Malibu Pharmacy Ltd Privacy Policy Statement

Our commitment to safeguarding personal information and upholding privacy is paramount. This statement, aligned with the Data Protection Act (DPA) of 2019, serves to clarify how we collect, process, utilize, and securely maintain personal data. We respect your privacy and are committed to protecting your personal information that is collected or disclosed to us. Since we want to empower you to make the best decisions about your privacy and personal data, we have made this Privacy Policy as clear and as transparent as possible to ensure that you understand your rights under the law. It is important that you read this Privacy Policy carefully and understand how we intend to use your personal data. It is important that you read this Privacy Policy in conjunction with any other related privacy policy or privacy notice we may provide on specific occasions when we collect or process personal data about you, so that you are fully aware of how and why we are using your data. This Privacy Policy supplements such other privacy policy and/or privacy notice and is not intended to override them. However, where in conflict, this privacy policy shall prevail;


1. Types of Personal Data Collected

The personal data we collect will vary according to the circumstances surrounding our relationship with you. We may collect, use, store, transfer or otherwise process various types of personal data about you or persons connected to you. We have categorized the personal data, as follows

  1. Contact Information: This includes details such as name, physical address, phone number, and email address.
  2. Identification Information: We might request government-issued identification documents like passports, driver's licenses or Identification Cards.
  3. Financial Information: Including bank account particulars
  4. Insurance Information: Details concerning current and previous medical insurance coverage, including coverage specifics, might be required.
  5. Usage Information: Data concerning interactions with our website or mobile applications may be logged for analysis.

Keep in mind that these examples are non-exhaustive, which is reflective of the varied nature of personal information we may collect. If we require information about other people connected to you, we may request you to provide such information about those people. If you provide information about another person, we expect you to ensure that they are aware of your actions and consent to the disclosure of their information to us. It might be helpful to show them this Privacy Policy and encourage them to contact us if they have any concerns.


2. What Happens If You Fail To Provide The Requested Personal Data?

If you do not provide us with the requested personal data needed to meet our obligations, we may not be able to provide you with the services you require. In some instances, we may be forced to cancel a service you currently have with us but we will notify you if this is the case at that time.


3. How We Collect Your Personal Information

We may collect or receive your personal data in a number of different ways; where you provide the personal data directly to us, for example

  1. When you correspond with us by phone or email
  2. When you make an application or use any of our services or from third parties on our electronic and digital platforms
  3. When you ask us for more information about a service or contact us with a query or a complaint
  4. When you visit, access or use any of our online platforms
  5. When you enter into a contract with us
  6. When you visit or access our premises
  7. Where you have applied for employment at Malibu
  8. Where you have been identified as a next of kin by our member or employee

We may also collect your personal information from other sources i.e. organizations such as government agencies and business directories under the following circumstances.

  1. When we require your personal information in order to fulfill a statutory or contractual requirement, where such information is necessary to enter into a contract or is otherwise an obligation.
  2. Where we receive the personal data from our employee or service providers.
  3. From third parties, such as people who work on our behalf, whether as a paid consultant.
  4. From publicly available sources including but not limited to internet search engines, public records and registers, and social media accounts (e.g. Facebook, LinkedIn, and Twitter).

Generally, you have no obligation to provide us with your personal data, but if you do not provide us with the information we need, we may be unable to assist and provide you with any services you may require. We shall minimize the amount of information we collect from you, to only that which is needed to perform the relevant function or service at the time.

4. How We Use Your Personal Information

This privacy policy aims to give you a complete and transparent information on how we process your personal data. We are committed to ensuring that your personal data is processed in a way that is compatible with the specified, explicit and legitimate purpose of collection. We process your personal data in accordance with the Data Protection Act.

Where the personal data relates to a child, we will process the data only where parental or legal guardian consent has been given. The processing of such data will be done in a manner that protects and advances the rights and best interests of the child.

We will only process your personal data under the following circumstances.

  1. Provision of Medical Prescription Services: This involves processing of medical prescriptions and issuance of medical advice.
  2. Claims Processing: Data is utilized to evaluate and process payments from medical insurance provider.
  3. Customer Support: We employ information to deliver assistance and support concerning medical prescriptions.
  4. Marketing: Information regarding our latest pharmaceutical products may be shared with you, subject to explicit consent.
  5. Compliance: Data is used to ensure adherence to legal and regulatory obligations.

Please note that we will use your personal data solely for the purposes for which it was acquired, unless we need to use it for another purpose and that purpose is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will seek fresh consent from you.


