We adhere to strict healthcare industry privacy standards. To give you confidence that we provide reliable and trustworthy health information, we
participate in the following independent programmes:
Health on The Net Foundation – BootsWebMD complies with the principles of the HONCode of Conduct established by the Health on the Net Foundation. To verify our compliance, click on the HONCode logo.
The Site contains links to other organisations' sites. Once you enter any of these sites (whether through an advertisement, service, or content link), be aware that we are not responsible for the privacy practices of these other sites. We encourage you to look for and review the privacy statements of each and every website that you visit through a link or advertisement on our Site.
Even if you do not register, we collect Non-Personal Information about your use of the Site, special promotions and newsletters.
Most Browser software can be set to reject all Cookies. Most Browsers offer instructions on how to reset the Browser to reject Cookies in the "Help" section of the toolbar. If you reject our Cookies, certain of the functions and conveniences of the Site may not work properly but you do not have to accept our Cookies in order to productively use the Site. Additionally, we may geographically target advertising based on your IP address. We may also use local shared objects, also known as Flash cookies, to enable you to use certain interactive tools on our site. Flash cookies are different from Browser Cookies because of the amount and type of data they collect, and how the data is stored. We do not share information stored in Flash cookies with third parties and the data in them is not used by or on behalf of the Site for delivery of advertisements.
Cookie management tools provided by your Browser will not remove Flash cookies. To learn how to manage privacy and storage settings for Flash cookies, please visit the Macromedia Site.
B. Web Beacons
We also may use Web Beacons, also known as "pixels" to collect Non-Personal Information about your use of the Site and the websites of selected sponsors and advertisers, and your use of special promotions or newsletters. The information collected by Web Beacons (i) allows us to statistically monitor how many people are using the Site and selected sponsors' and advertisers' sites, (ii) how many people open our emails, and (iii) for what purposes these actions are being taken. Our Web Beacons are not used to track your activity outside of the Site or those sites of our sponsors. We do not link Non-Personal Information from Web Beacons to Personally Identifiable Information without your permission and do not use Web Beacons to collect or store Personal Health Information about you.
C. Third Parties Collecting Non-Personal Information
A. Newsletters & Emails to You
At various times as you use the Site, you will be given the option of receiving recurring informational/promotional newsletters via email. These emails will not contain Personal Health Information. When you sign up for our email newsletters or at any time, you can choose to Opt-In to receiving additional promotional emails from us, our sponsors or other third parties. In order to subscribe to our newsletters via email, we need your contact information, like name and email address. You can unsubscribe from the newsletters by simply clicking on the "unsubscribe" link at the bottom of any email newsletter or by going into "My account", clicking on "Edit" under your registration details and unticking the box which offers details on products, special offers and services on the registration page. Then click on "Update details" at the bottom of the registration page. You will then be taken back to "My account", and under Registration details, "Send information via email, will say "No". However, please allow 24 hours for these details to be updated.
If you have difficulties with our unsubscribe or subscribe service, please Contact Us and let us know about your problem.
In some cases, when you click on a link or an advertisement on our site, in an e-mail or newsletter, your Browser may be momentarily directed to the website of a third party which, acting on behalf of WebMD (see Disclosure to Third Party Contractor Web sites, at Part 6B below), notes or "counts" your response to the e-mail or newsletter before re-directing your Browser to your selected destination; this re-direction process may not be apparent to you.
B. Email a Friend
If you choose to use our Email a Friend service to tell a friend about our Site or newsletter, we will ask you for your name, your email address and your friend's email address. We will automatically send your friend a one-time email inviting him or her to visit the Site using your name and email address as the from email address. We do not use your name, your email address or your friend's email information and the information you provide using this service for any other purpose. We will only use the information you provide to send the email you request.
