Welcome to Dermarepair, represented by Dupal Medical. We are committed to protecting your privacy and ensuring that your personal data is handled in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website (https://www.dermarepair.co.uk) or purchase our products.

​

Please read this Privacy Policy carefully. By using our site, you consent to the terms described herein.

Personal Information
 
When you interact with our site, we may collect personal information that you provide to us, including but not limited to:
 

• Full Name

• Email Address

• Phone Number

• Shipping/Billing Address

• Payment Information (processed securely by third-party providers)

• Any other information you choose to provide through our contact forms or during purchase transactions

Non-Personal Information

 We also collect non-personal data automatically as you interact with our website, such as:
 

• Browser type and version

• IP address

• Time zone settings

• Device type and operating system

• Referring website or exit page

• Usage data (clicks, page views, etc.)
   

This information helps us understand how our visitors use our site and improve the user experience.

We use the information we collect for the following purposes:

​

• Order Processing: To process, fulfill, and deliver your orders, and manage payments and returns.

• Customer Support: To communicate with you regarding your order status, respond to inquiries, and provide customer support.

• Site Improvement: To enhance our website functionality, analyze trends, and improve our services.

• Marketing: To send you promotional materials about our products, offers, or news if you have opted in to receive such communications.

• Compliance: To comply with our legal obligations, such as maintaining records for tax and accounting purposes.

Under GDPR, we process your personal data based on the following legal grounds:

​

• Contractual Necessity: To fulfill your purchase orders and provide customer support.

• Legitimate Interests: For activities such as improving our website functionality and marketing to customers.

• Consent: For sending promotional emails, where you have given explicit consent.

• Legal Compliance: To meet legal obligations, such as tax laws or responding to law enforcement requests.

We will never sell or rent your personal data to third parties. However, we may share your information with:
 

• Service Providers: Third-party companies that help us operate our website, fulfill orders, process payments, and deliver packages. For example, payment processors (such as Stripe or PayPal) and courier services.

• Legal Authorities: If required by law or to protect our rights, we may share your data with government bodies or legal authorities.

• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
   

All third parties that process your personal data on our behalf are contractually obligated to keep your information secure and not use it for their own marketing purposes.

We will retain your personal data for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal, tax, or regulatory requirements. Specifically:

​

• Order data is retained for [insert retention period] years to comply with tax obligations.

• Marketing data is retained until you opt out of receiving marketing communications.

​

You can request deletion of your data at any time, subject to legal requirements.

As a data subject, you have several rights under GDPR:
 

• Right to Access: You can request a copy of the personal data we hold about you.

• Right to Rectification: You can request correction of inaccurate or incomplete data.

• Right to Erasure: You can ask us to delete your personal data, where it is no longer necessary for the purpose it was collected.

• Right to Restrict Processing: You can request to limit how your personal data is processed.

• Right to Data Portability: You can request that your personal data be transferred to another service provider.

• Right to Object: You can object to the processing of your personal data for direct marketing purposes.

• Right to Withdraw Consent: You can withdraw your consent to receive marketing communications at any time by following the unsubscribe link in our emails or contacting us directly.
   

To exercise these rights, please contact us at:
Email: accounts@dupalmedical.com
Phone: +44 (0)208 058 8480

We use cookies and similar tracking technologies to enhance your experience on our website. Cookies help us:

​

• Remember your preferences

• Track site usage and improve site performance

• Provide targeted marketing based on your browsing habits (where consent is given)

Some cookies may be placed by third parties we work with, such as analytics providers or advertising networks, to collect information about your browsing activities across different sites. Third-party cookies help us understand how our visitors use the site and measure the effectiveness of our advertising campaigns.

​

For more details on how we use cookies, including managing your cookie preferences and opting out of certain cookies, please review our Cookie Policy [https://www.dermarepair.co.uk/cookie-policy].

We are committed to safeguarding your personal data. We implement industry-standard security measures, including:

​

• Secure Socket Layer (SSL) encryption for online transactions.

• Access controls to limit who can view your data.

• Regular monitoring for security vulnerabilities.

While we strive to protect your data, no system is completely secure. By using our website, you acknowledge that any data transmission over the Internet is at your own risk.

We primarily process personal data within the European Economic Area (EEA). However, if we transfer your data outside the EEA, we will ensure that appropriate safeguards are in place, such as:

​

• Standard Contractual Clauses (SCCs).

• Binding Corporate Rules (BCRs).

• Adequacy decisions where applicable.

You have the right to be informed about how your data is protected during international transfers. Contact us if you need more information.

Our website is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such data.

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we make changes, we will revise the "Last Updated" date at the top of this policy. We encourage you to review this policy periodically to stay informed about how we are protecting your data.

If you have any questions or concerns regarding this Privacy Policy or how we handle your personal information, please contact us at:

​

Email: accounts@dupalmedical.com
Phone: +44 (0)208 058 8480

Dupal Medical is committed to protecting your privacy and ensuring that your personal information is processed fairly, transparently, and lawfully.