PRIVACY POLICY


Last Updated: 03 October, 2024.


We take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data.

Last updated: September 25th, 2024


At Curada ("we," "us," or "our"), we are committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you use our services, including our websites, apps, and other products (collectively, the "Services").

By accessing or using our Services, you agree to the collection and use of your information in accordance with this Privacy Policy.


What This Privacy Policy Covers

This Privacy Policy applies to Curada's Services that display or reference this Policy. It explains how we treat personal data that we collect and process when you access or use our Services. This Policy does not apply to services that display or reference a different privacy policy.


Information We Collect

We collect information about you in various ways when you use our Services.


Information You Provide Directly

1. Account Information

  • Personal Details: First and last name, email address, password, date of birth, and phone number.

  • Marketing Preferences: Your preferences for receiving marketing communications.

  • Age Verification: Information to verify your age, ensuring compliance with age-restricted services.

2. Medical Information

  • Health Information: Details you provide through medical questionnaires, including health conditions, medications, and other relevant health data.

  • Sensitive Personal Data: Information concerning your health, collected with your explicit consent.

3. Purchase Information

  • Order Details: Information about the products you request, including non-prescription items.

  • Delivery Information: Address and contact details for order fulfillment.

4. Payment Information

  • Payment Details: Collected by our third-party payment processor (e.g., Stripe). We do not store your full payment information but may retain transaction identifiers.

5. Communications

  • Customer Support: Information you provide when contacting us for support or inquiries.

  • Survey Responses: Feedback and responses you provide in surveys or research studies.


Information Collected Automatically

1. Device and Usage Information

  • Technical Information: IP address, browser type, operating system, device identifiers, and device type.

  • Usage Data: Pages viewed, links clicked, time spent on pages, and navigation paths.

  • Cookies and Similar Technologies: Information collected through cookies, web beacons, and other tracking technologies.

2. Location Information

  • Geolocation Data: Approximate or precise location information, collected with your consent.


Information from Third Parties

1. Partnered Healthcare Providers

  • Medical Assessments: Information from healthcare providers involved in your care, such as assessments or prescriptions.

2. Service Providers

  • Analytics and Advertising Partners: Information from third-party services that provide analytics or advertising services.


How We Use Your Information

We use your personal data for the following purposes:

1. Providing and Improving Our Services

  • Service Delivery: Facilitate your access to our Services and process your orders.

  • Medical Assessments: Collaborate with licensed healthcare professionals for medical evaluations.

  • Account Management: Manage your account, authenticate your identity, and provide customer support.

  • Personalization: Customize your experience, such as providing tailored content and recommendations.

2. Communication

  • Transactional Messages: Send confirmations, updates, security alerts, and support messages.

  • Marketing Communications: Send promotional communications about products, offers, or services, in accordance with your preferences.

3. Research and Development

  • Service Improvement: Analyze usage to improve our Services and develop new features.

  • User Research: Invite you to participate in surveys or research studies to enhance our offerings.

4. Legal and Compliance

  • Legal Obligations: Comply with applicable laws, regulations, and legal processes.

  • Protection of Rights: Enforce our terms and policies, protect our rights, privacy, safety, or property, and that of others.

5. Security and Fraud Prevention

  • Security Measures: Monitor and analyze activities to prevent fraud, unauthorized access, and other illegal activities.


How We Share Your Information

Our Disclosure of Personal Data

Curada discloses personal data to Curada’ service providers with your consent or as we determine necessary to complete your transactions or provide the services you have requested or authorised. Subsequent processing by Curada’ service providers is necessary for the services they provide on the platform. Where we have a contract with a third party, we take steps to ensure they treat your data in accordance with the law, only use it in accordance with our contract with them, and keep it secure.

In addition, we disclose personal data to the types of third parties described below, for the following business purposes:

  1. Service providers. We provide personal data to vendors or agents working on our behalf for the purposes described in this Policy. For example, companies we’ve hired to provide customer service support may need access to personal data to provide those functions.

  2. Financial services & payment processing. When you provide payment data, such as to make a purchase, we will disclose payment and transactional data to banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, analytics, or other related financial services. For example, Stripe Payments Europe, Ltd. processes payment data for your transactions with Curada.

  3. Medical Providers: We partner with medical providers who evaluate your health conditions and, where appropriate, provide a prescription to facilitate your purchase of prescription products.

  4. Corporate transactions. We may disclose personal data as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.

  5. Legal and law enforcement. We will access, disclose, and preserve personal data when we believe doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.

