This statement discloses the privacy practices and policies for Medray. If you have any questions about these practices and policies, please e-mail us through our contact us page.
Please also see our Terms and Conditions of Sale.
Medray respects your personal privacy. We protect any personal information you give to Medray (address, name, email address) etc. If it is necessary for us to request any personal information, the purpose for doing so is disclosed in this statement.
This website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation 2018 (GDPR)
- UK Data Protection Act 1988 (DPA)
- Irish Data Protection Act 1993 (DPA)
This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well.
Personal information that this website collects and why we collect it
Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
Contact forms and email links
Should you choose to contact us using the Contact form on our Contact us page, the data that you supply will be transmitted to Medray and may be stored on our Customer Relationship Management (CRM) systems. All contact forms submitted through this website are sent on our secure 256bit SSL connection.
If you choose to join our email newsletter, the email address that you submit to us will be forwarded to MailChimp who provide us with email marketing services. We consider MailChimp to be a third-party data processor. The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
While your email address remains within the MailChimp database, you will receive periodic newsletter-style emails from us.
How we store your personal information
All identifiable data entered on our website is stored in our database in an encrypted format. Only with the correct use of encryption keys can this data be presented back to you or to our Content Management System (CMS) administrators. All personal data is only available through the 256bit SSL connection using encrypted passwords.
Our third-party data processors
As mentioned before, we use Google Analytics to track users on our website and to process personal data on our behalf. Google is based in the USA and is EU-US Privacy Shield compliant.
For orders placed on-line
Information collected is used to complete transactions that you request. If you purchase products from our website, you must provide certain information which is added to our internal ordering systems. All personal details stated below are encrypted within our on-line database.
Payment card details are destroyed once verified, they are processed by Global Payments and Medray cannot access your card or payment details.
We do share account order confirmations with relevant sales team members of the Medray Group. All orders generated on this website are stored within Medray’s order processing system and on our internal servers where the orders are managed by our staff.
It may be necessary to share the user’s personal information with outside shipping companies or other relevant companies that Medray contracts to deliver orders.
For on-line account holders
If you decide to open an on-line account with Medray, we will request personal details to create your account. A live email account must be used to validate the account details. All the details supplied to Medray can be used where indicated, to receive electronic promotional material or conventional promotional material. All personal details are encrypted in our on-line database. Medray cannot access your password. You can reset your password using the 'Forgot my Password' button in the customer login page.
General Privacy Guidelines
256Bit SSL Security
Your personal information is encrypted in our website database and only authorised website users can access your details through a password protected service. All services where your details are being requested by Medray are processed through our secure server using Secure Socket Layer (SSL) encryption.
If you supply us with your address, we may use your address to send you promotions or offers pertaining to new product launches, catalogues or other promotional material
Medray uses PCI Compliant third-parties to process card payments on our website. Our providers are PCI compliant to protect your card data. Medray must also do regular attestments of the PCI compliance of this website.
Prevention of Fraud
Medray reserves the right to co-operate with local, national or international law enforcement authorities in the investigation of improper or unlawful activities.
If a specific investigation requires personal information to be supplied, it may be necessary to disclose personal information relating to those individuals.
Medray will use the necessary security safeguards to protect personal information against loss, theft and unauthorised access. Any personal information supplied provided by you is exchanged on a secure server using SSL (Secure Socket Layer) encryption and database encryption. It is important to note that an e-mail is NOT a secure means to send personal information as it is not encrypted.