PRIVACY POLICY
INTRODUCTION
PAAR London Ltd respects your privacy and is committed to protecting your personal data. This privacy policy informs you about how we collect, use, and protect your personal data when you visit our website (www.paar.london), use our applications, web forms, or services, and your privacy rights. This policy is effective as of [Insert Date].
We take your privacy seriously and have updated this policy to comply with international standards, including the General Data Protection Regulation (GDPR) in the EU/UK and the California Consumer Privacy Act (CCPA) in the U.S.
1. IMPORTANT INFORMATION AND WHO WE ARE
CONTROLLER
PAAR London Ltd, a company registered in England and Wales with company number 11423758, is the controller responsible for your personal data (referred to as “we,” “us,” or “our” in this policy).
CONTACT DETAILS
If you have any questions about this privacy policy or your privacy rights, please contact us by email at info@paar.london or by writing to:
239-241 Kennington Lane, London, SE11 5QU, United Kingdom
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK data protection regulator (www.ico.org.uk). For U.S. residents, please refer to your local data protection authorities (e.g., under CCPA in California). However, we would appreciate the opportunity to address your concerns before you contact these authorities, so please reach out to us directly first.
2. THE DATA WE COLLECT ABOUT YOU
We collect various types of personal data, which we group as follows:
2.1. Categories of Personal Data
Identity Data: Name, username, date of birth, gender, and similar identifiers.
Contact Data: Address, email address, phone numbers.
Payment Data: Payment information (e.g., credit card details). Payment data is processed securely by third-party payment processors.
Technical Data: Internet Protocol (IP) address, browser type, time zone, device information, website interaction data.
Profile Data: Username, password, purchase history, preferences, and feedback.
Usage Data: Information about how you interact with our website and services.
Marketing and Communications Data: Preferences regarding receiving marketing communications from us and third parties.
2.2 Special Categories of Personal Data (Medical Data)
We may collect the following sensitive personal data when relevant to our services:
Medical Data: Information about your health, including self-reported health information and test results (e.g., if we provide services related to health or medical diagnostics). We will always obtain explicit consent to collect and process health data.
3. HOW WE COLLECT YOUR PERSONAL DATA
We collect personal data through the following methods:
Direct Interactions: You provide data by filling out forms, subscribing to our services, or communicating with us.
Automated Technologies: As you interact with our website, we collect technical data through cookies and similar technologies. See our Cookies Policy for more details.
Third-Party Sources: We may receive data from third parties, such as analytics providers (e.g., Google Analytics) or marketing services (e.g., Meta).
4. HOW WE USE YOUR PERSONAL DATA
We will only use your personal data when the law allows it. The most common situations include:
Performance of a contract: We process your data to provide the services you’ve requested.
Compliance with legal obligations: We process data as required by applicable laws and regulations.
Legitimate interests: We process data to improve services, conduct analytics, or market our services, provided that your rights and freedoms do not override these interests.
Explicit consent: We obtain your consent for activities like direct marketing or processing sensitive medical data.
4.1 Purposes for Using Sensitive Data
We process medical data (e.g., health information) strictly for the purpose of providing our services, improving the accuracy of our recommendations, or conducting anonymized research.
All sensitive data will be anonymized when shared with third-party research partners, and explicit consent will be obtained for such processing.
5. DATA SHARING AND DISCLOSURES
We may share your personal data with third parties, including:
Service providers: Third-party vendors (e.g., payment processors, and analytics providers) help us operate our services.
Medical partners: For health-related services, we may share data with partner laboratories or medical professionals, but only with your explicit consent.
Affiliates: Companies within the PAAR London Ltd group for business and administrative purposes.
Legal authorities: When required by law, we share data with regulators or authorities.
Anonymization for Research:
If we use your data for research purposes, it will be anonymized to protect your identity. This applies to all partnerships with research entities, including academic institutions or medical research organizations.
6. INTERNATIONAL DATA TRANSFERS
We operate globally, and your data may be transferred outside the UK, EU, or EEA, including to countries that may not have the same data protection laws. When this happens, we ensure your data is protected by implementing appropriate safeguards, such as:
Standard contractual clauses approved by the UK/EU.
Risk assessments to ensure the destination country offers adequate protection.
7. DATA RETENTION
We retain your personal data only as long as necessary to fulfil the purposes we collected it for, including:
Customer Information: Retained for 6 years after your last transaction or subscription ends for legal and business continuity reasons.
Medical Data: Retained for the duration of your account unless specific regulations (e.g., HIPAA, GDPR) require longer retention.
Technical and Usage Data: Typically retained for 90 days unless used for ongoing investigations or system improvements.
8. COOKIES AND TRACKING TECHNOLOGIES
Our website uses cookies and similar tracking tools to improve your experience. For example:
Cookies: Used to recognize repeat visitors and store preferences.
Tracking Tools: We use Meta (Facebook) Pixel and other tools to tailor ads and content based on your interactions.
You can manage your cookie preferences through your browser settings. For more information, see our Cookies Policy.
9. USER RIGHTS UNDER GDPR AND CCPA
Depending on your location, you may have the following rights regarding your personal data:
Access: Request a copy of your personal data.
Correction: Request the correction of incomplete or inaccurate data.
Erasure: Request the deletion of your data where appropriate.
Restriction: Request limits on how your data is processed.
Portability: Request the transfer of your data to another entity.
Withdrawal of consent: Withdraw your consent for data processing at any time.
California residents: Under CCPA, you have additional rights such as opting out of data sales (if applicable).
To exercise your rights, please contact us at info@paar.london or visit our Data Access Request Portal.
10. CHILDREN'S DATA
We do not knowingly collect or process personal data from children under 18. If we learn that we have inadvertently collected data from a minor, we will delete it immediately. Please contact info@paar.london if you believe a minor has provided us with personal data.
11. DATA SECURITY
We take the security of your data seriously. We implement appropriate measures to protect your data from unauthorized access, including encryption and restricted access protocols. In the event of a data breach, we will notify affected users and regulators as required by law.
12. CHANGES TO THIS PRIVACY POLICY
We may update this privacy policy periodically. Any changes will be posted on this page, and you will be notified via email if material changes are made. This policy was last updated on [Insert Date].
13. HOW TO CONTACT US
For any questions or concerns about this policy or to exercise your privacy rights, please contact:
Email: info@paar.london
Address: 239-241 Kennington Lane, London, SE11 5QU, United Kingdom