  6. Security, safety, and protecting rights. We will disclose personal data if we believe it is necessary to:

  • protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;

  • operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or

  • protect the rights or property of ourselves or others, including enforcing our agreements, terms, and policies.

Third party analytics and advertising companies also collect personal data through our website and apps including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, usage data, and inferences based on and associated with that data, as described in the ‘Cookies’ section of this Policy.

These third-party vendors may combine this data across multiple sites to improve analytics for their own purpose and others. For example, we use Google Analytics on our website to help us understand how users interact with our website; you can learn how Google collects and uses information at www.google.com/policies/privacy/partners.

Other third-party analytics and advertising providers we use on our websites include, for example:

Facebook Audiences

Advertising

https://www.facebook.com/privacy/explanation

https://www.facebook.com/settings?tab=ads

Google Analytics

Analytics

https://policies.google.com/technologies/partner-sites

https://myadcenter.google.com/home

Please note that some of our services also include integrations, references, or links to services provided by third parties whose privacy practices differ from ours.

If you provide personal data to any of those third parties, or allow us to share personal data with them, that data is governed by their privacy statements.

We disclose personal information within our corporate entity for uses consistent with this policy.

Finally, we may disclose de-identified information in accordance with applicable law.

Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect and use personal information about you.

1. What Are Cookies?

Cookies are small data files stored on your device when you visit a website. They help websites remember your preferences and understand how you interact with the site.

2. Types of Cookies We Use

  • Essential Cookies: Necessary for the operation of our Services.

  • Analytics Cookies: Help us understand how users engage with our Services to improve performance.

  • Advertising Cookies: Used to deliver advertisements relevant to you and your interests.

3. Managing Cookies

You can control cookies through your browser settings. However, disabling cookies may affect the functionality and availability of our Services.

For more detailed information, please refer to our Cookie Policy.

Your Rights and Choices

Under applicable data protection laws, you have certain rights regarding your personal data.

1. Access and Correction

  • Access: Request access to the personal data we hold about you.

  • Correction: Request that we correct or update your personal data if it is inaccurate or incomplete.

2. Deletion

  • Right to Erasure: Request that we delete your personal data, subject to certain exceptions provided by law.

3. Restriction and Objection

  • Restrict Processing: Ask us to restrict the processing of your personal data under certain circumstances.

  • Object to Processing: Object to the processing of your personal data for direct marketing purposes or on grounds relating to your particular situation.

4. Data Portability

  • Transfer of Data: Request to receive your personal data in a structured, commonly used, and machine-readable format.

5. Withdraw Consent

  • Consent Withdrawal: Withdraw your consent at any time if we process your personal data based on your consent.

6. Marketing Communications

  • Opt-Out: Opt-out of receiving promotional emails by following the unsubscribe instructions in those emails or by contacting us directly.

7. Complaints

  • Supervisory Authority: File a complaint with the relevant data protection authority if you have concerns about our data practices.


Contact Us

To exercise your rights, please contact us using the information provided in the Contact Us section.


Data Security and Retention

Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

  • Encryption: Use SSL encryption to protect data transmitted between your device and our servers.

  • Access Controls: Restrict access to personal data to authorized personnel.

  • Security Protocols: Regularly review and update our security practices to enhance data protection.


Retention Periods

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements.

  • Account Information: Retained for the duration of your account and for a period thereafter as required by law.

  • Medical Information: Retained in accordance with legal requirements for medical records.

  • Communication Records: Retained as necessary to address inquiries or feedback.


International Data Transfers

Your personal data may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws different from those of your country.

We ensure that appropriate safeguards are in place to protect your information when it is transferred internationally, such as:

  • Standard Contractual Clauses: Utilizing approved contractual clauses to ensure data protection.

  • Adequacy Decisions: Transferring data to countries deemed to have adequate data protection by relevant authorities.


Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children under 18. If you are under 18, please do not use our Services or provide any personal information to us.

If we become aware that we have collected personal data from a child under 18, we will take steps to delete such information promptly. If you believe we might have any information from or about a child under 18, please contact us.


Third-Party Links

Our Services may contain links to third-party websites or services that are not owned or controlled by Curada. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites or services before providing them with your personal information.


Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

  • Notification of Changes: We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

  • Continued Use: Your continued use of the Services after changes are posted constitutes your acknowledgment and acceptance of the changes.


Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • By Mail:

    Curada

    Data Protection Officer

    Techstars WeWork

    Aldwych House, 71-91 Aldwych

    London WC2B 4HN

  • By Email:

    privacy@curada.co.uk

PRIVACY POLICY


Last Updated: 03 October, 2024.


