Privacy Policy
Effective Date: [Insert Date]
At [Your Store Name], we prioritize protecting your personal and health-related data. This Privacy Policy explains how we collect, process, and safeguard your information in compliance with the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA).
1. Data Controller
The controller of your personal data is:
Dr. Adem German Health Products GmbH
Hofweg 31-22085 Hamburg, Germany
Managing Director: Magdalena Kulka
Registered Office: Hamburg
HRB 1234 Hamburg - VAT ID DE123456789
info@dummy.com
2. Types of Data Collected
We collect the following categories of information:
Personal Information:
- Name, address, email, and phone number.
- Payment details (e.g., credit card information).
Health Information (Specific to Cancer Patients):
- Diagnosis-related information provided for tailored product recommendations or services (e.g., post-surgical care items, nutritional supplements).
Technical Data:
- IP address, browser type, and activity on our website.
3. Purpose of Data CollectionWe collect and process your data for the following reasons:
- Fulfilling your orders (e.g., medical-grade products, services).
- Providing tailored customer support based on your health-related needs.
- Offering relevant advice and product suggestions for cancer care (with explicit consent).
- Complying with legal and regulatory requirements under GDPR and HIPAA.
4. Legal Basis for Processing
Your data is processed under:
- GDPR (Article 6): Your explicit consent, contractual necessity, legal compliance, or legitimate interest.
-
HIPAA: Written authorization for processing Protected Health Information (PHI) when required.
5. Data Sharing
We share your data only with trusted third parties:
- Delivery partners (e.g., DHL, FedEx) for shipping orders.
- Payment processors (e.g., Shopify Payments) for secure transactions.
- Medical professionals or partners (with your consent) for specialized care products.
All partners comply with GDPR and HIPAA regulations and follow strict confidentiality protocols.
6. Data Security
We use industry-standard security measures, including:
- End-to-end encryption for sensitive data transmission.
- Role-based access control to limit PHI access.
- Regular audits to maintain HIPAA compliance.
7. Retention Period
We retain your data for as long as necessary to:
- Provide ongoing services.
- Meet legal or regulatory obligations.
Health-related data is securely deleted upon request or after the retention period mandated by law.
8. Your Rights (Under GDPR)
You have the following rights concerning your data:
- Access: Request copies of your personal and health-related data.
- Rectification: Correct inaccurate or incomplete information.
- Erasure: Request deletion of data no longer necessary for the stated purposes.
- Restriction: Limit processing of your data.
- Data Portability: Transfer your data to another service provider.
- Objection: Object to certain data uses (e.g., marketing).
Contact us at [Your Email Address] to exercise these rights.
9. Cookies and Analytics
We use cookies to enhance your shopping experience. You can disable cookies via your browser settings.
10. HIPAA Compliance for Cancer Patient Data
For health-related data specific to cancer patients, we:
- Collect only the minimum necessary data for providing services or products.
- Securely store PHI with advanced encryption protocols.
- Notify you immediately in the event of a data breach involving your health information.
11. Changes to This Policy
We may revise this Privacy Policy periodically. Updates will be posted on this page, and significant changes will be communicated directly to you.
12. Contact Information
For questions or concerns about this Privacy Policy, contact us at:
- Email: info@dummy.com