Privacy Policy

1. Introduction

Medtravel-R GmbH, trading as Pharma Logistic ("we," "our," or "us"), is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and safeguard your information when you use our services, visit our website (pharmalogistic.at), or interact with our company.

We comply with the General Data Protection Regulation (GDPR), Austrian Data Protection Act, and all applicable EU privacy regulations.

2. Data Controller Information

Data Controller: Medtravel-R GmbH (Trading as: Pharma Logistic)
Address: Lazarettgasse 3/4, 1090 Wien, Österreich
Email: hello@pharmalogistic.at
Phone: +43 660 5464386
Website: https://pharmalogistic.at

3. Information We Collect

We collect personal data on a voluntary basis when you use our services or visit our website. The information we collect includes:

3.1 Personal Information

• Full name
• Email address
• Phone number
• Age (for verification purposes)
• Delivery address
• Payment and billing information

3.2 Technical Information

• Anonymized visitor data collected through cookies
• Website usage data and analytics
• IP address and browser information
• Device information

3.3 Transaction Information

• Order details and history
• Shipping and delivery information
• Customer service correspondence

4. How We Use Your Information

We process your personal data for the following purposes:

• Communication: To contact you via email regarding your inquiries, orders, and service-related matters
• Service Access: To provide access to our services and content on our website
• Order Processing: To process and fulfill your product orders and manage delivery
• Notifications: To send you information about products, services, and special offers (you can opt out at any time)
• Website Analytics: To analyze site usage and improve the quality of our services
• Legal Compliance: To comply with applicable laws and regulations
• Customer Support: To respond to your questions and provide customer service

4.1 Opt-Out of Marketing Communications

If you wish to stop receiving marketing notifications and special offers, you can opt out at any time by sending an email to hello@pharmalogistic.at with the subject line "Unsubscribe from notifications" or "Opt-out".

5. Legal Basis for Processing

We process your personal data based on the following legal grounds:

5.1 Consent

The primary legal basis for processing your personal data is your explicit consent, which you provide when submitting forms on our website or using our services. You have the right to withdraw your consent at any time.

5.2 Contractual Necessity

We process your data to fulfill our contractual obligations in providing services, including order processing, delivery, and customer support.

5.3 Legal Obligation

We may be required by law to collect and maintain certain information to comply with applicable regulations, tax requirements, and legal obligations.

5.4 Legitimate Interests

We process data for our legitimate business interests, such as improving our services, preventing fraud, and ensuring website security, always balanced against your privacy rights.

6. Data Sharing and Disclosure

We never share your personal information with third parties without your explicit consent, except as required by law.

6.1 Service Providers

We may work with trusted service providers who assist us in operating our website and conducting our business, such as:

• Courier and logistics companies for delivery
• Payment processors for secure transactions
• IT service providers for website hosting and technical support

These service providers are contractually obligated to protect your data and may only use it for the specific services they provide to us.

6.2 Legal Requirements

We may disclose your information when required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

7. International Data Transfers

Due to the international nature of our services, your data may be transferred to countries outside the EU/EEA. We ensure adequate protection through:

• European Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules when applicable
• Certification schemes and codes of conduct

8. Data Security

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, loss, misuse, or alteration.

Our security measures include:

• Secure encryption for data transmission (SSL/TLS)
• Secure servers with access controls
• Regular security updates and monitoring
• Restricted access to personal data on a need-to-know basis
• Staff training on data protection and security practices

While we strive to protect your personal data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but continually work to improve our security measures.

9. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

You can request deletion of your personal data at any time by contacting us. However, we may need to retain certain information to comply with legal obligations, resolve disputes, or enforce our agreements.

The retention period for your data is indefinite unless you withdraw your consent or request deletion.

10. Your Rights Under GDPR

10.1 Right of Access

You have the right to request a copy of the personal data we hold about you.

10.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

10.3 Right to Erasure

You may request deletion of your personal data, subject to legal and regulatory requirements.

10.4 Right to Restrict Processing

You can request limitation of how we process your data in certain circumstances.

10.5 Right to Data Portability

You have the right to receive your data in a structured, machine-readable format.

10.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

10.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

11. Cookies and Website Technologies

Our website uses cookies and similar tracking technologies to enhance your experience and analyze site usage. We use Google Analytics to understand how visitors interact with our site, which helps us improve our services.

11.1 Types of Cookies We Use

• Essential Cookies: Necessary for website functionality, security, and legal compliance
• Performance Cookies: Help us understand website usage and improve user experience
• Marketing Cookies: Used for personalized advertising and marketing communications (with your consent)

You can manage your cookie preferences through our cookie consent banner when you first visit our website, or through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.

12. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. When providing services to minors, we require parental consent and involvement of legal guardians.

13. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes through email or website notice. Continued use of our services after changes indicates acceptance of the updated policy.

14. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:

15. Supervisory Authority

If you believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with the relevant supervisory authority:

Austrian Data Protection Authority (Datenschutzbehörde)
Barichgasse 40-42
1030 Vienna, Austria
Phone: +43 1 52 152-0
Email: dsb@dsb.gv.at

Effective Date: This Privacy Policy is effective as of December 2024 and remains active indefinitely until superseded by a new version.