C. Emails You Send to Us
D. Message Boards and other Public Forums
As a service to users of our Site, we may feature links to message boards, chat rooms and other public forums where users with similar interests or medical conditions can share information and support one another or where users can post questions for experts to answer. We also offer online discussions moderated by medical or healthcare experts. Any information shared (including Personally Identifiable and Personal Health Information) that you reveal in a chat room, message board, Ask Our Expert posting or online discussion is by design open to the public and is not a private, secure service. You should think carefully before disclosing any Personally Identifiable or Personal Health Information in any public forum. What you have written may be seen, disclosed to or collected by third parties and may be used by others in ways we are unable to control or predict, including to contact you for unauthorized purposes. As with any public forum on any site, this information may also appear in third-party search engines like Google, Yahoo, MSN, Bing etc.
E. Site Registration and Interactive Tools
After you have registered as a member of our Site, you may choose to use certain interactive content, tools and services that may ask you to voluntarily provide other types of information about yourself including Personal Health Information. Some of the tools (like certain quizzes or calculators) do not retain your Personal Health Information. Others (like Ovulation Calendar) store your Personal Health Information in accordance with the authorisation you provide at the time you use the tool.
We are committed to protecting the privacy of children. Neither WebMD, Boots nor any of their services are designed or intended to attract children under the age of 13. We do not collect Personally Identifiable Information from any person we actually know is under the age of 13.
G. Market Research
You can also find additional information and resources about how to opt out of advertising and related Cookies by visiting the World Privacy Forum's Site. World Privacy Forum's Site.
WebMD and Boots does not knowingly engage in business with any company that uses spyware or malware. We do not provide users with downloadable software that collects or uses any Personally Identifiable Information or Personal Health Information without full disclosure and Opt-in consent.
In the event that we are legally compelled to disclose your Personally Identifiable or Personal Health Information to a third party, we will attempt to notify you unless doing so would violate the law or court order. In addition, we may disclose Personal Information as described below.
A. Disclosure to Boots UK Limited, Operations and Maintenance Contractors
B. Disclosure to Third Party Contractor Websites
We also provide links to sites provided by Third Party Contractor Websites that have business arrangements with us to pay commissions based on sales of products or services generated through our Site.
C. Disclosure to Linked Sites
D. Disclosure of Aggregate Information
We may provide Aggregate Information to third parties. For example, we might inform third parties regarding the number of users of our Site and the activities conducted while on our Site. For example we might inform a pharmaceutical company (that may or may not be an advertiser on our site) that "xx% of our users live in England" or perhaps that "xx% of our users have tried alternative medicine". Depending on the circumstances, we may or may not charge third parties for this Aggregate Information. We require parties with whom we share Aggregate Information to agree that they will not attempt to make this information personally identifiable, such as by combining it with other databases.
Here are some of the security procedures that we use to protect your privacy:
- Require both a personal Username (log-in name) and a Password in order for users to access their Personally Identifiable Information or Personal Health Information.
- Require a public 'Nickname' different from the Username and Password, used for any public forums like message boards.
- Use Firewalls to protect information held in our Servers.
- Utilize Secure Socket Layer (SSL) Encryption in transmitting Personally Identifiable Information to our Servers. In order to take advantage of encryption technology, you must have an Internet Browser which supports 128-bit encryption.
- Closely monitor the limited number of our employees who have potential access to your Personally Identifiable Information.
- Back-up our systems to protect the integrity of your Personally Identifiable and Personal Health Information.
Despite our efforts to protect your Personally Identifiable Information and Personal Health Information, there is always some risk that an unauthorised third party may find a way around our security systems or that transmissions of your information over the Internet may be intercepted.
A. Updating Your Personally Identifiable Information
Interactive Tools on the Site that collect and store self-reported data allow you to correct, update or review information you have submitted by going back to the specific tool, logging-in and making the desired changes. We may store user submitted data (Personally Identifiable Information and/or Personal Health Information) in an active database for a period of six (6) months. After six (6) months, user submitted data, including Personally Identifiable Information and/or Personal Health Information will be held in an active database or on an inactive back-up medium for a period of not less than six (6) years or as long as the law requires.
