U.S. Privacy Notice
We want you to feel comfortable using our website.
- We understand that you may have concerns over what data we collect about you and the purposes for which we use it. We want you to feel comfortable using our website without having to worry about your privacy.
- At Nelsons, we are deeply committed to protecting your privacy, which is why we have set out this Privacy Notice describing the information we collect and what may happen to that information. By doing this we hope to address any concerns you may have about sending us your personal details.
- If you are a California consumer, please click here to review Nelsons’ CCPA-specific Privacy Notice.
Key Summary
- We take great care of your (or your family’s) health details, if you provide us with this information. In case you have any concerns, please be aware that if you send us sensitive information by any of our social media channels (like Twitter, Facebook or Instagram), we cannot guarantee they will keep your personal data as secure as we do. Instead, we recommend you to contact us by email at: [email protected].
- We use cookies to collect statistical data which helps us to understand clients’ needs and provide a better service. Please see our Cookies Policy for more information.
- We process your personal data to:
- Provide you with information, products or services that you request from us;
- Carry out our obligations arising from any contracts entered into between you and us;
- Send you information about our products or services that we believe it will be of your interest, if you consent to us doing so;
- Allow you to participate in interactive features of our service, when you choose to do so;
- Deal with a competition or prize draw you have entered into;
- Carry out research if you have responded to one of our surveys;
- Ensure that content from our website is presented in the most effective manner for you and for your computer;
- To generate public relations, if you are a journalist or social media influencer;
- To notify you about changes to our service; and
- To comply with a legal or regulatory obligation.
This Privacy Notice explains in detail what data we process, why, how it is legal and your rights.
About Us and this Privacy Notice
- This Privacy Notice is provided by Nelsons, which is a trading name of A Nelson & Co Limited (or “we” or “us”). This Privacy Notice applies to website users, customers, Nelsons’ patients, suppliers, participants who enter into competitions or respond to surveys, journalists and social media influencers.
- We are responsible for looking after the personal data you give to us, and take your privacy very seriously. We ask that you read this Privacy Notice carefully as it contains important information about our processing and your rights.
HOW TO CONTACT US
- If you need to contact us about this Privacy Notice, please use the details set out below.
- We have a Data Protection Officer who is responsible for overseeing questions in relation to this Privacy Notice. You can contact them using the details below.
- Address: Nelsons, 21 High Street #302, North Andover, MA 01845.
- Telephone number: 800-319-9151.
- Email: [email protected].
- If you would like this Privacy Notice in another format (for example: audio, large print, braille), please contact us.
CHANGES TO THIS PRIVACY NOTICE
- The Privacy Notice will be provided to you when you provide personal data to us for any reason and the latest version can always be found in our website footer.
- We may change this Privacy Notice from time to time. We will alert you by posting a notice on our website when changes are made.
- Current version: October 2021
USEFUL WORDS & PHRASES
Please familiarize yourself with the following words and phrases, as they have particular meanings and are used throughout this Privacy Notice:
- Controller - This means any person who determines the purposes for which, and the manner in which, any personal data is processed.
- Data subject - The person to whom the personal data relates.
- Personal data - This means any information from which a living individual can be identified. This will include information such as telephone numbers, names, addresses, e-mail addresses, photographs and voice recordings. It will also include expressions of opinion and indications of intentions about data subjects (and their own expressions of opinion/intentions). It will also cover information which on its own does not identify someone but which would identify them if put together with other information which we have or are likely to have in the future.
- Processing - This covers virtually anything anyone can do with personal data, including:
- obtaining, recording, retrieving, consulting or holding it;
- organizing, adapting or altering it;
- disclosing, disseminating or otherwise making it available; and
- aligning, blocking, erasing or destroying it.
- Processor - This means any person who processes the personal data on behalf of the controller.
- Special categories of data - This means any information relating to:
- racial or ethnic origin;
- political opinions;
- religious beliefs or beliefs of a similar nature;
- trade union membership;
- physical or mental health or condition;
- sexual life; or
- genetic data or biometric data for the purpose of uniquely identifying you.
- You - a living individual including users and people (and any other relevant person to whom this privacy policy applies) about whom the personal data is processed.
WHAT PERSONAL DATA DO WE COLLECT?
