Lansinoh Laboratories Fair Processing Notice / Privacy Policy Published: 01/10/2020
As an organisation we care about your privacy and apply best practices with your personal data. This notice describes your rights as a website visitor or customer of
Lansinoh Laboratories UK Ltd, branded as (Lansinoh).
This policy provides information about your rights relating to your personal information along with how we collect, use and share your data.
Lansinoh is committed to abiding by all relevant data protection laws in the countries in which we operate, and will be open and transparent in how we use your personal information. Many people will be aware of the EU General Data Protection Regulation (GDPR) updating the European laws which each member state will enact, to establish GDPR compliance in their country. Lansinoh acknowledges its requirement to comply with these laws, as well as local laws applicable to other countries.
Within this policy, each section laid out below expands to provide more detailed information about your rights and how we process your data. The policy also contains external links to provide more detailed information on many of the areas covered.
Please note many links provided in this policy are external to Lansinoh, please be aware that whilst every effort is made to ensure that the links are valid and relevant, we have no control over the security, legality or reliability of the information supplied. If you find any broken links, please contact our local Data Protection Team via the Contact details in the who we are section.
Lansinoh is a company providing nursing mothers with products to support healthy breastfeeding. More information about can be found here.
Lansinoh Laboratories UK Ltd is/are Data Controllers under GDPR legislation, the terms “we” “us” “our” in this notice relate those names listed here.
Our global contact for data protection queries is dpo@lansinoh.co.uk
Our local addresses can be found on our website.
If you need to contact someone to talk about personal data privacy you can contact our local Data Protection Team at: privacy@lansinoh.co.uk
We operate in many countries, and abide by the privacy laws relevant to where we do business. Our reputation is important to us as is the fact that we give you assurance that your data is being used fairly and lawfully.
If we share any data across international boundaries, we do so under strict legal processes ensuring that security and confidentiality of your personal data is paramount at all times.
You can choose to see the list of countries and laws which we comply with below. Not all will be relevant to you, but we believe that you have a right to know and to understand how we look after your data.
Countries in which we operate and an indication of the laws we abide by.
The list of laws may not be comprehensive, but rest assured we comply with the law, always.
- Brazil
- Privacy protection processes, in line with Lansinoh global privacy best practices
- Germany
- Bundesdatenschutzgesetz (German Data Protection Amendment Act)
- EU General Data Protection Regulation
- France/Benelux
- CNIL Commission nationale de l’informatique et des libertés
- EU General Data Protection Regulation
- Spain
- LOPD Ley Orgánica de Protección de Datos de Carácter Personal
- EU General Data Protection Regulation
- Turkey
- Law No.6698 Protection of Personal Data (PDPL)
- Other European Union members
- EU General Data Protection Regulation
- United Kingdom
- Data Protection Act 2018
- EU General Data Protection Regulation
- The United States of America
- Privacy protection processes, in line with Lansinoh global privacy best practices.
- The Federal Trade Commission Act, California State privacy law, and local state law as applicable.
We place controls on all personal data being transferred internationally and we only do such transfers with your knowledge and, where relevant, your permission.
We ensure that agreements and contracts are in place as required by law. If you wish to know more about the law, please click here .
We process your personal information as follows
- To meet our legal, statutory and contractual obligations
- To provide you with information about our products events and services
- To provide you with information from third parties that we feel you would find interesting and relevant
- To ask you to participate in surveys
- To process any orders for our products and services
- To process any request, you may have, regarding our products and services.
We will never collect any unnecessary personal data from you, and do not process your information in another way than already covered in this notice, or at the point where we request information from you, e.g. via a form online.
Personal data, is data which identifies a person (you) (known as a Data Subject under the GDPR) from the information you have provided, or if we have combined data that we already have access to, to identify you.
You can find out more about the legal definitions of personal data here.
In summary, personal data is:
- Name
- Address
- Date of birth
- Email address
- Place of work
- Bank account details
- An IP address
In addition, there are “special categories” of personal data which means that the data is considered more sensitive, such as:
- Data related to your health
- Genetic data
- Religious beliefs
- Criminal convictions
- Data about race or ethnic origin
Click here for a more complete list of this type of data.
We collect your personal data for several reasons including to enable us to provide you with a product you purchase, or a service you are interested in and where you have provided these details. Your personal data may be collected from several places.
The information we collect about you can come from:
- Information you have provided whilst registering for, or buying a product
- Forms on the website or on paper which you have completed
- Information provided over the telephone
- Information you have provided via email correspondence with us
- Third parties supplying your information (see below)
- Participation in forums or discussion boards
- Entering a competition or completing surveys
- Via the website in accordance with our cookie policy
Usually we will collect information directly from you, which you have provided yourself.
