Your confidentiality is our primary mandate. Here is precisely how we secure it.
At PharmaCity, safeguarding your privacy and protecting your personal data is our foremost operational priority. As a premier pharmacy broker serving the Hong Kong and international markets, we are resolutely committed to exceeding the privacy benchmarks established by the Hong Kong Personal Data (Privacy) Ordinance (PDPO), alongside stringent global data protection frameworks.
We operate on the principle of strict data minimisation: we exclusively collect the fundamental information required to facilitate the delivery of your order. The following guidelines delineate our protocols for the collection, application, retention, and protection of the data you entrust to our care.
To securely process your orders and deliver a frictionless procurement experience, we gather only essential logistics data. We unequivocally do not collect, solicit, or retain personal medical dossiers, health histories, or clinical questionnaires.
The data we collect is stringently restricted to:
The decision to provide this information remains entirely at your discretion. However, omitting essential shipping or contact data will fundamentally inhibit our ability to dispatch your consignment.
We treat your financial integrity with absolute seriousness. PharmaCity does not process, retain, or store any of your payment credentials on our internal servers.
Upon advancing to the checkout phase, you are securely routed to an established, heavily encrypted external payment gateway. These independent processors are fully PCI-DSS compliant, leveraging industry-leading SSL (Secure Socket Layer) 256-bit encryption. Because your financial data is managed entirely within these secure external architectures, your sensitive card details never interface with our website’s database.
To further fortify your privacy and compartmentalise your data, all post-transaction activities are administered entirely off-site.
Should you require order tracking, refund processing, or direct communication with our customer service personnel, you will be redirected to our dedicated external support portal. Segregating our primary storefront from our client service database provides an indispensable secondary layer of security for your correspondence and logistical data.
We utilise your foundational account data solely to:
We will never sell, lease, or disseminate your personal information to third-party entities for marketing or solicitation purposes. We will only surrender data to statutory authorities if explicitly compelled by a formal legal proceeding or binding court order.
Our dedication to your security permeates our daily operations. Access to your logistics data is heavily restricted. Only authorised fulfilment personnel who strictly require the information to dispatch your parcel are granted access. All staff members are bound by comprehensive non-disclosure and confidentiality agreements.
When navigating PharmaCity, you may browse with anonymity. Our platform deploys minimal cookies solely to facilitate essential functionalities—such as preserving your active shopping cart. This transient data remains confined to your browser. We strictly prohibit the use of invasive, third-party tracking cookies.
You retain the explicit right to access, verify, and amend the logistics and contact data associated with your account. To assist us in guaranteeing the accurate delivery of your parcels, we strongly encourage you to log in and rectify any discrepancies prior to authorising a new order.
In accordance with the Personal Data (Privacy) Ordinance (PDPO) and global data protection standards, you reserve the right to request the permanent deletion of your personal data.
While we do not host medical records, international financial, taxation, and anti-fraud regulations legally obligate us to retain basic transaction logs for a mandated duration. However, upon receipt of an erasure request, we will comprehensively redact all personally identifying information from your profile (including your name, telephone number, email, and physical address). This sanitisation ensures your transaction history is rendered entirely anonymous and cannot be traced back to your identity.
We persistently audit our security infrastructures and integrate contemporary technologies to defend your confidentiality. We may periodically refine this Privacy Policy to reflect these operational upgrades. The most current iteration will permanently reside on this page.