We take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data.

Last updated: September 25th, 2024


At Curada ("we," "us," or "our"), we are committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you use our services, including our websites, apps, and other products (collectively, the "Services").

By accessing or using our Services, you agree to the collection and use of your information in accordance with this Privacy Policy.


What This Privacy Policy Covers

This Privacy Policy applies to Curada's Services that display or reference this Policy. It explains how we treat personal data that we collect and process when you access or use our Services. This Policy does not apply to services that display or reference a different privacy policy.


Information We Collect

We collect information about you in various ways when you use our Services.


Information You Provide Directly

1. Account Information

  • Personal Details: First and last name, email address, password, date of birth, and phone number.

  • Marketing Preferences: Your preferences for receiving marketing communications.

  • Age Verification: Information to verify your age, ensuring compliance with age-restricted services.

2. Medical Information

  • Health Information: Details you provide through medical questionnaires, including health conditions, medications, and other relevant health data.

  • Sensitive Personal Data: Information concerning your health, collected with your explicit consent.

3. Purchase Information

  • Order Details: Information about the products you request, including non-prescription items.

  • Delivery Information: Address and contact details for order fulfillment.

4. Payment Information

  • Payment Details: Collected by our third-party payment processor (e.g., Stripe). We do not store your full payment information but may retain transaction identifiers.

5. Communications

  • Customer Support: Information you provide when contacting us for support or inquiries.

  • Survey Responses: Feedback and responses you provide in surveys or research studies.


Information Collected Automatically

1. Device and Usage Information

  • Technical Information: IP address, browser type, operating system, device identifiers, and device type.

  • Usage Data: Pages viewed, links clicked, time spent on pages, and navigation paths.

  • Cookies and Similar Technologies: Information collected through cookies, web beacons, and other tracking technologies.

2. Location Information

  • Geolocation Data: Approximate or precise location information, collected with your consent.


Information from Third Parties

1. Partnered Healthcare Providers

  • Medical Assessments: Information from healthcare providers involved in your care, such as assessments or prescriptions.

2. Service Providers

  • Analytics and Advertising Partners: Information from third-party services that provide analytics or advertising services.


How We Use Your Information

We use your personal data for the following purposes:

1. Providing and Improving Our Services

  • Service Delivery: Facilitate your access to our Services and process your orders.

  • Medical Assessments: Collaborate with licensed healthcare professionals for medical evaluations.

  • Account Management: Manage your account, authenticate your identity, and provide customer support.

  • Personalization: Customize your experience, such as providing tailored content and recommendations.

2. Communication

  • Transactional Messages: Send confirmations, updates, security alerts, and support messages.

  • Marketing Communications: Send promotional communications about products, offers, or services, in accordance with your preferences.

3. Research and Development

  • Service Improvement: Analyze usage to improve our Services and develop new features.

  • User Research: Invite you to participate in surveys or research studies to enhance our offerings.

4. Legal and Compliance

  • Legal Obligations: Comply with applicable laws, regulations, and legal processes.

  • Protection of Rights: Enforce our terms and policies, protect our rights, privacy, safety, or property, and that of others.

5. Security and Fraud Prevention

  • Security Measures: Monitor and analyze activities to prevent fraud, unauthorized access, and other illegal activities.


How We Share Your Information

Our Disclosure of Personal Data

Curada discloses personal data to Curada’ service providers with your consent or as we determine necessary to complete your transactions or provide the services you have requested or authorised. Subsequent processing by Curada’ service providers is necessary for the services they provide on the platform. Where we have a contract with a third party, we take steps to ensure they treat your data in accordance with the law, only use it in accordance with our contract with them, and keep it secure.

In addition, we disclose personal data to the types of third parties described below, for the following business purposes:

  1. Service providers. We provide personal data to vendors or agents working on our behalf for the purposes described in this Policy. For example, companies we’ve hired to provide customer service support may need access to personal data to provide those functions.

  2. Financial services & payment processing. When you provide payment data, such as to make a purchase, we will disclose payment and transactional data to banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, analytics, or other related financial services. For example, Stripe Payments Europe, Ltd. processes payment data for your transactions with Curada.

  3. Medical Providers: We partner with medical providers who evaluate your health conditions and, where appropriate, provide a prescription to facilitate your purchase of prescription products.

  4. Corporate transactions. We may disclose personal data as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.

  5. Legal and law enforcement. We will access, disclose, and preserve personal data when we believe doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.

