Privacy Policy

Introduction is operated by Elluk Pharmacy Ltd. We are a registered pharmacy located in the tropical islands of Vanuatu. When you shop with us, we need to collect personal information about you in order to prepare your order. This policy is about what we do with your personal information and how we protect it.

We embrace our privacy obligations stipulated in the EU General Data Protection Regulation (GDPR). This is a high standard and, in most cases, exceeds the privacy requirements of other countries.

What is personal data?

The EU’s General Data Protection Regulation (GDPR) personal data is defined as:

“any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Why personal information is collected

When you visit our website for the first time, you will be asked if you will accept cookies. These are saved on your computer in your web browser to help you shop on our site. The cookies are private and are encrypted. We do not share them with anyone else, and they are no more than helpers for you by noting things such as managing your session, your preferred currency, your country, and passing information between our web pages as you shop.

Just like any online ordering, we need to know who you are and where we should send your order? So we need the name of the person placing the order and their address. We also need the name and address of the person we are sending the order to.

We sell medicine, so we need to know your age, and we collect this as your date of birth. This must be the age of the person placing the order. We cannot sell medicine to people under 18 years of age. We also need your email address so we can contact you, and your phone number.

The items you order are specified in your prescription. Your prescription contains information about the person who will be taking the medicine, such as name, address and date of birth, and the medicines prescribed. We need this so we can process your order. We will put a copy of the prescription in the parcel when we ship this to your specified delivery address. When the parcel arrives in your country, the customs department may open your parcel and read the prescription.

You also provide us with information about your payment. We need that information so we can process your payment. As your payment will be transferred to our bank in Vanuatu, your payment becomes an international transaction, and banking regulations require us to identify the source of funds. We will tell the bank(s) and our payment processor your name, address, date of birth, email address, and the value of your order. They use this information as part of their legal requirements to be sure you as the payer, are not on any prohibited lists for money laundering or funding terrorism. Banks are also obligated to follow privacy legislation, and that information is protected. Sometimes people have names the same as others already listed. In these cases, we may request additional information from you to prove you are not the same person as on the prohibited list. That request might be official ID, proof of address, employer details or some other information. We only request this if the bank asks for it.

Where we need to use a payment processor to process your payment, we provide your payment information to them. They will use this information to perform credit referencing, and they will decide if they will process your payment. We do not receive the details have about your credit record other than a pass or decline, so we can only share the outcome with you.

If there is a problem with your payment, such as deciding to chargeback your payment, or the bank reverses the transaction, we will contact you to understand and work with you to resolve the problem. If the problem cannot be resolved and you are in default, we will submit your failed payment information to our credit checking service. Should you make good on your payment with us at any time, or we agree with you that the returned payment was justified, then we will promptly advise the credit checking service that you have resolved the matter with us.

When we maintain and develop our website, we may use trusted outside parties to do this work. They are obligated to maintain the same privacy requirements should any of your personal information be accessible by them.

When we ship your parcel, we write your delivery details on the parcel, and this is readable by whoever is delivering it. We also electronically supply this information to the postal service, or CDS (Customs Declaration System), or the courier company. The electronic submission includes your email address (if you provided one) and your contact phone number.

Sometimes we use MailChimp to process our emails to you. In those cases, we provide the minimum personal information possible, so they can email you. MailChimp has published a privacy policy.

How we protect your information

As required by privacy legislation, we are required to keep your information secure, minimise its disclosure to only parties that need it (as detailed above) and monitor who accesses your information. We do all these things.

When you shop on our site, you secure your account and the information it contains with a password. Your password is encrypted, and we have no means to view it. We recommend that the password you use is reasonably complex and unique to our site. If you lose it, you can perform a password reset via a link we email you.

Our websites and systems operate in a PCI/DSS SAQ D compliant environment. This means we have installed the security measures required in that standard, and we are regularly being tested for compliance by an external testing agency authorised to do this.

We encrypt specified sensitive data, and in all cases, we record how it is used, shared, and how and when our staff access it.

Information we collect from you is stored for ten years, and then it is automatically deleted.

When we pass any of your personal information to other parties, we are obligated under GDPR to ensure that the party has an equivalent privacy policy to give you the required protection as specified in GDPR.

Contacting you

When you shop on our site for the first time, we ask you to select the type of reasons we may contact you. You can view and change this at any time if you visit the “My Account” page.

We will always contact you for any matters relating to an order you have placed. We may also need to contact you afterwards regarding successful or unsuccessful delivery, or about your payment. We will contact you immediately if we have been advised of a product quality problem for something you have purchased.

You can choose to allow us to contact you about important issues, and we recommend you always allow this. We class important issues not to be advertising, but to be anything relating to our changed contact details, shipping alerts such as we experienced with COVID-19 or changes in regulations such as privacy policy or customs.

We ask you separately if we can contact you about promotional information. We use this to provide you with information that could be of benefit to you, either directly or via social media.

Accessing, correcting and deleting your information

You may at anytime request that we supply you a copy of your personal information we have about you.

You may request us to correct any information we have about you if it is incorrect.

You may also request us to delete your information. For legal requirements, we are unable to delete any information about your orders for a period of ten years. At that time, it is deleted automatically.

Before we can assist you with these requests, you will need to provide sufficient proof of identity such as official photo ID and recent proof of address. This is to ensure we are only providing this to you and not someone else.

How to contact us

If you would like to contact us in regards to our privacy policy, your personal information we have about you, or to report a data breach, please use the contact information below:

  • Attention: The Privacy Compliance Officer
  • Email:
  • Phone: 844-782-7104

This website uses cookies. View our policy and select your preferences here