Skip to content
PRIVACY POLICY

Our policy on the data we process

CSST Group Ltd (the “Company“, “we” or “us“) is committed to protecting and respecting your privacy.

This policy (together with our website terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.csstgroup.co.uk, you are accepting and consenting to the practices described in this policy.

For the purpose of the Data Protection Act 2018, the EU General Data Protection Regulation or any other applicable legislation, the data controller is CSST Group Ltd, a company registered in England with company number 11238599 and our registered office at CSST Group, 6 Lawrence Grove, Uxbridge UB10 0FF, London, UK.

Our data protection officer is Alok Shinde, who can be contacted at the address above.

Please note that links from our website may take you to external websites not covered by this policy. We recommend that you check their privacy policies yourself before submitting any personal information. We will not be responsible for the content, function or information collection policies of these external websites.
 

Information We Collect From You
We will collect and process the following data about you:

Information you give us. This is information about you that you give us by filling in forms on our site, www.csstgroup.co.uk, (“our site“) or by corresponding with us by phone, email or otherwise. It includes information that you provide when you register to use our site, subscribe to our service, search for a product, place an order on our site, participate in discussion boards or other social media functions on our site, or enter a competition, promotion or survey, and when you report a problem with our site. The information you give to us may include your name, address, email address and phone number, financial and credit card information, personal description and/or photograph.

Special category data you give to us.This is sensitive information that you give to us by filling in forms on our site or by corresponding with us by phone, email or otherwise. You will provide us with special category data when making a purchase and completing our screening information as part of your consultation. It may include, but is not limited to, information relating to genetics, ethnic origin, health, biometrics, sex life and/or sexual orientation.

Information we collect about you.With regard to each of your visits to our site, we will automatically collect the following information:
technical information, including the internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and information about your visit, including the full Uniform Resource Locators (URL),clickstream to, through and from our site (including date and time),products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs),methods used to browse away from the page, and any phone number used to call our customer service number.

Information we receive from other sources.This is information that we receive about you if you use any of the other websites that we operate or the other services that we provide. In this case, we will have informed you when we collected that data if we intend to share such data internally and combine it with data collected on our site. We will also have told you for what purpose we will share and combine your data. We work closely with selected third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and will notify you when we receive information about you from them and the purposes for which we intend to use that information.

This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this policy.
 

Cookies
Our site uses cookies to distinguish you from other users of our site. This helps us to provide you with a good experience when you browse our site and also allows us to improve our site. By continuing to browse our site, you are agreeing to our use of cookies.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer, provided you accept them. Cookies contain information that is transferred to your computer’s hard drive.
 

We use the following cookies:
Strictly necessary cookies: These are required for the operation of our site. They include cookies that enable you to log into secure areas of our site, use the shopping cart, or make use of e-billing services.

Analytical/performance cookies: These allow us to track the number of visitors to our site. This helps us to improve the way our site works, for example by ensuring that users are finding what they are looking for easily.

Functionality cookies: These are used to recognise you when you return to our site, enabling us to personalise our content for you, greet you by name and remember your preferences.

Targeting cookies: These cookies record your visit to our site, the pages you have visited and the links you have followed. We will use this information to make our site and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies),you may not be able to access all or parts of our site.

We use information held about you in the following ways:

  • Personal information you give to us
     

We will use this information:

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
  • to provide you with information about other goods and services that we offer that are similar to those that you have already purchased or enquired about;
  • to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (email or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the order form on which we collect your data;
  • to notify you about changes to our service; and
  • to ensure, using internal data analytics and other related marketing methods, that content from our site is presented in the most effective manner for you and for your computer.
     

Special Category Data
We rely upon your explicit consent to allow us to process your special category data, which is necessary for the purpose of preventative or occupational medicine, medical diagnosis and provision of health treatment, which is carried out in accordance with regulatory guidelines.

We will use this information to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us.

Information we collect about you
We will use this information:

  • to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • as part of our efforts to keep our site safe and secure;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
  • to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
     

We may use automated decision-making and profiling to tailor the information we provide to you to your specific circumstances.
 

Who do we share your information with?
Details of whom we will share your data with and why is set out in our Data Record. Copies of our Data Record are available from our data protection officer.
 

Sharing your information within our company and partners
We share the information that you provide to us with our staff so that we can provide our products and services to you.

We may share the information that you provide to us with other partner companies and other websites that we operate. For example, if you place an order online, we may share information with the prescribing doctor to enable you to receive the prescription and also the pharmacy to arrange despatch to you via post.
 

