Privacy Notice
Hello. We are Podiatry Products Ltd. (PPL Biomechanics). Here's how we protect your data and respect your privacy. We wanted to make this information clear and easy to understand. Click here to read our Privacy Policy.
Our role in your privacy
If you are a PPL customer or just visiting our website, this policy applies to you.
Our responsibilities
If you are a registered customer of PPL we act as the data controller of personal data about you, but as the data processor of personal data about those for whom you are ordering our products.
We are not required to appoint a data protection officer, however, we have appointed a person who is responsible for all data protection queries. Her name is Julie Hegarty. You can reach her via julie@pplbiomechanics.com
Your responsibilities
- Read this Privacy Statement.
- If you are our customer, please also check the contracts between us: they may contain further details on how we collect and process your data.
- If you provide us with personal information about other people, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. By submitting the information, you confirm that you have the right to authorise us to process it on your behalf in accordance with this Privacy Policy.
When and how we collect data
We collect data from our customers when they request a new account with us. We will confirm payment details and shipping information at this time.
When you order a custom-made device from us, you provide us with your patient details via a prescription as well as an image or reasonable facsimile of the patient’s foot.
Here’s when and how we collect data:
- You complete a contact form requesting more information via our website.
- You initiate a new customer request from us which can be made via telephone, post or email.
- You send us a prescription for a custom-made device (sent via An Post, email, facsimile, courier).
- You amend your prescription based upon our technical guidance (via phone or email).
- Any changes necessary during the customer service process.
Types of data we collect
- Customer name, profession*, Address and e-mail address; Telephone number and mobile number
- Billing address and shipping address and bank details or credit/debit card details.
- Patient name, sex, age, weight, and other medical information as it relates to designing an appropriate device.
- Your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version, etc.
How and why, we use your data
Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:
Fulfil an order.
When a customer prescribes and purchases a device from us, we may only use the patient data to produce the device ordered. We use your customer data to bill and ship the device (important note – PPL will not ship direct to the patient).
Legal Basis: Contract
Customer Support
Notifying you of any changes to our service, solving issues via phone or email including any device issues.
Legal Basis: Contract
Track our website health and usage
We use Google Analytics to track your experience on our website. This helps us to better understand what people want to use our website for. We use cookies according to those you agree to when first using our site. If you do not give consent, Google Analytics will not use your data in this way.
Legal Basis: Consent
Your privacy choices and rights
You can choose not to provide us with personal data.
If you choose to do this, you can continue to use the website and browse its pages, but we will not be able to process orders without personal data.
You can turn off cookies
You can block cookies by activating a setting on your browser allowing you to refuse cookies, or by using the cookie tool on our website. You can also delete cookies through your browser settings. If you turn off cookies, you can continue to use the website but certain services (like our support webchat) will not work effectively.
You can ask us not to use your data for marketing
We will inform you (before collecting your data) if we intend to use your data for marketing and if third parties are involved. You can opt out from marketing by emailing us at infosec@pplbiomechanics.com
Your rights
You can exercise your rights by sending us an email to: infosec@pplbiomechanics.com
However, if you are not a PPL Biomechanics customer, but a patient who has received one of our products via a practitioner, please contact your practitioner.
This includes the right to ask us supplementary information about:
- The categories of data we’re processing
- The purposes of data processing
- The categories of third parties to whom the data may be disclosed
- How long the data will be stored (or the criteria used to determine that period)
- Your other rights regarding our use of your data
We will provide you with the information within one month of your request, unless doing so would adversely affect the rights and freedoms of other (e.g. another person’s confidentiality or intellectual property rights). We’ll tell you if we can’t meet your request for that reason.
You have the right to access information we hold about you
You have the right to make us correct any inaccurate personal data about you
You can object to us using your data for profiling you or making automated decisions about you
You have the right to port your data to another service
We will give you a copy of your data in CSV or JSON so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you. We will not do so to the extent that this involves disclosing data about any other individual.
You have the right to be ‘forgotten’ by us
You can do this by asking us to erase any personal data we hold about you, if it is no longer necessary for us to hold the data for purposes for which we process it. This right doesn’t always apply (for example, if we have a contract with you), but we’ll tell you if this is the case when you ask us to erase your data.
You have the right to lodge a complaint regarding our use of your data
Please tell us first, so we have a chance to address your concerns. If we fail in this, you can address any complaint to the Data Protection Commission
How secure is the data we collect?
We have physical, electronic, and managerial procedures to safeguard and secure the information we collect. We take our commitment to protecting personal data very seriously.
And please remember:
- You provide personal data at your own risk: unfortunately, no data transmission is guaranteed to be 100% secure
- If you believe your privacy has been breached, please contact us immediately on infosec@pplbiomechanics.com
Where do we store the data?
The personal data we collect is processed at our offices in Cork and in any data processing facilities operated by the third parties identified below. All facilities storing special category data (health data) are located in the EEA.
However, our website is currently hosted via Shopify and is hosted in Canada. If you use our website your data may be transferred to Canada and perhaps the US. If the data is transferred to the US, Shopify uses Standard Contractual Clauses to keep your data safe. For more information, please see Shopify’s privacy policy.
How long do we store your data?
If you’ve been a PPL Biomechanics customer, we’ll delete your personal data from our systems six years after you stop being a PPL Biomechanics customer. We keep the information in case there are any legal claims relating to your time as a customer.
We will hold prescription and order data for 10 years as per Regulation (EU) 2017/745 Annex XIII.
Third parties who process your data
We use third parties to help us host our website, host remote backups, power our emails etc. We partner with third parties who we believe are the best in their field at what they do.
When we do this, sometimes it is necessary for us to share your data with them in order to get these services to work well. Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy.
Any data transfers to these third parties are encrypted and protected to the highest level due to their sensitive nature.
Cookies
We use cookies. Unless you adjust your browser settings to refuse cookies, we will issue cookies when you interact with our website. These may be ‘session’ cookies, meaning they delete themselves when you leave, or ‘persistent’ cookies which do not delete themselves and help us recognise you when you return so we can provide a tailored service.
How can I block cookies?
You can block cookies by activating a setting on your browser allowing you to refuse the setting of cookies. You can also use our cookie banner to manage your preferences. You can also delete cookies through your browser settings. If you use your browser settings to disable, reject, or block cookies (including essential cookies), certain parts of our website or app will not function fully. In some cases, our website or app may not be accessible at all. Please note that where third parties use cookies, we have no control over how those third parties use those cookies.
You made it
Well done for getting to the bottom of this statement. If you would like to read our full privacy policy, you can access that here PPL Biomechanics Privacy Policy.
Please don’t make this the last time you read it as we will post any changes on this page - significant changes will of course be notified to PPL Biomechanics customers.