BHR Pharmaceuticals Ltd and its worldwide subsidiaries are committed to protecting your privacy. This Privacy Notice (“Notice”), (“Pharmaceuticals”, “us”, “we”, “our”) explains our privacy practices and provides information on how and why we collect, use and share your personal data through our interaction with you and through our products and services and, when you visit our international websites, available at www.bhr.co.uk, www.cefaly.co.uk and its sub-domains (“Website“), our desktop, IP desk phone, or use our unified cloud communications and collaboration platform (“Services“). The policy also describes your choices regarding use, access, deletion and correction of your personal information.
BHR Pharmaceuticals Privacy Notice applies to Customers (including Customer’s End Users) and Users (all other individuals who use the BHR Pharmaceuticals products or website) provide directly to us when they use our Website, or Services.
We recommend that you read this Notice in full to ensure you are fully informed. However, if you only want to access a particular section of this Notice, then you can click on the relevant link below to jump to that section.
- Information we collect
- Information we use
- Sharing and disclosure of information to third parties
- Your privacy rights
- Third-party sites
- Blogs and forums
- Data retention
- Changes to notice
- Contact us
Information which you provide to us
We collect information which you provide directly to us when you use our Website or Services. The types of personal information we may collect directly from you include email addresses, postal addresses, phone numbers, employee names, usernames, information about the type of service required, marketing preferences, job titles, credit card payment information, transactional information (including Services purchased), as well as any communications, inquiries, contact or other information you choose to provide during your use of the Services.
When you provide personal information, we will only use this information for the specific reason for which it is provided. If you believe that one of your contacts has provided us with your personal information and you would like to request that it be removed from our database, please contact us at firstname.lastname@example.org
Information we collect automatically when you visit our Website or use our Services
When you visit our Website, or Services, we may collect certain information automatically from your device. In some countries, including in the European Economic Area, this information may be considered personal data under applicable data protection laws:
Usage information – We keep track of your activity in relation to the Website or Services, the configuration of their computers, and performance metrics related to their use of the Website, Apps or Services. For example, when you use our Services, we may collect:
1. Traffic data about the communications that take place through our platform (such as calls, team chat, video conferencing, SMS,) to enable us to transmit those communications effectively and efficiently;
2. Network Monitoring data to enable us to maintain the security and agility of our internal networks;
3. Log data about you when they use the Services, Website or Apps including Internet Protocol (“IP“) address, Internet Service Provider (“ISP“), browser type, referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyse trends in the aggregate and administer the site;
4. Device data about any device including mobile phone number and other information related to mobile devices like operating system and model if you use our Services via our Apps. For other devices information collected by cookies and other similar technologies. We use various technologies to collect information which may include saving cookies to your computers;
5. Call Detail Records of data record produced by a telephone call or other telecommunications transactions. The record contains various attributes of the call, such as time, duration, completion status, source number and destination number;
6. Meta data, which is data created about other data which can include size, formatting, other characteristics of a data item;
7. Emails/Communications with us; and
8. Billing data, which includes any payment data.
Cookies and other similar technologies – We use various technologies to collect information which may include cookies when you visit our Website, or Services.
Information we collect from third parties
We may collect the names, email addresses, postal addresses and city of residence of individuals from third parties to market our products / services to these individuals. This collection of information and marketing is always carried out in compliance with applicable law.
We may receive personal information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you, in accordance with applicable laws. This helps us to update, expand and analyse our records, identify new customers, and provide products and services that may be of interest to you.
We may collect personal information about you from other applications you may use if you choose to integrate BHR Pharmaceuticals Services.
We may use the information we collect from you for a range of purposes, including to:
- Administer, operate, protect and maintain the Website or Services;
- Process and complete transactions, and send related information, including transaction confirmations and invoices;
- Manage and improve your use of the Website or Services;
- Prepare and provide you testimonials regarding the Website or Services;
- To help deliver our Website or Services to Customers for service and support;
- Investigate and prevent fraudulent activities, unauthorised access to the Website, or Services, and other illegal activities;
- To help personalise your experience and retarget you for advertising purposes;
- For any other purposes about which we notify and receive your consent from you;
- Respond to inquiries and requests and to provide you with information and access to resources that you have requested;
- Analyse and aggregate your use of the Website or Services for trend monitoring, marketing advertising purposes; and
- Send you technical alerts, updates, security notifications, and administrative communications.
We and our third-party marketing service providers may also use the information Customers send to us for our marketing purposes, if this is in accordance with your marketing preferences and applicable law. However, you may opt out of our marketing. For further information, see the “Unsubscribe from Our Mailing List” section below.
Legal basis for processing personal information (EEA only)
If you are from the European Economic Area (EEA), our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect the personal information in question.
If we ask you to provide personal information to comply with a legal requirement or enter into a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
Similarly, if we collect and use your personal information in reliance on our or a third party’s legitimate interests and those interests are not already listed above (see “Information We Use” section), we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact Us” section below.
We may share and disclose your information we collect with the following third parties:
Business partners, contractors, vendors, and authorised third-party agents, to:
- Operate, deliver, improve and customise our Services
- Provide support and technical services;
- Send marketing and other communications related to business;
- Enforce our acceptable use policy;
- Law enforcement agencies, regulatory or governmental bodies, or other third parties in order to respond to legal process, comply with any legal obligation; protect or defend our rights, interests or property or that of third parties; prevent or investigate wrongdoing in connection with the Website or Services;
- Any third parties in connection with prospective or actual, sale, merger, acquisition, financing or reorganisation of our business.
