Professionals & Doctors
Free shipping on orders over €59
Estimée sous 3-4 jours ouvrables
Retour sous 14 jours
Upcoming Events
Book your appointment with a Med Skin specialist today and take the first step toward healthier, glowing skin.
View events
0
my cart 0 item

  • Your shopping cart is empty!

0
SPECIAL
Med & Skin S.R.L.
0
my cart 0 item

  • Your shopping cart is empty!

Upcoming Events
Book your appointment with a Med Skin specialist today and take the first step toward healthier, glowing skin.
View events
SPECIAL

Best categories

ALL PRODUCTS ALL PRODUCTS
FACE FACE
BODY BODY
SUN PRODUCTS SUN PRODUCTS
HAIR HAIR
MEN MEN
POPULAR POPULAR
NEW NEW
KITS KITS
BRANDS BRANDS
All our products

Privacy Policy


Website: www.mspharmagroup.com

Last Updated: 11 March 2026

1. Who We Are

This website is owned and operated jointly by two legal entities:

M&S Pharma Group Ltd

Skin Tech Pharma Group UK Ltd

Both companies are registered in England and Wales and share the following registered address:

Unit 2 Skylines Village, Limeharbour, London, England, E14 9TS

Together, they act as joint data controllers for all personal data collected through this website. This means both companies are responsible for deciding how and why your personal data is used, and both are accountable under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

If you have any questions about how we handle your personal data, please contact us using the details in Section 9.

2. What Personal Data We Collect

We collect the following categories of personal data, depending on how you use our website:

When you place an order:

  • Full name
  • Delivery and billing address
  • Email address
  • Phone number
  • Payment information (card details are processed securely by our payment provider — we do not store card numbers)
  • Order history and transaction records

When you create an account:

  • Full name and email address
  • Password (stored in encrypted, hashed form — never in plain text)
  • Saved delivery addresses and account preferences

When you browse our website:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited, time spent on site, and referring source
  • Cookie identifiers (see our Cookie Policy)

When you subscribe to our newsletter:

  • Email address
  • Record of your explicit consent

When you contact us:

  • Name, email address, phone number, and the content of your message

When you use our "Notify of Availability" feature:

  • Email address linked to the specific product you wish to be notified about

3. How and Why We Collect Your Data

We collect your personal data in the following ways:

  • Directly from you — when you register, place an order, subscribe to our newsletter, use the "Notify of Availability" feature, or send us an enquiry
  • Automatically — through cookies and analytics tools when you browse our website (see our Cookie Policy)
  • From third parties — such as payment processors confirming transaction status or delivery partners providing tracking updates

We use your data for the following purposes:

  • Processing and fulfilling your order — receiving, confirming, packaging, and dispatching your order, and communicating with you at every stage
  • Account management — creating and maintaining your customer account and saving your preferences
  • Customer service — responding to your questions, complaints, returns, or refund requests
  • Availability notifications — notifying you when an out-of-stock product becomes available, where you have requested this
  • Newsletter and marketing — sending you product updates, offers, and news, only where you have given your explicit consent
  • Website analytics — understanding how visitors use our site to improve performance and content
  • Fraud prevention and security — detecting and preventing fraudulent orders or account access
  • Legal compliance — meeting our obligations under UK tax, accounting, and consumer protection law

4. Legal Basis for Processing

We only process your personal data when we have a valid lawful basis under UK GDPR Article 6:

Purpose Legal Basis
Processing and fulfilling your order Contract — Art. 6(1)(b): necessary to perform our contract with you
Sending order confirmations and delivery updates Contract — Art. 6(1)(b)
Creating and managing your customer account Contract — Art. 6(1)(b)
Sending newsletter and marketing emails Consent — Art. 6(1)(a): only where you have explicitly opted in via our subscription form
Availability notifications Consent — Art. 6(1)(a): only where you have requested to be notified
Website analytics (Google Analytics) Legitimate interests — Art. 6(1)(f): we have a legitimate interest in improving our website, balanced against your privacy rights
Fraud prevention and transaction security Legitimate interests — Art. 6(1)(f): protecting our business and customers from harm
Responding to customer enquiries Legitimate interests — Art. 6(1)(f) / Contract — Art. 6(1)(b), depending on context
Compliance with UK legal and tax obligations Legal obligation — Art. 6(1)(c)

Important note regarding product types: Some products sold on this website are professional-grade or CE-marked medical devices (e.g. chemical peels, injectables). If information about your purchases could reveal or relate to a health condition, that data may qualify as special category data under UK GDPR Article 9. In those cases, we process it strictly on the basis of explicit consent or as necessary for the provision of healthcare-related products, and apply enhanced security measures accordingly.

