RightShop Technologies Inc. (referred to here as, “RightShop,” “we,” “us,” or “our”) are the providers of the RightShop platform in any of its forms, including but not limited to mobile and desktop. The Platform is designed to offer you a more personalized and healthy approach to your online shopping experience.
RightShop is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how RightShop collects, uses, discloses, and protects personal data in compliance with the General Data Protection Regulation (GDPR) regulations, and the Health Insurance Portability and Accountability Act (HIPAA).
Please take the time to read this Privacy Policy carefully to understand what RightShop does, and why, regarding protection of your personal information. Your explicit and informed consent will always be sought when providing data to RightShop, when using RightShop’s services, and at any other point in time where updates of permissions may be required.
1. Information Collected by RightShop
RightShop may collect and process any or all of the following categories of personal information:
- Identifying information including name, email, social media contact information, address, phone number, date of birth, and other related information identifying you directly or indirectly.
- Health and related information including personal data, records, diagnoses, treatment and supplement histories, medications used and in use, and any other information required to provide RightShop’s ecommerce and related services.
- Data and metadata (“information about information”) on how you use our services, including interactions with RightShop’s online presences (mobile applications, website, and other relevant platforms), device types, location data, and pages visited et cetera.
2. How RightShop Uses Your Information
RightShop may use some or all of your personal information to:
- Provide the agreed ecommerce platform and related support services.
- Improve service quality by analysing data to better understand your preferences, enhance services, and ensure a focused and personalized experience. This includes provision of support, content, and appropriate recommendations.
- Enable legal and regulatory compliance with applicable laws, regulations, and potential legal requests, including regulatory and reporting obligations.
- Communicate any of the following to you: important notices, updates, and other administrative information related to your health and wellness, and to RightShop’s services.
- Engage in curated research and analytics activities with necessary and appropriate safeguards, always with your explicit, informed consent. RightShop may use anonymised/de-identified and/or aggregated data for such research, and analysis. The aims are improved precision and relevance of outcomes. With your explicit consent, RightShop may also securely share certain anonymised, de-identified and aggregated data with approved, trusted partners including researchers and healthcare/wellness entities. Data thus shared is subject to strict contractual and procedural safeguards to ensure security and confidentiality.
3. Data Security
RightShop implements appropriate technical and organisational measures to protect your personal information against theft, misuse, or alteration. Measures include encryption, anonymisation, de-identification, access controls, and regular security assessments.
4. Data Retention
RightShop retains your personal information only as long as needed to fulfil the purposes outlined in this Privacy Policy, unless longer retention is required or permitted by law.
5. Your Rights
GDPR and HIPAA grant you certain rights regarding your personal information including:
- Right to access – you can always request access to your personal information held by RightShop. GDPR HIPAA
- Right to correction / rectification – you have the right to correct or update inaccurate or incomplete personal data. GDPR HIPAA
- Right to erasure (GDPR only) – you can request deletion of your personal information in certain circumstances. GDPR
- Right to withdraw consent – you have the right to withdraw your issued consent at any time. GDPR HIPAA
- Right to restrict processing – you may request restriction of the processing of your personal data under specific conditions. GDPR
- Right to data portability – you have the right to receive your personal information in a structured, commonly used, and machine-readable format. GDPR HIPAA
- Right to object – you can object to processing of your personal information in certain situations. GDPR
To exercise your rights or to request more information, please use the contact details included in this Privacy Policy. In accordance with international policy, RightShop will respond within 30 calendar days to the request, or as early as otherwise possible.
6. Updates to the Privacy Policy
RightShop may update this Privacy Policy as needed to reflect changes in our practices or applicable regulations. Please review this Policy periodically for any updates.
7. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at privacy@rightshop.ai