However, sometimes we get your personal information from third parties (list below) who provide us with the information of people who have given permission for their personal data to be shared with us. We will always use such information responsibly and in accordance with your rights.
Where your personal data is used by us, you have freedom of choice for example when receiving direct marketing, you will always be afforded the option of stopping further contact “unsubscribe” and controlling these consent options to your own satisfaction.
If you believe that we have misused your personal data, please contact us and we will work resolve your problem as swiftly as we can.
We may get your information from third parties, where your permission is given or there is a valid legal basis for obtaining it, from:
- Marketing companies – who provide lists of people with whom we may make contact to interest them in our products
- Business partners – to fulfil contractual obligations
- Public sources
- Conference or Exhibition organisers
When you visit our website, we may collect technical information such as login information, IP address and browser settings. We do this so that we can provide you with a good browsing experience and to better understand how people use our website so that we can improve our offering to you. We may use cookies on our website and you will be informed of this when you browse. You can review our cookie policy to find out more about the cookies we use and how to control what the cookies do.
We will use your personal data to let you know about offers and products (marketing), so long as we have your permission to do so. Wherever we collect personal data with marketing in mind, we will inform you and provide you with a choice to continue or stop being contacted for this purpose.
We will use your personal data to fulfil any contract we have with you, which will usually be when you order a product from us, we are contractually obliged to use your personal data to ensure you get the right product.
[We may use your personal data, with your permission, to provide to third parties who you may be interested in hearing from. We will always ensure we have your permission to do this before we share.]
We may use your personal data to ask you to help us with Marketing or Healthcare surveys.
If you do not wish to provide your personal information to us, we may not be able to provide the products and services you request, or to tell you about other products and services offered by Lansinoh.
There are some organisations we work closely with, where we must share your personal details, to provide the goods and services you require. This may be manufacturers, where your product is made to order, and courier/delivery organisations so that the item can be shipped.
Where your personal data must be shared for us to provide you with a service, then we make sure that our partners have the right controls in place to use your information responsibly and under our control. Categories of partners who may see your information are listed below.
It is important for us that you understand who your information may be shared with and the seriousness with which we take the confidentiality of your personal data. If you have questions about such uses of your personal data, we will happy to tell you more.
We may also share your information with organisations where there is a need to check the accuracy of data we hold and where there may be legal or regulatory requirement to provide personal data, for example law enforcement.
We will never share your personal data, unless there is a valid legal reason or need to do so.
- Manufacturers
- Distributors
- Courier companies
- Finance providers (when you opt for finance)
- Payment providers (which take your bank card details and process payments)
- App Developers
- ECRM or CRM System providers
- Email system or File Storage Cloud system providers
Your personal data is kept secure always and we use the latest technology to ensure that all our data is kept confidential, especially personal information that we hold.
Your information may be kept in a number of places, all of which comply with data protection requirements. We use cloud providers and online application providers to help us run our business. Personal data may be held on systems and databases in several locations. However, your personal information will be held with requirements of confidentiality and with suitable legal agreements and contracts in place, so you can be assured that your personal data is looked after.
Some of our systems may include the transfer of your personal data to other countries. Your data will only be transferred to other countries which have adequate provision in place to protect personal data to an equivalent level as the General Data Protection Regulation (GDPR) for Europe, and where applicable the local Privacy laws of the country we are operating in. An adequacy provision under GDPR for example is a US data processor, registered with US Privacy Shield.
We will keep your personal data for a length of time that is in line with our need to identify you and to provide goods or services to you. If you are a customer, then we will keep personal information about you for our legitimate business purposes, such as ensuring we can identify you in the case of a warranty claim, to identify payments and within our finance systems for auditing and accounting purposes. We will also keep your information you have provided for marketing purposes for a period of time that allows us to contact you with offers, if you have agreed to be contacted, and to ensure that we do not contact you inadvertently if you have refused marketing contact.
We will only keep your personal data for as long as there is a legitimate requirement to do so.
More information on how long we keep your data is available by emailing privacy@lansinoh.co.uk
If you are based within the European Union, European data protection legislation under GDPR gives you rights over how your personal data is used. The main rights related to your personal data can be expanded below, but there are others which you may like to find out more about by looking up the Data Protection Act 2018 or the General Data Protection Regulation.
You have a right to be informed about the collection and use of your personal data. We have an obligation to be transparent and provide you with this information freely and that it is easily understood. This notice serves to provide information on collection and use of personal data, and you may contact us if you want to know more about any aspect of how we handle your personal information. More information on this right is available here.
You have a right to have access to the information we hold about you and to verify that we are using your personal data lawfully. If asked we will provide confirmation of what personal data we hold, provide a copy of the data, and inform you of any other rights you may have. You can find out more about what you are entitled to request by clicking here.