We collect the following information from you:
PERSONAL INFORMATION
- When purchasing our products, or subscribing to our mailing list we will collect the following: name, address, the products you order, credit card details, payment and sales history, e-mail address, telephone number, occupation and if relevant fax number.
- If you are a journalist/social media influencer in addition to the above, we also collect the following: your place of work, interests, online presence and content displayed across your social media channels.
- We also collect details of your visits to our website, including traffic data, location data, weblogs and other communication data when necessary to provide you with a service.
- We use cookies to collect statistical data, for example IP addresses of those who visit our website. Please see our Cookies Policy for more information.
SPECIAL CATEGORIES OF DATA
- When contacting us regarding any of our products, if necessary to provide you with the service you are requesting, we will collect: data related to your health conditions, including medical records and prescriptions and photographs and/or videos of any ailment/symptoms that you may have and require advice on.
PERSONAL INFORMATION PROVIDED BY THIRD PARTIES
- All the information we process about you has been provided by you, or a member of your family acting on your behalf. We do not sell personal data about you to third parties. Additionally, we do not receive or share personal data about you from/with third parties, with the exception of the following circumstances:
- If you are a journalist, or a social media influencer, we collect data from third parties such as Meltwater, Cision (Gorkana) and Sprinklr, which will provide us with publicly available information about you, such as gender, job title, email addresses, contact location/address and phone number, social media handles and social media audience demographics.
- If you have subscribed to our newsletter, we will receive data from Mailchimp.
- If you have subscribed to our e-learning modules, Exscien will have access to your data.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Why do we process your personal data?
We use your personal data for the following purposes listed in this section. We are allowed to do so on certain legal bases (please see section ‘How is processing your data lawful’ for further detail).
- When you contact us for any reason;
- When you register to use our website;
- When you place an order with us;
- When you subscribe to any of our services;
- To provide you with information, products or services that you request from us;
- To carry out our obligations arising from any contracts entered into between you and us;
- To send you information about our products or services that we believe it will be of your interest, if you consent us to do so;
- To allow you to participate in interactive features of our service, when you choose to do so;
- To deal with a competition or prize draw you have entered into;
- To carry out research if you have responded to one of our surveys;
- To ensure that content from our website is presented in the most effective manner for you and for your computer;
- When you report a problem with our website;
- To generate public relations, if you are a journalist or social media influencer;
- To notify you about changes to our service; and
- To comply with a legal or regulatory obligation.
Cookies
We use cookies to understand the performance of our website, or for research or statistical purposes. Please see our Cookies Policy for more information. We will also provide members of our group and any associated companies and marketing partners with aggregate information about our users (for example, we will inform them that 500 men aged under 30 have clicked on a particular link on any given day). We will also use such aggregate information to help members of our group, associated companies and marketing partners reach the kind of audience they want to target (for example, women in the 10101 zip code).
How is processing your personal data lawful?
We are allowed to process your personal data for the following reasons and on the following legal bases:
LEGITIMATE INTERESTS
- We are permitted to process your personal data if it is based on our “legitimate interests,” i.e., we have good, sensible, practical reasons for processing your personal data which is in the interests of Nelsons. We have a legitimate interest in carrying out marketing activities and we will only do so if you consent or in certain circumstances permitted by law according to your expectations. We have considered the impact on your interests and rights, and have placed appropriate safeguards to ensure that the intrusion on your privacy is reduced as much as possible. Below explains the personal data processed on this basis.
ANALYTIC DATA
- We have an interest in understanding the performance of our website, to improve the way it is presented and improve customers’ services managed through the website.
- We have an interest in gaining a better knowledge on our customers’ interests so we can display targeted advertising.
- You can object to processing that we carry out on the grounds of legitimate interests. See the section headed “Your Rights” to find out how.
CONTRACT
- Sometimes we want to use your personal data in a way that is entirely optional for you, such as to send you our promotions and news. On these occasions, we will ask for your consent to use your information. You can withdraw this consent at any time.
LEGAL OBLIGATION
- We are subject to legal obligations to process your personal data for the purposes of complying with applicable regulatory, accounting and financial rules, health and safety and to make mandatory disclosures to government bodies and law enforcements.