Sharing your information with third parties
We may share your information with selected third parties including:

  • advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but have the right to provide them with aggregate information about our users. We may make use of the personal data that we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience;
  • analytics and search engine providers that assist us in the improvement and optimisation of our site; and
  • credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
     

There are certain exceptional circumstances in which we may disclose your information to other third parties. This would be where we believe that the disclosure is:

  • required by the law, or in order to comply with judicial proceedings, court orders or legal or regulatory proceedings;
  • necessary to protect the safety of our employees, our property or the public;
  • necessary for the prevention or detection of crime, including exchanging information with other companies or organisations for the purposes of fraud protection and credit risk reduction; and/or
  • proportionate as part of a merger, business or asset sale, in the event that this happens we will share your information with the prospective seller or buyer involved.
     

How long do we keep your personal information?
We will only store your personal information for as long as we need it for the purposes for which it was collected. Where we provide you with any service (e.g. subscription service),we will retain any information that you provide to us at least for as long as we continue to provide that service to you.
 

Where we store your personal data
The data that we collect from you will be transferred to, and stored at, a destination within the European Economic Area (“EEA“). It will also be processed by staff operating within the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information that you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
 

Your rights
You have the right to be informed

We have a legal obligation to provide you with concise, transparent, intelligible and easily accessible information about your personal information and our use of it.

We have written this policy to do just that, but if you have any questions or require more specific information, you can get in touch using our details above.
 

You have the right to access your personal data
You have the right to ask us to confirm whether or not we hold any of your personal information. If we do, you have the right to have a copy of your information and to be informed of the following:

  • Why we have been using your information
  • What categories of information we were using
  • Who we have shared the information with
  • How long we envisage holding your information
     

In order to maintain the security of your information, we will have to verify your identity before we provide you with a copy of the information we hold. The first copy of your information that you request from us will be provided free of charge, if you require further copies we may charge an administrative fee to cover our costs.

You have the right to correct any inaccurate or incomplete personal data
Where you have requested a copy of the information we hold about you, you may notice that there are inaccuracies in the records, or that certain parts are incomplete. If this is the case, you can contact us so that we can correct our records.
 

You have the right to be forgotten
There may be times where it is no longer necessary for us to hold personal information about you. This could be if:

  • the information is no longer needed for the original purpose that we collected it for;
  • you withdraw your consent for us to use the information (and we have no other legal reason to keep using it);
  • you object to us using your information and we have no overriding reason to keep using it;
  • we have used your information unlawfully; and/or
  • we are subject to a legal requirement to delete your information.
     

In those situations, you have the right to have your personal data deleted. If you believe one of these situations applies to you, please contact us.
 

You have the right to have a copy of your data transferred to you or a third party in a compatible format
Also known as data portability, you have the right to obtain a copy of your personal data for your own purposes. This right allows you to move, copy or transfer your personal data more easily from one IT system to another, in a safe and secure way. If you would like us to transfer a copy of your data to you or another organisation in a structured, commonly use and machine-readable format, please contact us. There is no charge for you exercising this right.
 

You have the right to object to direct marketing
You can tell us at any time that you would prefer that we do not use your information for direct marketing purposes. If you would not like to receive any direct marketing from us, please contact us or use the links provided in any of our marketing communications, and we will stop sending direct marketing immediately.
 

You have the right to object to us using your information for our own legitimate interests
Sometimes, we use your personal information to achieve goals that will help us as well as you. This includes:

  • when we tell you about products or services that are similar to ones that you have already bought;
  • when we use your information to help us make our business better; or
  • when we contact you to interact, communicate or let you know about changes we are making
  • We aim to always ensure that your rights and information are properly protected. If you believe that the way we are using your data is not justified due to its impact on you or your rights, you have the right to object. Unless we have a compelling reason to continue, we must stop using your personal data for these purposes. In order to exercise your right to object to our use of your data for the purposes above, please contact us.
     

You have the right to restrict how we use your personal data
You have the right to ask us to stop using your personal data in any way other than simply keeping a copy of it. This right is available where:

  • you have informed us that the information we hold about you is inaccurate, and we have not yet been able to verify this;
  • you have objected to us using your information for our own legitimate interests and we are in the process of considering your objection;
  • we have used your information in an unlawful way, but you do not want us to delete your data; or
  • we no longer need to use the information, but you need it for a legal claim


If you believe any of these situations apply, please contact us.
 

You have rights related to automated-decision making and profiling
Any automated decision-making or profiling that we undertake is solely for the purpose of tailoring the information which we provide to you. We will not use automated decision-making or profiling to make any decisions which will have a legal effect upon you or otherwise significantly affect you, and you have the right not to be subject to such decisions. If you have any concerns or questions about this right, please contact us.
 

Changes to our privacy policy
Any changes that we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check frequently to see any updates or changes to our privacy policy.
 

Complaints
If you wish to make a complaint about our collection or use of your personal data, please contact us in the first instance so that we may seek to resolve your complaint.

CSST Group
6 Lawrence Grove
Uxbridge
UB10 0FF
London
UK

[email protected]

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO),the statutory body which oversees data protection law in the UK. Please visit the ICO website if you wish to lodge a complaint with the ICO.