If you would like to make such a request, please see the section below “Access to your information”
You have the right to have any information held about you which is inaccurate to be rectified. If you believe that we have inaccurate information, for example a misspelt name, then please contact us and we will do our utmost to sort it for you. More about rectification here.
You have, subject to certain conditions being met, the right to be forgotten. Where we can, we will remove all your details from our systems subject to being able to do so reasonably, and where no other legal or legitimate reason exists to keep your personal data. For example, if you owe money to us via an account, we would expect this to be cleared before we considered erasure of your details. Please look here for more information on this right.
In some cases, you may require us to hold your data but not process it, this may be relevant if you believe inaccuracies have not been corrected and further processing would cause issues for you as an individual. More information on this right can be found here.
Personal data portability, means that on request we will give you the information we hold about you in a form that can easily be used by other systems. This is most likely to be a spreadsheet file so that you may pass this information on to other organisations with which you would like to share the data. It may not always be possible to give you everything about you in this format, but we will always strive to provide what we can for you. Click here for more information.
You have a right to object to how personal data about you are processed, in some instances. You may object to us processing your personal data for our “legitimate interests”, to stop direct marketing and processing your personal data for research or statistical purposes.
[Whilst we do have legitimate interests under which we process data and we do send marketing messages out to those that want them, we do not undertake research or statistical reporting.]
Unless we can demonstrate compelling reasons for continuing to process your personal data, which we will explain to you, if relevant, when you object, then we will always endeavour to comply with your wishes.
You may find out more about this right, here.
Should we wish to carry out any automated decision making or profiling of you, using your personal data, then we will abide by the law and only do this where it is necessary to do so, or we have your consent.
Any decisions made automatically about you will be made obvious to you, where they have a direct effect on you. You will always have the ability to contact us and query these activities and request that they stop or have human intervention.
We aim to be transparent and open about this type of data processing so that you can feel assured that your data is safe, kept confidential and always used lawfully and fairly.
Details about this right can be found here.
You have a right to complain to the regulator in the country in which you reside or where you believe any misuse of your data has taken place. Please see the section “Complaints” below for more information.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking specific boxes on the forms we use to collect your data. You can also exercise your right at any time by contacting us at the email address above.
We will always ask you for your consent to use your personal data for marketing or other purposes where you have a right to choose how your data is used.
As an international company we have obligations to abide by the laws of all the countries we operate in (see above). On this basis we may collect your permission in the following ways
- Opt-in – we will ask you to indicate that you are happy for your personal data to be used in the way we describe.
- Confirmed Opt-in – (Also known as a Double Opt-in) This is optional in most countries however if deemed appropriate/desirable or required by local law in your country, we will, following your indication that you wish your personal data to be used in the way we have described, we will further contact you by email to seek a second confirmation of your wishes.
- Soft Opt-in – where you are an existing customer, health care professional registered on our sampling program, or a member of one of our Mums clubs or on any other Marketing Database we have that already exist and you have given prior permission to, and you have not indicated otherwise (we will always give the option for you to opt out “unsubscribe” when we seek to use your data in different ways). You can stop this happening at any time by selecting unsubscribe on any electronic marketing material you receive, or emailing privacy@lansinoh.co.uk with the subject line unsubscribe
These methods of collecting permission to use your data are ways that we endeavour to ensure that we are being transparent and open in how we use data, so that you can be assured of our best intentions at all times.
As a business, we do not target our offerings toward, and does not knowingly collect any personal information from people under 13 years of age.
Our Site may include links to other Web sites whose privacy practices may differ from ours. If you submit personal information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any Web site you visit. If you chose to follow one of these links, you do so at your own risk.
Lansinoh is not responsible for the accuracy or reliability of any information, data, opinion, software, advice, content or statements contained on third-party websites, or for the quality of any products or services available on these websites.
If you chose to provide any personal information to a third-party website, you do so at your own risk. Ensure you have read and understood the third-party privacy policy. Lansinoh cannot not guarantee that any information you provide will not be misused or disclosed to other third parties by means beyond our control.
Lansinoh will not have any liability to you, for any such misuse or disclosure by the third-party.
A cookie is a small file placed on your device when you visit a site that can be understood by the site that issued the cookie. We may use the information collected by cookies to remember who you are, if purchasing online your details and shopping cart, to provide to you with advertisements, offers or other content tailored to your interests, and to assess how our sites are used. You can accept or decline cookies through your browser settings. To learn more about Cookies you can visit http://www.allaboutcookies.org/cookies To see our complete cookie policy please click here
Our Web site may include Social Media Features, such as the Facebook Like button and Widgets, a share button or interactive mini-programs that run on our site. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Please note Your interactions with these Features are external to Lansinoh and governed by the privacy policy of the company providing them.