5. How Long We Keep Your Data

We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by law:

Data Type Retention Period
Order and transaction records 7 years (UK legal and tax obligation)
Customer account data Duration of account + 2 years after closure
Payment records 7 years (financial records obligation)
Newsletter consent and email preferences Until you unsubscribe or withdraw consent
Availability notification requests Until fulfilled or withdrawn
Customer enquiry records 2 years from last contact
Website analytics data Up to 26 months (Google Analytics default)
Cookie consent records 12 months from consent date
Fraud prevention records Up to 5 years where a risk has been identified

When data is no longer required, we delete or anonymise it securely.

6. Who We Share Your Data With

We do not sell your personal data. We may share it with the following trusted third parties, only to the extent necessary to fulfil the relevant purpose:

  • Payment processors (e.g. Stripe, PayPal, or similar) — to authorise and process your payment securely under PCI-DSS compliance standards
  • Royal Mail and other UK delivery carriers — to ship and track your order; we share your name and delivery address only
  • Email marketing platforms (e.g. Mailchimp, Klaviyo, or similar) — to send you newsletters and transactional emails where you have opted in or where required for order fulfilment
  • Google LLC — for website analytics via Google Analytics; data may be transferred to the USA under Standard Contractual Clauses
  • Meta Platforms, Inc. — for advertising measurement via Meta Pixel; data may be transferred to the USA under Standard Contractual Clauses
  • LinkedIn Corporation — for advertising and audience analytics via LinkedIn Insight Tag; data may be transferred to the USA under Standard Contractual Clauses
  • YouTube (Google LLC) — cookies may be set when you interact with embedded video content on our site
  • IT and hosting providers — who support our website infrastructure and data storage under strict data processing agreements
  • Legal and regulatory authorities — where required by law, court order, or regulatory obligation (e.g. HMRC, law enforcement)

All third parties are required to handle your personal data securely and in accordance with UK data protection law. They are not permitted to use your data for their own marketing purposes.

Note on our related website: Our site links to med-skin.uk and med-skin.events, which are operated by the same companies. These websites have their own cookie and privacy notices. Cookies and personal data are not shared across domains.

7. Your Rights

Under the UK GDPR and Data Protection Act 2018, you have the following rights in relation to your personal data:

  • Right of access — request a copy of the personal data we hold about you (a Subject Access Request, or SAR); we will respond within one calendar month
  • Right to rectification — ask us to correct any inaccurate or incomplete data
  • Right to erasure — ask us to delete your data where it is no longer necessary, where you have withdrawn consent, or where there is no overriding legal reason to retain it; note that this right is not absolute where we are legally required to keep data
  • Right to restriction of processing — ask us to pause processing your data in certain circumstances, for example while a dispute is being resolved
  • Right to data portability — where processing is based on consent or contract and carried out by automated means, receive your data in a structured, machine-readable format
  • Right to object — object to processing based on legitimate interests at any time; you have an absolute right to object to your data being used for direct marketing
  • Right to withdraw consent — where processing is based on consent (e.g. newsletter), withdraw it at any time by clicking "Unsubscribe" in any marketing email or by contacting us directly; withdrawal does not affect the lawfulness of any processing carried out before it

To exercise any of these rights, contact us using the details in Section 9. We will respond within 30 calendar days. We may need to verify your identity before fulfilling your request. There is no charge unless a request is manifestly unfounded or excessive.

8. How to Lodge a Complaint with the ICO

If you are unhappy with how we have handled your personal data, please contact us first — we would like the opportunity to resolve your concern directly.

If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's independent data protection authority:

www.ico.org.uk

0303 123 1113

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

9. Contact Us

For any questions, requests, or concerns relating to this Privacy Policy or your personal data, please contact us:

M&S Pharma Group Ltd / Skin Tech Pharma Group UK Ltd

Unit 2 Skylines Village, Limeharbour, London, England, E14 9TS

olimpiada.polevoi@mspharmagroup.uk

+44 7768 97 5991

www.mspharmagroup.com

We aim to respond to all privacy-related enquiries within 5 business days, and to formal data subject requests within 30 calendar days.

10. Cookies

We use cookies and similar tracking technologies on our website to keep it functioning correctly, analyse how it is used, and support our marketing. Non-essential cookies are only placed on your device after you have given your consent via our cookie banner.

For full details of the cookies we use, their purposes, durations, and how to manage or withdraw your consent, please read our Cookie Policy.

11. Date of Last Update

This Privacy Policy was last reviewed and updated on: 11 March 2026.

We may update this policy from time to time to reflect changes in the law, our business, or the services we use. For significant changes, we will notify you via a banner on the website or by email. We recommend reviewing this page periodically.