PharmaInsight
  1. Home
  2. GDPR Notice

GDPR Notice

Kevin Richter Aug, 30 2024

Scope and Controller

This General Data Protection Regulation (GDPR) notice explains how PharmaInsight (brandmedicines.su) processes personal data in the United States of America and provides disclosures required under EU/UK data protection law and applicable U.S. state privacy laws. PharmaInsight provides information on pharmaceuticals, medications, diseases, and supplements.

Controller: Lachlan Barlow, 614 S Main St, Smith Center, KS 66967, United States of America. Email: [email protected].

Effective date: [insert date].

Categories of Personal Data We Process

Data You Provide

  • Contact details (e.g., name, email address).
  • Account credentials and profile information, if you create an account.
  • User-generated content such as reviews, questions, or messages.
  • Health-related information you voluntarily submit (e.g., topics of interest about medications or conditions).

Data Collected Automatically

  • Device and browsing data (IP address, device identifiers, browser type, operating system, language, referring URLs, pages viewed, time and date, interactions, approximate location).
  • Cookies and similar technologies (pixels, SDKs, local storage) used for essential functionality, analytics, personalization, and, where permitted, advertising.

Data from Third Parties

  • Analytics and measurement partners (aggregated statistics, audience insights).
  • Advertising and attribution partners (campaign performance, referral data), where permitted by law and consented where required.

Purposes and Legal Bases for Processing (GDPR)

  • Provide and operate the site and services (legal bases: contract performance; legitimate interests to run an informational website).
  • Respond to inquiries and provide customer support (legal bases: contract performance; legitimate interests to respond to users).
  • Analytics and service improvement (legal bases: legitimate interests to understand usage and improve services; consent where required for non-essential cookies).
  • Personalization and content recommendations (legal bases: legitimate interests; consent where required).
  • Marketing and advertising, including interest-based advertising (legal basis: consent where required by law).
  • Security, fraud prevention, and integrity of the service (legal bases: legitimate interests; legal obligation where applicable).
  • Compliance with legal obligations and exercise or defense of legal claims (legal basis: legal obligation; legitimate interests).

Processing of Health-Related Information

PharmaInsight is not a medical provider and is not a HIPAA-covered entity or business associate. Any health-related information you submit is processed only as necessary to provide requested features (e.g., saving preferences) and, where required, based on your explicit consent. You may withdraw your consent at any time without affecting the lawfulness of processing before withdrawal.

We encourage you not to share unnecessary health-related or other sensitive information. Where feasible, we de-identify or aggregate health-related data for analytics and research-like purposes.

Cookies and Similar Technologies

We use cookies and similar technologies to:

  • Enable core functionality and security (strictly necessary cookies).
  • Measure site performance and usage (analytics cookies).
  • Personalize content (functional cookies).
  • Deliver and measure advertising where permitted (advertising cookies; used only with required consent).

You can manage cookie preferences through your browser settings and, where provided, our on-site controls. Where applicable, we honor valid browser-based opt-out signals such as Global Privacy Control (GPC) for sale/share opt-outs.

Sharing and Disclosure

  • Service providers processing data on our behalf (hosting, security, analytics, customer support, email delivery).
  • Advertising and measurement partners, only where permitted by law and subject to your consent where required.
  • Affiliates and corporate transactions (merger, acquisition, asset sale), subject to appropriate safeguards.
  • Legal and safety: to comply with law, enforce terms, or protect rights, safety, and security.

We do not sell personal information for money. We may share identifiers and internet activity with advertising or analytics partners, which may be considered a "sale" or "sharing" under certain U.S. state laws; you may opt out as described in the U.S. Rights section.

International Data Transfers

If you are in the EEA, Switzerland, or the UK, your personal data may be transferred to the United States or other countries that may not provide the same level of data protection. Where required, we use appropriate safeguards such as the European Commission’s Standard Contractual Clauses and comparable UK addenda, along with supplementary measures as appropriate.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this notice, including to meet legal, accounting, or reporting requirements, and then either delete or irreversibly de-identify it. Typical retention periods are:

  • Account information: for the life of the account and a reasonable period thereafter.
  • Support communications: up to 3 years from last interaction, unless legal requirements dictate longer.
  • Analytics data: typically 25 months in aggregated or de-identified form where feasible.
  • Cookie identifiers: according to their respective lifetimes and your preferences.

Security

We implement administrative, technical, and physical safeguards designed to protect personal data against accidental or unlawful destruction, loss, alteration, disclosure, or access. No method of transmission or storage is fully secure, and we cannot guarantee absolute security.

Your Rights

EU/UK GDPR Rights

If you are in the EEA, Switzerland, or the UK, you may have the right to:

  • Access your personal data and obtain a copy.
  • Request rectification of inaccurate or incomplete data.
  • Request erasure (right to be forgotten) in applicable circumstances.
  • Request restriction of processing.
  • Object to processing based on legitimate interests, including profiling.
  • Data portability, where technically feasible.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with a supervisory authority in your country of residence or workplace.

U.S. State Privacy Rights (including California)

Depending on your state of residence, you may have rights to:

  • Know/access the categories and specific pieces of personal information collected, used, disclosed, sold, or shared.
  • Request deletion of personal information, subject to exceptions.
  • Request correction of inaccurate personal information.
  • Opt out of the sale or sharing of personal information for cross-context behavioral advertising.
  • Limit the use and disclosure of sensitive personal information, where applicable.
  • Non-discrimination for exercising your privacy rights.

How to exercise: Email us at [email protected]. We will verify your request using information we already hold or additional information you provide. You may use an authorized agent, subject to verification and, where required, your written permission. We honor recognized opt-out preference signals such as GPC for sale/share where applicable.

Automated Decision-Making and Profiling

We may use limited profiling for personalization and analytics. We do not engage in solely automated decision-making that produces legal or similarly significant effects about you.

Children's Privacy

Our services are intended for individuals 13 years and older. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, contact us to request deletion. We do not knowingly sell or share the personal information of consumers under 16 years of age.

Data Controller and Contact Information

Controller: Lachlan Barlow, PharmaInsight (brandmedicines.su). Postal address: 614 S Main St, Smith Center, KS 66967, United States of America. Email: [email protected].

Exercising Rights and Response Times

To exercise your rights or submit a privacy request, contact us at the email above. For GDPR requests, we will respond within one month (extendable by two months where necessary, with notice). For U.S. state law requests, we will respond within 45 days (extendable where permitted, with notice). We may request additional information to verify your identity.

Notice at Collection for California Residents

Categories collected: identifiers (e.g., IP address, email), internet or similar activity, geolocation (approximate), device information, inferences from usage, and any health-related information you voluntarily provide. Purposes: to operate the site, provide content and support, perform analytics, personalize experiences, and, where permitted, for advertising. Retention: as described in the Data Retention section. Sale/share: we do not sell personal information for money; we may share identifiers and internet activity with advertising or analytics partners, which may be considered a sale/share under California law—you may opt out as described above.

Changes to This Notice

We may update this notice from time to time. Material changes will be indicated by updating the effective date and, where appropriate, by providing additional notice. Your continued use of the services after changes take effect indicates your acknowledgment of the updated notice.

Categories

Archives

Tag Cloud

online pharmacy health benefits dietary supplement antibiotics health treatment side effects type 2 diabetes blood sugar diabetes medication Squill history ancient medicine herbal supplement modern health Vietnamese coriander diet improvement herb benefits atorvastatin osteoporosis medication side effects