B. Contacting Us
If you do not receive adequate resolution of a privacy related problem, you may write to our Privacy Office at:
BootsWebMD Office of Privacy
1 Thane Road West
When we receive formal written complaints at this address, we will contact the complaining user regarding his or her concerns.
C. Removing your Personal Information
If you want to delete your Personally Identifiable Information, please call Boots Customer Care on 0845 609 0055 or update the Personally Identifiable Information that you have provided to us by accessing the My Account page and selecting 'About Me'.
We will notify you within 30 days of receipt of your letter to confirm your personal identifiers have been removed.
D. Limitations on Removing or Changing Information
Upon your request, we will delete your Personally Identifiable or Personal Health Information from the active databases and where feasible from back-up media. You should be aware that it is not technologically possible to remove each and every record of the information you have provided to us from our Servers.
We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by email, and by means of a notice on our home page.
Aggregate Information or data:As a website gathers individual pieces of Non-Personal Information (see definition below) from its users, it may combine similar data from many or all the users of the website into one big "batch". For example, the site may add up the total number of people in Liverpool, England, (but not their names) who are seeking information about weight loss and compare that to the number of people in Fife, Scotland seeking the same information.
This sort of statistical information is called aggregate data because it reflects the habits and characteristics of a large group of anonymous people. Websites may use aggregate data or share it with their business partners so that the information and services they provide best meet the needs of the users. Aggregate data also helps advertisers and sponsors on the Web know how effectively they are reaching and meeting the needs of their target audience.
Browser: Short for web browser, a browser is a software application used to locate and display web (Internet) pages. The most popular browsers are FireFox, Microsoft Internet Explorer and Safari. In addition, most modern browsers can present multimedia information, including sound and video, though they require plug-ins for some formats.
cache (also called cache memory): Once your Web browser accesses a web page, it references that page and the graphics on it within your computer's "cache" (or more simply, your computer takes a "snapshot" of every page you visit and stores it in the "cache".) The next time you visit that same page, your download time will be quicker as the images and much of the page is already available on your computer for your browser to reference instantly instead of waiting for the page and images to download again.
Channel Partner Website:A third party Web site to whom we provide content and services for that web site's health channel.
Click Stream Information: A record of all the pages you have visited during your visit to a particular Web site or the services you accessed from the site or from an email. Click Stream Information is associated with your browser and not with you personally. It records the archives of your browser.
Cookie: A small data file that is stored on the hard drive of the computer you use to view a Web site. Cookies are placed by that site or by a third party with a presence on the site, such as an advertiser using a Web Beacon (see definition below) and are accessible only by the party or site that placed the cookie (i.e. a cookie placed on your computer by us isn't accessed by any other site you visit but a cookie placed on your computer by an advertiser may be accessed by any site on which that same advertiser has a presence). Cookies can contain pieces of Personally Identifiable Information). We encrypt any Personally Identifiable Information we store in cookies. These cookies often are used to make the site easier to use. For example, if you check a box to ask that we store your user name on your computer so that you don't have to enter it each time you visit the site, it's stored in a cookie on your computer.
Encryption: The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. This is typically done by secure computer systems.
Firewall: A system designed to prevent unauthorized access to or from a public or private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorised internet users from accessing private portions of public networks. All messages entering or leaving the network pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
Nickname: As part of your registration on the Site, you will be required to provide a nickname in addition to a Username (log-in name) and a password. The nickname is the name that will appear on any of your public forum postings. This public nickname should be different from the Username that you use when you log on to the Site. NOTE: Once you establish a nickname on the Site, you cannot change it without registering with a new account.
Non-Personal Information: Information that is not traceable back to any individual and cannot be used to identify an individual. For example, Click Stream Information is Non-Personal Information, as is information such as gender, age, city and state when not linked with other Personally Identifiable Information.