5. Data Sharing

Personal data may be disclosed to third parties such as insurances, service providers, and regulatory bodies, as mandated by law. We shall assess and review each request for information and may decline to share your personal data with the requesting party. In all the cases cited above, we require all parties we share your personal data with to respect the security of your personal data and treat it in accordance with the law. Please note that we do not allow our external service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.


6. International Data Transfers

Your data is primarily stored in our data center located within Kenya. Where we transfer your personal data outside Kenya, we ensure an appropriate level of protection by the recipient of the data, in addition those countries must have in place comprehensive data protection laws. We also take the following adequate steps to protect your privacy rights and your personal data. These steps include:

  1. Obtaining your consent for the transfer of your personal data outside Kenya;
  2. Entering into a written contract with the recipient to ensure that your rights are safeguarded.

7. You Legal Rights

Subject to legal and contractual exceptions, you have rights under data protection laws in relation to your personal data. You have the right;

  1. To be informed when we are collecting your personal data and the purpose for which we are collecting your personal data

    You have the right to be informed about the collection and use of your personal data. This entails us providing you with information regarding the nature, scope, purpose of processing, the retention period and the person we will share your personal data with.

  2. To request access to your personal data that we have on record

    You are entitled to a confirmation whether we are processing your personal data and to obtain information on and a copy of the personal data.

  3. To object to and withdraw your consent to processing of your personal data

    This right entitles you to request us to stop processing your personal data. The withdrawal of your consent shall not affect the lawfulness of the processing based on prior consent before its withdrawal. We may also continue to process your personal data if we have legitimate or legal reasons to do so. You can object to how we process your personal data or you can restrict how your personal data is processed in certain cases, such as when the accuracy of your personal data is contested and you require us to verify the accuracy of the personal data.

  4. Request for your personal data to be transferred to another data controller or data processor: This right entitles you to receive your personal data that you have provided to us in a machine-readable format. You can also request us to transmit the data to another data controller in an electronic format. Please note that where we provide information to another data controller or data processor in response to your request, we will not be responsible for any subsequent processing carried out by the receiving data controller or data processor. We will however be responsible for the transmission of the data and we will take appropriate measures to ensure that it is transmitted securely and to the right destination.
  5. Request that we amend any false or misleading data we hold about you

    If you believe the personal data we hold about you is false, inaccurate, misleading, or incomplete, you can request us to amend it.

  6. Request that we delete your personal data

    This right entitles you to request the erasure of your personal data that we have on our records. Please note that this right will be balanced against other factors such as our legal and regulatory obligations, which may mean that we cannot comply with your request.

  7. Restrict the processing of your personal data

    This right entitles you to request that we only process personal data in limited circumstances, including with your consent.

  8. You have the right to lodge a complaint with the Office of the Data Protection Commissioner

To exercise these rights, kindly contact our Data Protection Officer via the email address: dpo@malibupharmacy.co.ke

In exercising your rights as listed above, we may request specific information from you to help us confirm your identity. This is a security measure we implement to ensure that your personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Kindly note that you will not be required to pay a fee to exercise any of your rights. However, we reserve the right to impose a reasonable fee where your request is clearly unfounded or excessive and where we are permitted to do so by the Data Protection Act. Alternatively, under specific circumstances which we shall convey to you, we may refuse to comply with the request.

We will respond to your request without undue delay and no later than the 7 days from the date of receiving the request.

8. Data Security & Integrity

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way. We store your personal data on secure computer servers with limited access and when we transmit your personal data, we protect it using encryption. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties that require it for legitimate purposes. They only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and we will notify you and the data protection regulator of a breach where we are legally required to do so.

9. The Retention And Storage Of Your Personal Data

We will only retain your personal data for as long as may be reasonably necessary to fulfil the purpose for which it was collected, including to comply with any legal, regulatory, tax, accounting or reporting information requirements.

10. Contact Us And Further Information

If you have any queries, questions or concerns at all in relation to your personal data and how we protect your data rights, please contact us at: Our email address for data protection queries is dpo@malibupharmacy.co.ke

It is important that you check this Privacy Policy frequently for updates, as we may make changes from time to time. The “Date last updated” section at the bottom of this page indicates when this Privacy Policy was last updated and any changes take effect upon our publishing of the revised Privacy Policy.

We will, however, notify you if these changes are material and, where required by applicable law, we will obtain your consent. We will notify you of these changes by email or by posting a notice of the changes on our website.


Date Last Updated: 30th September, 2024

Menu
Sidebar
Cart
Socials
Socials ×

Sample Product (feature coming soon)

KES1985.00 KES1995.00

Product description. Fast action.

add to cart
Categories:
Tags:
Brand:
SKU: N/A
Share:
    • -->