Update and access to your information
Where we process personal information collected via our Website or Services for our own account management, billing or marketing purposes and where required by applicable law, we provide individuals with the opportunity to access, review, modify, and delete any such personal information that we process.
Your Privacy Rights as an EEA Person
In addition, if you are from the EEA, you may have broader rights to access and delete your personal information, to object to or restrict processing of your personal information, or request portability of your personal information.
To make such requests, you can send an email to email@example.com or write to us at the mailing address in the “Contact Us” section below. We will consider and handle all requests in accordance with applicable laws.
If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You also have the right to complain to your local data protection authority at any time.
(1) information identifying each third-party company to whom we may have disclosed, within the past year, personal information pertaining to you for our direct marketing purposes; and
(2) a description of the categories of personal information disclosed.
Unsubscribe from our mailing list
You may at any time ask us to remove you from our mailing list by sending us an email at firstname.lastname@example.org or by clicking “Unsubscribe” in any email communications or push notification we send you. We will remove you from our mailing list in accordance with applicable laws.
To request that your phone number be removed from future sales calls, please email email@example.com
This Notice does not apply to, nor are we responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Website links including but not limited to social media sites. The inclusion of a link on the Website does not imply our endorsement of the linked site or service.
Our Website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas is public and may be read, collected, and used by others who access them and may remain on the public forum indefinitely. To request removal of your personal information from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. We encourage all Users to exercise caution when providing personal information in blogs and community forums.
Keeping your information secure is important to us. We maintain a variety of appropriate technical and organisational safeguards to protect your personal information both during transmission and once it is received. BHR Pharmaceuticals Ltd has no control over or responsibility for the security or privacy policies or practices of other sites on the Internet you might visit, interact with, or from which you might buy products or Services, even if you visit them using links from our Website.
Please note that no website or service is completely secure and so, while we endeavour to protect our Customers’ information using the measures described above, we cannot guarantee that unauthorised access, hacking, data loss or a data breach will not occur.
We will retain your personal information for no longer than is necessary to fulfil the purposes for which the information was originally collected unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons, or other legitimate and lawful business purposes.
Where we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it.
Requested functionality cookies (exempt)
Captures the product SKU, name, price and quantity removed from the cart, and makes the information available for future integration by third-party scripts.
Stores the Order ID that guest shoppers use to retrieve their order status. Guest orders view. Used in Orders and Returns widgets.
Preserves the destination page that was loading before the customer was directed to log in.
Stores banner content locally to improve performance.
Tracks error messages and other notifications that are shown to the user, such as the cookie consent message, and various error messages. The message is deleted from the cookie after it is shown to the shopper.
Stores translated content when requested by the shopper. Used when Translation Strategy is configured as “Dictionary.
Tracks the version of translations in local storage.
Stores configuration for product data related to Recently Viewed / Compared Products.
Stores product IDs of recently compared products.
Stores product IDs of previously compared products for easy navigation.
recently_viewed_product (local storage)
Stores product IDs of recently viewed products for easy navigation.
Stores product IDs of recently previously viewed products for easy navigation
Used by Google Tag Manager. Captures the product SKU, name, price, and quantity added to the cart, and makes the information available for future integration by third-party scripts.
Records the time messages are sent by the SendFriend (Email a Friend) module.
Configuration setting that improves performance when using Varnish static content caching.
A security measure that appends a random string to all form submissions to protect the data from Cross-Site Request Forgery (CSRF).
The value of this cookie triggers the cleanup of local cache storage.
Local storage of visitor-specific content that enables ecommerce functions.
Local storage of visitor-specific content that enables ecommerce functions.
Forces local storage of specific content sections that should be invalidated.
Stores the key (ID) of persistent cart to make it possible to restore the cart for an anonymous shopper.
Appends a random, unique number and time to pages with customer content to prevent them from being cached on the server.
Stores customer-specific information related to shopper-initiated actions, such as wish list display and checkout information.
Tracks the specific store view / locale selected by the shopper.
Local storage for Banner functionality.
Google Analytics cookies – exempt
- _ga: Distinguishes visitors to your site.
- _gid: Distinguishes visitors to your site.
- gat: Used to throttle request rate.
- dc_gtm_<property-id>: Throttles request rate when Google Analytics is deployed with Google Tag Manager.
- AMP_TOKEN: Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values include opt-out, inflight request, or an error retrieving a Client ID from AMP Client ID service.
- _gac_<property-id>: Contains campaign-related information for the user. Google AdWords conversion tags read this cookie if Google Analytics is linked to your AdWords account.
Google Analytics cookies – non-exempt
- __utmt: Used to throttle request rate.
- __utmv: Stores visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor-level custom variable. This cookie is updated every time data is sent to Google Analytics.
If we change our Notice, we will post those changes on this page in addition to updating the “Last Updated” date at the top of this webpage. If we make changes, we will notify you more directly, for example by posting a notification or message on the Website or by emailing you prior to such changes taking effect. We encourage you to review this Notice regularly to stay informed of the latest modifications.
If you have any questions, comments or concerns about this Notice, please email us at email@example.com Or, you can write to us at:
BHR Pharmaceuticals Limited
41 Centenary Business Centre