CONSENT
- Sometimes we want to use your personal data in a way that is entirely optional for you, such as to send you our promotions and news. On these occasions, we will ask for your consent to use your information. You can withdraw this consent at any time.
SPECIAL CATEGORIES OF DATA
- Data manifestly made public - Although this sounds like your data is “in the public domain”, it does not mean such thing. When you voluntarily provide Nelsons with data related to your (or those who are under your care) health, in order for us to deal with your concerns or enquiries, as you are providing this information to those professionals/ employees/ members of our organization who needs to deal with your enquiry (as opposed to a singular person who is under a duty of secrecy, for example a doctor). If you do so, it is considered that you are making this data sufficiently public in a way that you allow us to deal with your enquiry. Such data will only be processed by the departments who need to know, in order to deal with your request.
- Health care services - If we need to process your data to provide you with health care services, pursuant to a contract with one of our health professionals, who is subject to confidentiality.
- Consent - You have given your explicit consent for us to process your (or those who are under your care) health conditions’ data to provide you with a service. You can withdraw this consent at any time.
- Legal claims - We need to process your personal data if, we are required to process your personal data to defend or establish a legal claim.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Who will have access to your personal data?
Below lists some of our key service providers that act as our processors who, if necessary, will have access to your personal data.
If you would like to know the names of our other service providers (e.g. IT service providers) please contact us using the details at the start of this Privacy Notice.
- Birchman provides enterprise resource planning system support.
- Sage Pay provides secure payments for online purchases.
- Mailchimp acts as a data processor for the Nelsons newsletter.
- Exscien acts as a data processor for the Nelsons professional education site.
We share your personal data with members of the Nelsons group, this being our subsidiaries, our ultimate holding company and its subsidiaries and with associated companies and marketing partners.
In addition, we share your personal data in the following circumstances:
- In the event that we sell or buy any business or assets, we would disclose your personal data to the prospective seller or buyer of such business or assets.
- If we or substantially all of our assets are acquired by a third party, personal data held by Nelsons about our customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or terms and conditions of supply and other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
- We will also share your personal data with the police, other law enforcements or regulators where we are required by law to do so.
WHO INFORMATION IS SHARED WITH
- Freelancers operating our social media accounts; and
- Analytics agencies, including Google Analytics, Facebook Analytics, and 7Dots.
HOW WE KEEP YOUR PERSONAL DATA SECURE
We strive to implement appropriate technical and organizational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data. We follow recognized industry practices for protecting our IT environment and physical facilities.
For example:
- information you provide to us is stored on secure servers;
- payment transactions are encrypted using SSL technology;
- we use encryption to further protect your data.
If you want to know more about how data is transferred, please contact us using the details in the section above.
HOW WE KEEP YOUR PERSONAL DATA SECURE
We strive to implement appropriate technical and organizational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data. We follow recognized industry practices for protecting our IT environment and physical facilities.
For example:
- all information you provide to us is stored on secure servers;
- any payment transactions will be encrypted using SSL technology;
- we use encryption to protect your data from unlawful access.
Unfortunately, the transmission of information via the internet is not completely secure, and we cannot guarantee the security of your data transmitted to our website, and any transmission is at your own risk.
WHEN WILL WE DELETE YOUR DATA?
Our main rule is not to keep your data for longer than we need to in order to meet the purposes we included in the section "Why do we process your personal data?"
For example, if you buy our products online, we will keep your data for the time we need it to place the order and deliver them; then, we will keep that data if we need it to comply with a legal obligation, or for research or statistics purposes, but if we do not need all the data you provided then, we will delete the remaining data. For most of the purposes and legal obligations we have stated a retention period of 7 years.
In general, we have set out that the following categories of personal data and special categories of data will be kept for the following periods.
- Contact details of users - As long as it is required by law
- Contact details of customers/patient - As long as it is required by law
- Medical records - As long as it is required by law
- Card, payment details of customers - 6 years
CHILDREN UNDER THE AGE OF 18
Our website is not intended for children. No one under age 18 may provide any information to or on the website. We do not knowingly collect personal information from anyone under 18. If you are under 18, do not use or provide any information on this website or on or through any of its features. If we learn we have collected or received personal information from someone under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child, please contact us at: [email protected].