Privacy Policy

Leleshwa Pharmacy (“we”, “our”, “us”, or “the Pharmacy”) is committed to protecting your personal data in accordance with the Data Protection Act, 2019 and the Data Protection (General) Regulations, 2021 of Kenya.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information. By using our pharmacy services, website, online store, delivery services, or interacting with us in any way, you acknowledge this policy.

1. Data Controller

Leleshwa Pharmacy is the Data Controller responsible for determining the purposes and means of processing your personal data.

For questions or requests relating to this policy, contact:

Email: support@leleshwapharmacy.com

2. Personal Data We Collect

We only collect information necessary to provide pharmacy services, fulfil legal obligations, or support our business operations.

a) Identification & Contact Details

Name
Telephone number
E-mail address
Delivery address

b) Transaction Information

Products purchased
Payment information (processed securely by third-party providers)
Order history and delivery instructions

c) Health Data (Sensitive Personal Data)

We collect prescription details or related health information only when necessary for the purpose of dispensing medicines or providing professional pharmacy services.

This processing is carried out under the “permitted health situation” basis in Section 31 of the Data Protection Act, 2019.

This information is provided voluntarily by you or by an authorised healthcare provider for the purpose of receiving pharmacy services.

d) Technical & Usage Data

IP address
Browser type
Device identifiers
Cookie and usage data (see our Cookie Policy)

e) Children’s Data

We may process data relating to children only when provided by a parent, guardian, or authorised adult in the course of obtaining pharmacy services for the child.

3. Legal Basis for Processing

We process personal data on one or more of the following lawful bases:

Performance of a Contract: To process orders, deliver products, and provide requested pharmacy services.
Legal Obligation: To comply with pharmacy record-keeping, tax regulations, and other statutory duties.
Permitted Health Situation: To process sensitive health data necessary for medical diagnosis, dispensing, public health, or the provision of health care.
Legitimate Interests: To operate, secure, and improve our services and prevent fraud, provided such interests do not override your rights.
Consent: For specific purposes where no other lawful basis applies. You may withdraw consent at any time.

4. How We Use Your Information

We use your personal data only for lawful and necessary purposes, including:

Dispensing medicines and providing pharmacy services
Processing transactions and managing deliveries
Maintaining legally required pharmacy and business records
Responding to enquiries and providing customer support
Protecting the security of our services and preventing fraud
Complying with applicable laws or lawful requests from authorities

Marketing communications are sent only when permitted by law, and you may opt out at any time.

5. Data Sharing and International Transfers

We do not sell your personal data.

Your data may be shared with:

a) Service Providers

We only share the minimum amount of personal data necessary for each service provider to perform their specific function. For example, payment providers receive payment-related information but do not have access to health information, while delivery partners receive only the details required to complete a delivery.

b) Regulatory Authorities

Where required by law.

International Transfers

Our service providers may store or process your data in secure locations outside Kenya, including the European Union and the United States.

Such transfers are governed by appropriate safeguards, including contractual protections, encryption, and industry-standard security measures.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, including:

Fulfilling orders
Maintaining professional pharmacy records as required by law
Meeting tax and regulatory obligations

We maintain an internal retention schedule and securely delete or anonymise data when it is no longer required.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

Encrypted communication (HTTPS/TLS)
Secure cloud hosting
Role-based access controls
Device-level authentication
Regular system updates

We also rely on reputable service providers who implement industry-standard security and compliance measures as part of their hosting and processing services.

If we become aware of a personal data breach within our control that poses a high risk to your rights, we will notify you and the ODPC as required by law.

8. Your Data Protection Rights

Under the Data Protection Act, 2019, you have the following rights:

Right of access
Right to rectification
Right to erasure (subject to legal limitations)
Right to restriction of processing
Right to data portability
Right to object to processing
Right to withdraw consent (where applicable)

These rights may be limited in circumstances where processing is necessary for legal compliance, contractual obligations, or public health purposes.

To exercise your rights, contact us using the details in Section 1. We may require identity verification.

9. Additional Information

Note: Under the Data Protection Act, you have the right to raise any unresolved data protection concerns with the Office of the Data Protection Commissioner (www.odpc.go.ke).

10. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on our website with a new “Last Updated” date. Your continued use of our services following such changes constitutes acceptance of the revised policy.

11. Contact Us

For any questions or requests regarding your personal data:

Leleshwa Pharmacy

E-mail: support@leleshwapharmacy.com

Telephone: +254 702 087 853

Last updated: 03/12/2025

Terms of service

These terms of service ("Terms", "Agreement") are an agreement between the website ("Website operator", "us", "we" or "our") and you ("User", "you" or "your"). This Agreement sets forth the general terms and conditions of your use of this website and any of its products or services (collectively, "Website" or "Services").

Links to other Websites

Although this Website may be linked to other websites, we are not, directly or indirectly, implying any approval, association, sponsorship, endorsement, or affiliation with any linked website, unless specifically stated herein.

You should carefully review the legal statements and other conditions of use of any website which you access through a link from this Website. Your linking to any other off-site pages or other websites is at your own risk.

Use of Cookies

Website may use cookies to personalize and facilitate maximum navigation of the User by this site. The User may configure his / her browser to notify and reject the installation of the cookies sent by us.