  6. Security, safety, and protecting rights. We will disclose personal data if we believe it is necessary to:

  • protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;

  • operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or

  • protect the rights or property of ourselves or others, including enforcing our agreements, terms, and policies.

Third party analytics and advertising companies also collect personal data through our website and apps including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, usage data, and inferences based on and associated with that data, as described in the ‘Cookies’ section of this Policy.

These third-party vendors may combine this data across multiple sites to improve analytics for their own purpose and others. For example, we use Google Analytics on our website to help us understand how users interact with our website; you can learn how Google collects and uses information at www.google.com/policies/privacy/partners.

Other third-party analytics and advertising providers we use on our websites include, for example:

Facebook Audiences

Advertising

https://www.facebook.com/privacy/explanation

https://www.facebook.com/settings?tab=ads

Google Analytics

Analytics

https://policies.google.com/technologies/partner-sites

https://myadcenter.google.com/home

Please note that some of our services also include integrations, references, or links to services provided by third parties whose privacy practices differ from ours.

If you provide personal data to any of those third parties, or allow us to share personal data with them, that data is governed by their privacy statements.

We disclose personal information within our corporate entity for uses consistent with this policy.

Finally, we may disclose de-identified information in accordance with applicable law.

Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect and use personal information about you.

1. What Are Cookies?

Cookies are small data files stored on your device when you visit a website. They help websites remember your preferences and understand how you interact with the site.

2. Types of Cookies We Use

  • Essential Cookies: Necessary for the operation of our Services.

  • Analytics Cookies: Help us understand how users engage with our Services to improve performance.

  • Advertising Cookies: Used to deliver advertisements relevant to you and your interests.

3. Managing Cookies

You can control cookies through your browser settings. However, disabling cookies may affect the functionality and availability of our Services.

For more detailed information, please refer to our Cookie Policy.

Your Rights and Choices

Under applicable data protection laws, you have certain rights regarding your personal data.

1. Access and Correction

  • Access: Request access to the personal data we hold about you.

  • Correction: Request that we correct or update your personal data if it is inaccurate or incomplete.

2. Deletion

  • Right to Erasure: Request that we delete your personal data, subject to certain exceptions provided by law.

3. Restriction and Objection

  • Restrict Processing: Ask us to restrict the processing of your personal data under certain circumstances.

  • Object to Processing: Object to the processing of your personal data for direct marketing purposes or on grounds relating to your particular situation.

4. Data Portability

  • Transfer of Data: Request to receive your personal data in a structured, commonly used, and machine-readable format.

5. Withdraw Consent

  • Consent Withdrawal: Withdraw your consent at any time if we process your personal data based on your consent.

6. Marketing Communications

  • Opt-Out: Opt-out of receiving promotional emails by following the unsubscribe instructions in those emails or by contacting us directly.

7. Complaints

  • Supervisory Authority: File a complaint with the relevant data protection authority if you have concerns about our data practices.


Contact Us

To exercise your rights, please contact us using the information provided in the Contact Us section.


Data Security and Retention

Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

  • Encryption: Use SSL encryption to protect data transmitted between your device and our servers.

  • Access Controls: Restrict access to personal data to authorized personnel.

  • Security Protocols: Regularly review and update our security practices to enhance data protection.


Retention Periods

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements.

  • Account Information: Retained for the duration of your account and for a period thereafter as required by law.

  • Medical Information: Retained in accordance with legal requirements for medical records.

  • Communication Records: Retained as necessary to address inquiries or feedback.


International Data Transfers

Your personal data may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws different from those of your country.

We ensure that appropriate safeguards are in place to protect your information when it is transferred internationally, such as:

  • Standard Contractual Clauses: Utilizing approved contractual clauses to ensure data protection.

  • Adequacy Decisions: Transferring data to countries deemed to have adequate data protection by relevant authorities.


Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children under 18. If you are under 18, please do not use our Services or provide any personal information to us.

If we become aware that we have collected personal data from a child under 18, we will take steps to delete such information promptly. If you believe we might have any information from or about a child under 18, please contact us.


Third-Party Links

Our Services may contain links to third-party websites or services that are not owned or controlled by Curada. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites or services before providing them with your personal information.


Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

  • Notification of Changes: We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

  • Continued Use: Your continued use of the Services after changes are posted constitutes your acknowledgment and acceptance of the changes.


Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • By Mail:

    Curada

    Data Protection Officer

    Techstars WeWork

    Aldwych House, 71-91 Aldwych

    London WC2B 4HN

  • By Email:

    privacy@curada.co.uk

© Framer Inc. 2023

Instagram

Email