Opt-In: Means you are actively indicating your preference to participate in a program, email, feature, tool, or enhancement on a Web site. Typically, if you "Opt-in" you must provide certain information, usually Personally Identifiable Information, to the Web site or otherwise actively indicate your choice or preference to participate in the Web site program. For example, if you wish to receive a diabetes newsletter by email from us, you must enter your email address and choose the type of newsletter by checking a box next to a statement such as: "Yes, I'd like to receive a free subscription to "Diabetes Newsletter."
Opt-Out: Means that if you do not take some action you are indicating your preference to participate in a program, email, feature, tool or enhancement on a Web site. Typically, if you "Opt-out" you must uncheck a box next to a stated preference or otherwise take some indicate action to indicate your preference not to participate in a program. For example, if you do not wish to receive promotional emails from us or our sponsors, you must uncheck the box in your email preference centre that states: "Please send me special offers and communications from WebMD and Boots and/or its partners that would interest me."
Password:A secret series of characters, typically alphanumeric (meaning it consists of both letters and numbers) that enables you to access a file, computer, or program. You must enter your password before the computer or system will respond to commands. The password helps ensure that unauthorized users do not access the system. In addition, data files and programs may require a password.
Ideally, the password should be something that nobody could guess. In practice, many people choose a password that is easy to remember, such as their name or their initials. This is one reason it is relatively easy to break into many computer systems.
Personal Health Information: When your Personally Identifiable Information is combined with known health characteristics. For example, if you indicated that you have a certain disease or condition, when that information is combined with your Personally Identifiable Information , it becomes Personal Health Information. It may be that Personal Health Information will constitute "sensitive personal data" under the U.K. Data Protection Act 1998.
Personally Identifiable Information: (also called Personal Information): Information that can be traced back to an individual (contrast with Non-Personal Information and Aggregate Information). Personally Identifiable Information may constitute "personal data" under the U.K. Data Protection Act 1998. Examples of Personally Identifiable Information include your name, home address, telephone number, email address, and National Insurance number.
If other pieces of information are linked to Personally Identifiable Information, they also become Personally Identifiable Information . For example, if you use a nickname to chat online and give out your real name while chatting, your nickname becomes PII when linked with other PII.
Server: A computer that provides services to other computers. A "web server" stores web site files and "serves" them to people who request them.
SSL (Secure Sockets Layer): A security protocol developed by Netscape for transmitting private information via the Internet. SSL works by using a private key to encrypt data that's transferred over the SSL connection. Both Microsoft Internet Explorer (http://www.webopedia.com/TERM/S/Internet_Explorer.htm) and Netscape Navigator (http://www.webopedia.com/TERM/S/Navigator.htm) support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that utilize an SSL connection start with https: instead of http.
Username: A name used to gain access to a computer system or program. Usernames, and often passwords, are required in shared systems, such as the Internet. In most such systems, users can choose their own usernames and passwords (see Nickname above for additional information.)
Usernames are also required to post a reply on message boards, use certain Interactive Tools and online services.
Virus: A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also "replicate" themselves by copying their code to other computers. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. There are numerous virus protection programs available. See the "How You Can Protect Yourself" section.
Web Beacons (also often referenced as "clear GIFs", "web bugs", "1-by-1 GIFs", "Single-Pixel GIFs", "1 x 1 Pixels", or "clear Pixels"): "): Tiny graphic image files, imbedded in a web page in GIF, jpeg or HTML format, typically used to monitor activity on a web page and send back to its home server (which can belong to the host site, a network advertiser or some other third party) information from your browser, such as the IP address, the URL of the page on which the beacon is located, the type browser that is accessing the site and the ID number of any cookies on your computer previously placed by that server. Web Beacons can also be used to place a cookie on your computer.
Effective: September 2015
©WebMD UK Limited and Boots UK Limited. All rights reserved.