therefore, unless you specifically tell us you do not want to receive these messages, we will send you messages by email, SMS and/or post. You can tell us that you do not want to continue receiving these messages by “opting out” or contacting us at info@hydropeptide.co.uk
6. Sharing of Personal Data
We may share your Personal Data with any member of our group or the HydroPeptide group, which includes subsidiaries, ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. Where group members are not based in the UK, we will ensure that any transferred data is treated in a manner commensurate with UK data protection laws. In the event that we or HydroPeptide sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.
If Wigmore Medical or substantially all of its assets, or HydroPeptide and substantially all of its assets are acquired by a third party, Personal Data held by it about its customers will be one of the transferred assets.
We may also share your Personal Data with our service providers, such as IT systems, support and hosting service providers. The Website is hosted by Shopify. Please review their data policy here: https://www.shopify.com/legal/privacy.
Website payments are taken by Shopify Payments (which utilises Stripe), Apple Pay, Google Pay, Paypal and Klarna. Please review their data policies here:
https://stripe.com/gb/privacy
https://www.apple.com/uk/legal/privacy/data/en/apple-pay/
https://safety.google/intl/en_uk/pay/
https://www.paypal.com/uk/legalhub/privacy-full
https://www.klarna.com/uk/privacy/
Product feedback is managed by Stamped. Please review their data policy here:
https://stamped.io/privacy
Customer accounts are created via Shopify, please review their customer data policy here:
https://www.shopify.com/legal/privacy/app-users
We may also share this information with third parties if required to do so by law.
We do not sell, share or rent the information to third parties.
In certain circumstances we may also need to share your personal data with our professional advisors including our legal advisers, bankers, auditors, insurers and other regulators (including HM Revenue & Customs).
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to use your personal data for specified purposes and in accordance with our instructions.
The Website webserver collects information relating to your computer’s hardware and software which may be passed on to Us. This information may include your IP address, browser type and language, domain names, access times, referring website address and the content of any undeleted cookies that your browser previously accepted from us. This information may be aggregated to measure the number of visits and usage of the Website.
We, in our legitimate interest may use this information to ensure the security and integrity of our services, ensure our websites operate effectively, improve the content it offers, for systems administration, detecting usage patterns, data analysis, testing, research, statistical and survey and troubleshooting purposes. We may share this information with third parties including IT services, advisors, advertisers and investors for the purpose of conducting general business analysis and to develop and deliver targeted advertising on the Website. We may also share this information with third parties if required to do so by law.
The Website has implemented Google Analytics Demographics and Interest Reporting. Any demographic reports produced using this data will be used to determine a better understand of our website traffic. You can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings. In addition, you can use the Google Analytics Opt-Out Browser Add-on to disable tracking by Google Analytics. Please also see our Cookies Policy for further information.
7. International Transfers
Given the international nature of our business, your personal data may be transferred and accessed in a country outside of your country of residence, this will include the following:
• Your personal data may be transferred to HydroPeptide group companies based in the US, who need to access the personal data to provide support services to us;
• We use Shopify as our e-commerce platform and its servers are located in the US, Canada and Ireland. This means that certain of your personal data may be stored on servers outside the UK;
• We may use marketing agencies who store personal data outside of the UK. For example, Klaviyo stores personal data in the US;
• Our payment processor may store personal data in the US.
We ensure that all transfers of personal data outside of the UK are carried out in accordance with data protection laws, including by ensuring the relevant country is the subject of an adequacy decision or, if not, entering into an international data transfer agreement or addendum (or equivalent).
8. Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, altered, disclosed, used, or accessed in an unauthorised way. In addition, we limit access to your personal data to those employees, agents, contractors, sub-contractors and other third parties who have a business need to know such information. These parties will only process your personal data on our direct instructions and they will be bound to a duty of confidentiality and must afford the same security measures as set out in this privacy policy.
We protect your personal data in the following ways:
• We will not request information which is excessive for our purposes, as outlined above.
• We try, with your assistance, to keep any information we hold about you up to date and accurate.
• We anonymise information where we do not require personally identifiable information for the purpose for which it is used.
• We follow strict security procedures in the storage and disclosure of information that you have given to us to prevent unauthorised access.
• We have appropriate written agreements in place with those advertisers and third-party technical providers (listed above) with which we may share any information submitted by you.
• We utilise Shopify’s e-commerce platform to ensure that our online store is secure. Details of Shopify’s security measures are available here https://www.shopify.com/security.
Unfortunately, the transmission of information via the internet is not completely secure. Although we try our best to keep your personal data secure, we cannot guarantee the security of your personal data transmitted from our website; any transmission is at your own risk.
Our website may include links to third-party websites and apps. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of the websites that you visit.
9. How long will we keep your information for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, auditing or reporting requirements.
We will retain your name, email address, delivery and billing address(es), phone number, payment details and details of your purchase for up to seven years following your purchase.
We will retain your name, email address, delivery and billing address(es), phone number, date of birth, and purchase history for such time as you continue to hold an account with us and for six months afterwards (note that, if you’ve made a purchase from us, we may continue to hold certain of your personal data for a longer period, as set out above).
We will retain our correspondence with you whether ascertained through our website or any of our social media platforms for up to six years following the date of such correspondence.
We will retain details of your purchasing and browsing habits, and any technical information we collect about you, for up to twelve months following the date of collection.
Where you choose to receive our latest news, products and offers, we will keep your contact details (generally your email address, phone number and/or address) for such time as you wish to continue to receive such updates from us. Alternatively, you can choose to “opt-out” and stop receiving marketing emails by contacting us using the details provided.
10. Your legal rights
Dependent upon the circumstances, you may have certain rights in respect of your personal data under data protection laws These include:
• a right to be informed about the collection and use of the personal data we hold about you;
• a right of access to a copy of the personal data we hold about you;
• a right to object to processing that is likely to cause or is causing damage or distress to you;
• the right to object to our processing of your personal data for direct marketing purposes;
• a right to object to decisions being taken by solely automated means;
• a right in certain circumstances to have information transferred to you or a third party;
• a right in certain circumstances for the personal data we hold about you to be erased; and
• a right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed.
In some instances, our legal obligations or public duties may override your rights under data protection laws.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You can learn more about these rights here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/ If you have any further queries about this policy, or wish to find out more about your rights, please contact the Data Protection Officer at DPO@wigmoremedical.com. Should you choose to exercise any of these rights, a record will be maintained by Wigmore Medical.
You can withdraw your consent for marketing communications by using the unsubscribe link in any of our marketing communications or by sending us an email to DPO@wigmoremedical.com. Please note that withdrawing your consent will not affect the lawfulness of the processing before the withdrawal.
11. Contacting us
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to:
Email: DPO@wigmoremedical.com
Address: Wigmore Medical, 23 Wigmore Street, London W1U 1PL
12. Changes to this Policy
We may change this policy from time to time to reflect how we are processing your personal data. Any changes we make to our privacy policy in the future will be posted on this website and notified to you the first time you access our website following such change, or we will contact you directly.
Thank you for visiting our site. This Privacy Policy was updated in February 2024.
