1. WELCOME TO MAN BEHIND THE MIRROR
    • The Man Behind the Mirror Limited (“we”, “our” or “us”) operates an e-commerce platform (manbehindthemirror.co.uk) (the “Website”) which allows individuals (“you”) to view and purchase prescription and non-prescription products, treatments and medicines (collectively, the “Treatments”) (together, the “Service”).
    • The Man Behind the Mirror Limited is a limited company incorporated and registered in England and Wales under company number 12067029. Our registered office address is 60 Finborough Road, London, England, SW10 9EE.
    • You can contact us using the following email address: help@manbehindthemirror.co.uk
  2. PRIVACY POLICY
    • This privacy and cookie policy (collectively, the “Privacy Policy”) details the basis on which the personal data you provide directly or indirectly to us is collected, processed and maintained by us.
    • For the purpose of the Data Protection Act 2018 (the “Act”) the data controller is The Man Behind The Mirror Limited. We are therefore responsible for ensuring our systems, processes, agents, suppliers and staff comply with data protection laws that are applicable to the information we collect, process and maintain.
    • The Act states we only have the right to use your personal information where we can identify a lawful basis for doing so. By using the Website and the Service you acknowledge and agree to the Privacy Policy. Your consent to the Privacy Policy is our primary lawful basis.
    • In this Privacy Policy your “data” means information or pieces of information relating to you or that could allow you to be directly or indirectly identified.
    • Any future changes made to the Privacy Policy will be posted on this page and we will notify you of the changes if we deem it to be appropriate.
  3. INFORMATION WE MAY COLLECT FROM YOU
    • There are several sources from which we may collect data about you, either directly or indirectly, actively or automatically, through you or via third parties.
      • Voluntarily: You will need to provide information when registering with us and establishing an Account in order to place an order on the Website. You will also need to provide information voluntarily if you complete any of our online consultations in order to purchase prescription Treatment.
      • Communication between us: This includes the data exchanged through correspondence via email or via phone and could include other sources such as surveys for market research or other purposes.
      • Order history and transaction details: This includes the data exchanged through orders you have previously placed and the details required to process those orders such as your delivery address and card details.
      • Automatic: This includes data from the device you are using to access the Website including, but not limited to, the type of device used, the unique device identifier, network information, your operating system, your IP address, your login information, the browser you are using and your time zone setting.
      • Third parties: Man Behind The Mirror collaborates with third-parties who may provide us with data about you or that could be used to identify you (such as the Partner Pharmacy, Partner Clinicians, payment and delivery services, identity verification providers).
    • In addition to the segmentation above, data held by us may be classified as identity data, system data or special category data. Special category data captures confidential health information such as that which must be provided in order to complete the digital consultations required to purchase prescription Treatment. We must comply with additional data protection requirements if we are to process special category data. This includes seeking your explicit prior consent in order to do so.
  4. USE OF YOUR PERSONAL DATA
    • In order to provide the Service, we use the data that we collect from you to register you as a user and process your order.
    • In order to fulfil your order, we also need to transfer your data to other data controllers, specifically the Partner Pharmacy and Partner Clinicians.
      • The Partner Pharmacy will use the data supplied to it to process your order and sell, supply, dispense and post Treatment to you and to manage its relationship with you (for example by dealing with queries or questions you may raise)
      • The Partner Clinicians are individuals registered in the United Kingdom with the General Medical Council. They will review your answers to the digital consultation as well as your responses to any follow-up questions to determine the suitability of the respective prescription Treatment for you.
    • We may also use your data to;
      • Manage our relationship with you (for example by notifying you about changes to our terms or asking for feedback on our service)
      • To facilitate the delivery of your order. For example, we use third party delivery companies to deliver the Treatment you have ordered to you.
      • Comply with any legal obligation or in order to enforce or apply our Terms & Conditions and other agreements.
      • To protect the rights of Man Behind The Mirror.
      • In order to detect, prevent or address fraud, security or technical issues.
    • We ensure that any data we disclose in accordance with our Privacy Policy is kept to the minimum required to allow the safe and effective delivery of services to you. For the avoidance of doubt, we will never share your data with non-GDPR compliant third parties unless we have your explicit pre-approval.
  5. STORAGE OF DATA
    • Our policy is to retain your data only for as long as necessary to fulfil the purpose for which we collected it. This includes fulfilment of the order that you have placed with us (which requires the completion of a digital consultation for prescription Treatment) as well as for other reasons such as satisfying legal, accounting or reporting requirements.
    • To determine the appropriate retention period for your data we consider a multitude of factors including its nature and sensitivity of the information and the potential risk from the unauthorised use or disclosure of your information. We will strive to avoid taking, processing and maintaining confidential information if satisfactory alternatives are available.
    • We believe that we have appropriate policies, rules and technical measures to protect the data that we hold from unauthorised access, improper use or disclosure or accidental loss. The data you provide to us is stored on secure servers. Any payment transactions will be encrypted using SSL technology.
    • You also have responsibilities to protect your data. For example, in keeping your Account details and any correspondence between you and us confidential.
    • Any data you have provided is given at your own risk. Whilst we do our best to maintain the confidentiality of the data we hold for you we cannot guarantee the security of this data. The internet is not a secure medium. We cannot be certain of the route of communication between you and us before being delivered. We therefore cannot accept responsibility for any unauthorised access or loss of personal data that is beyond our control.
    • We will notify you and any applicable regulator of a suspected data breach where we are legally required to do so.
  6. YOUR RIGHTS
    • We make good faith efforts to provide you with access to your data upon request and to either correct this data if inaccurate or to delete this data (if it is not otherwise required to be retained by law or for legitimate business purposes).
    • You have the right to opt out of us using your data for marketing purposes. You can exercise this right at any time by contacting at help@manbehindthemirror.co.uk.
    • At any time you can request we suspend your Account or alternatively if you seek to stop using the Website and the Service you can cancel your Account by contacting us at help@manbehindthemirror.co.uk. We will then suspend or deactivate and cancel the Account with immediate effect. If you cancel the Account access to your patient records would then become inaccessible.
    • You acknowledge and agree that Man Behind The Mirror is required by law to archive electronic patient records including your personal information, communication and Treatment for a minimum of 10 years.
    • If you wish to report any violations of the Privacy Policy contact us at help@manbehindthemirror.co.uk.
  7. ACCESS TO YOUR INFORMATION
    • Under certain circumstances by law you are entitled to request access to the data that we hold about you, to check that we are processing the data correctly in accordance with our Privacy Policy and applicable regulations, and to ask us to delete data where there is no justifiable reason for us to continue holding it.
    • You can exercise your rights under the Act and request such information by emailing help@manbehindthemirror.co.uk. We will require supporting identification verification documentation.
    • You will not have to pay a fee to access your personal information. However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
  8. USE OF COOKIES
    • We use cookies to improve the Website and the Service. Cookies include operational cookies, performance cookies, functionality cookies, targeting cookies and advertising cookies. The cookies enable us to customise our site according to your individual interests and recognise you when you return to our site. You may refuse to accept cookies by activating the applicable setting on your browser.

 

If you have any further questions or queries which have not been addressed in the Privacy Policy or other areas of the Website please contact help@manbehindthemirror.co.uk.