Welcome to Apothecarius.eu. This Privacy Policy explains our practices regarding the collection, use, disclosure, and safeguarding of your personal information through www.apothecarius.eu (“Website”) and our services. By accessing or using our Service, you signify that you have read, understood, and agreed to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.

Legal Basis for Processing Personal Data

Apothecarius.eu has harmonized the protection of personal data with Regulation EU 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (General data protection regulation). The legal bases for processing personal data of individuals within the EU are as follows:

• Consent: We will collect and process your data with your consent.
• Contractual Necessity: The processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering a contract.
• Legal Obligation: The processing is necessary for compliance with a legal obligation to which we are subject.
• Vital Interests: The processing is necessary to protect the vital interests of you or another natural person.
• Public Interest: The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
• Legitimate Interests: The processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

Collection and Use of Personal Information

We collect several different types of information for various purposes to provide and improve our service to you.

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally, identifiable information may include, but is not limited to:

• Email address
• First name and last name
• Phone number
• Address, State, Province, ZIP/Postal code, City
• Cookies and Usage Data

Use of Personal Data

Personal data is collected, processed, and utilized in various ways to facilitate the operations of the Website, enhance customer service, and comply with legal obligations:

Account Creation and Management

• Registration Information: Personal data such as name, email address, and contact details are used to create and manage user accounts, enabling customers to place orders, track their order history, manage preferences, and receive updates.

Order Processing and Fulfilment

• Transaction Data: Information like shipping and billing addresses, contact details, and purchase history is essential for processing orders, managing payments, shipping products, providing invoices, and handling returns or exchanges.

Customer Support and Communication

• Contact Information: Email addresses and phone numbers are used to communicate with customers regarding their orders, to provide customer support, resolve issues, and respond to inquiries.

Personalization and Recommendations

• Browsing and Purchase History: Data on past purchases and browsing behaviour can be analysed to personalize the shopping experience, offering tailored product recommendations, and targeted promotions that match the customer’s interests and preferences.

Marketing and Promotions

• Marketing Preferences: Personal data is used to send newsletters, special offers, and promotional communications to customers who have opted in for such communications, in accordance with their preferences and consent.

Security and Fraud Prevention

• Authentication Data: Personal data helps in implementing security measures, verifying user identity, protecting against unauthorized access to user accounts, and preventing fraudulent transactions.

Analytics and Performance Improvement

• Feedback and Reviews: Personal data included in feedback, reviews, or surveys is used to improve product offerings, customer service, and the overall user experience.

Legal Compliance

• Regulatory Requirements: Personal data may be used to comply with legal obligations, such as tax laws, consumer rights laws, and data protection regulations, which may require maintaining records, processing returns, and responding to legal requests.

Data Retention and Management

• Account Information: Personal data is maintained as long as the account is active or as needed for operational purposes, such as fulfilling orders, resolving disputes, or complying with legal requirements.

Usage Data

• Browsing Details: Information about how and when the Website is accessed, including the date and time of visits, the pages viewed, the amount of time spent on each page, and the order in which pages are visited.
• Device Information: Data about the device used to access the Website, such as the type of device (e.g., smartphone, tablet, desktop), the operating system (e.g., iOS, Android, Windows), the browser type (e.g., Chrome, Firefox, Safari), and unique device identifiers.
• IP Address: The Internet Protocol (IP) address of the device used to access the Website. This can be used to infer geographic location, but typically not with precise accuracy.
• Clickstream Data: The path a user takes through the Website, captured through the links on which a user clicks. This data helps in understanding user navigation patterns and preferences.
• Interaction Data: Details on how users interact with the Website, including clicks, scrolling behaviour, mouse movements, and keystrokes. This data is often used for usability testing and Website optimization.
• Search Queries: The terms and phrases that users enter into search features on the Website, which can provide insights into user interests and product demands.
• Transaction Data: Details of transactions made on the Website, including the products or services purchased, the time of purchase, and the purchase amounts. Note that this does not include payment information such as credit card numbers, which are processed by third-party payment processor.
• Response Times: The speed at which the Website pages load for users, which can impact user experience and satisfaction.
• Error Logs: Records of any errors encountered during the use of the Website, which can help in troubleshooting issues and improving the stability of the service.
• Device Connectivity and Configuration: Information about the internet connection, including the service provider, network type (e.g., WiFi, 4G), and network strength, as well as configuration settings of the device.

Use of Usage Data

The Usage Data collected is used to maintain the quality of the service, enhance user experiences, tailor content and advertisements, understand user demographics and behaviours, and for internal analytics and reporting. It helps the Website operators to:

• Improve Website performance and user interface design.
• Develop new features, products, or services based on user preferences and behaviours.
• Manage and optimize advertising campaigns.
• Enhance security measures and detect fraudulent or unauthorized activity.
• Comply with legal obligations and regulatory requirements.

Usage Data is typically processed in an aggregated and anonymized form to respect user privacy while providing valuable insights into user interaction with the Website.

Your Data Protection Rights Under GDPR

If you are a resident of the European Union (EU), you have certain data protection rights aimed at ensuring you have control over your personal data. Apothecarius.eu aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

• The right to access, update or delete the information we have on you. Whenever made possible, you can access, update, or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
• The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
• The right to object. You have the right to object to our processing of your Personal Data.
• The right of restriction. You have the right to request that we restrict the processing of your personal information.
• The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable, and commonly used format.
• The right to withdraw consent. You also have the right to withdraw your consent at any time where Apothecarius.eu relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests.

The Right to Be Forgotten

You have the right to request that Apothecarius.eu erase your personal data under certain conditions. If you wish to be informed about what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Therefore Apothecarius.eu invites Users to periodically review this Privacy Policy, which will indicate new changes, if any. If the User does not agree with this Privacy Policy, we instruct the User to leave and not access or use the Website.

We are here to help and ensure all User privacy is protected. We invite all Users to reach out to us with any questions or concerns regarding our Privacy Policy at Galen Pharma d.o.o., Stjepana Radića 18, 48350 Đurđevac, Croatia, HR95629403262, e-mail: info@apothecarius.eu.