Our websites can use numerous technologies to capture and analyse activity on our website. We can use this technology to help us understand and enhance the visitor experience, improve our rankings in Search engines, and ensure your visit to our website and any data you supply is processed legally and securely. We do our best to secure and minimise the risk to any data you supply, however please note that no method of transmission over the Internet, or method of electronic storage, is 100% secure. Please note the systems listed below could change or be added to, it is recommended you check back here occasionally to review the systems currently in use.
Further details about the technologies we use.
Our website on some pages may use Facebook Pixels, this helps us track your interest in our products and articles and enables us to provide a better experience for you by adding you to relevant Facebook groups to keep you informed with relevant information. You can find out more about Facebook Pixels by Clicking here
Our Website uses Google analytics to track visitor activity. This helps us maintain the visitor experience and helps us ensure when you visit our website the information you receive is relevant and useful. Google analytics will collect your IP address however in most cases the last four digits of your IP address is automatically removed. detailed information about Google analytics is available here
Google Tag Manager is a tag management system that allows us to quickly and easily update tags and code snippets on your website or mobile app.
A tag management system is designed to help manage the lifecycle of e-marketing tags (sometimes referred to as tracking pixels or web beacons), which are used to integrate third-party software into digital properties
A tag is a piece of code that sends information to a third party, such as Google Analytics.
Tags are often provided by analytics, marketing, and support providers to help you integrate their products into your website or mobile app.
We may use web beacons (or clear GIFs) on our websites or include them in the e-mail messages we send you.
Web beacons (also known as “web bugs”) are small strings of code that provide a method of delivering a graphic image on a web page or in an email message for transferring analytical data back to us or a third party.
The information collected via web beacons may pass along information such as
- the IP addressof the computer that retrieved the image,
- the time the Web beacon was viewed and for how long,
- the type of browserthat retrieved the image and previously set cookie values.
- Also, information about how a user responds to an email campaign (e.g., the time the email is opened, where does the user link to from the email, etc.).
We use web beacon information for a variety of purposes, including but not limited to, site traffic reporting, unique visitor counts, advertising and email auditing and reporting, and personalisation. More information about Web Beacons can be found here
When you complete one of our contact forms on this website, we aim to ensure your data is kept secure. For maximum security we use the cloud platform Smartsheet to generate and host our contact forms. The form you see, and when completed by yourself, any information supplied on the form will be processed and stored by Smartsheet externally to the website in a secure US data centre on our behalf. Smartsheet are US Privacy Shield registered. All data is securely transported TLS and stored encryption-at-rest using the latest encryption methods. To find out more about how SmartSheet handles the data you supply, click here.
When you complete one of our contact forms on this website, we aim to ensure your data is kept secure. The form you complete to join Happy Tummy Club is generated by our ECRM (electronic customer relationship management) system called Act-On. This system generates the form you see and complete, any data you enter on the form, is processed and stored externally to the website using the latest encryption technologies TLS and Encryption at Rest. The data is stored in Secure US data Centres. Act-On is GDPR aware and compliant, and is EU-US Privacy Shield registered. To find out more about the EU-US Privacy Shield click here. To find out more about Act-On security, please click here
To ensure the data you supply is kept as secure as possible, we have different operating processes for the Sampling program, and the process method we will use depends on the Country you are applying from. Subsequently we have two methods for processing any data you supply on one of our professional “Sampling Program” application forms.
Method one: we will use a SmartSheet form, More Information about how SmartSheet processes your data can be found previously in this privacy notice under the heading “Contact Forms”.
Method Two: we use an ECRM (Electronic Customer Relationship Management) system called Act-On. This system generates the form you see and complete, any data you enter on the form, is processed and stored externally to the website using the latest encryption technologies TLS and Encryption at Rest. The data is stored in Secure US data Centres. Act-On is GDPR aware and compliant, and is EU-US Privacy Shield registered. To find out more about the EU-US Privacy Shield click here. To find out more about Act-On security, please click here
As covered in the section on your rights, if you live in the European Union you have a right to request access to the information we may hold about you and to obtain a copy of this information.
If you wish to make this request, guidance on how to make a request can be found here.
You can make a request by
• Emailing our data protection officer, whose contact details are in the “who we are” section at the top of this policy.
• In writing using the address provided in the Who we are section at the top of this policy.
• Our preferred method, completing our subject access request form by following this link.
We will respond to you as soon as possible, and within the statutory time limit.
We strive to use your personal data responsibly, lawfully and fairly. However, if you do have a complaint, then please contact our Data Protection Officer; contact details are in the Who We Are section at the top of this notice
If you have raised a complaint and believe that we have not dealt with your complaint appropriately, you have the right to complain to the relevant Regulator in your country, a list of which is maintained here; Complaints information
This privacy notice will be amended from time to time, any changes will be reflected here, and the published date indicated at the top of the page.