Your privacy is valuable to us. We are committed to providing you a safe, secure, and trustworthy experience on our website.
NP Labs (hereinafter also referred to as “the Company”) respects your privacy and aims your personal data to remain confidential. In order to achieve this goal, NP Labs fully complies with the provisions of National and European legislation regarding the protection of personal data, including General Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“General Data Protection Regulation”, hereinafter “GDPR”), as applicable, and the Greek law L. 4624/2019.
Who we are?
NP Labs is a company that offers Specialty Compounding Customized Therapies, dedicated to providing the highest-quality medications and exceptional services, while protecting the personal data of the visitors of its website and of its prescribers.
We aim to inform you in advance of which personal data we collect, the way we use it, the recipients of your data and the rights you are entitled to exercise under applicable data protection laws. For the purposes of data protection legislation regarding the collection of your data through our website, our Company is considered to be the Data Controller of your personal data.
- Processing: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- Personal Data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
- Consent: means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
- Data Controller: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
For more information about the definitions please see article 4 of the GDPR (https://eurlex.europa.eu/legal-content/EL/TXT/HTML/?uri=CELEX:32016R0679&from=EL)
Our Principles regarding collecting and processing your personal data
The collection and processing of your personal data by NP Labs is governed by the following principles as further specified by the GDPR:
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Data accuracy
- Storage limitation
- Integrity and Confidentiality
We do everything possible to implement the above principles at all stages of interaction with you through this website.
What personal data we collect
We collect and process your personal data solely for the purposes of fulfilling our obligations arising out of the following:
- Visiting and browsing our website: When you visit our website, we automatically collect information about your IP address and your current device location, and also how you use our services, such as the type of webpages you visit, or the frequency and duration of your activities. In addition, servers, logs, and other technologies automatically collect certain information to help us manage, protect, and improve our services. We share personal information with third parties only as described in this policy or if required by applicable law.
- Sending us your medical prescriptions or your renewable prescriptions via email: When you send us your medical prescription via email, we collect information that are included there, such as name, last name, date of birth, social security number and other prescription information that may be included in the prescription, such as certain allergies. In case your doctor sends us your prescription, we collect and process the same personal data, in order to dispense your medical prescription.
- Filling out the patient prescription form or the relevant patient refill form: When you fill out the patient prescription form or the relevant patient refill form on our website, we collect your first name and last name, phone, date of birth, social security number, email address and any other prescription information, such as Rx Numbers.
- Completing the relevant contact form: In order to contact our Company, we ask you to provide us with your name and last name, your phone, and your email address, as well as if you are a patient or prescriber, so that we can reach out to you and answer any of your questions.
- Subscribe to our newsletter channel: If you give us your explicit consent, by ticking the relevant box, we collect your email in order to send you our newsletters.
Any of the data you provide optionally are provided at your discretion in order to facilitate us improving the services we provide you.
Information we collect automatically -Cookies
We may also collect information about your device anytime you visit our website. We may collect information from or about the computers, phones or other devices from where you connect to our services. We may correlate the information we collect from your different devices, so that we can provide you specialized services depending on the device you use. For instance, we collect features, such as operating system and hardware release, browser type and IP address and log files. The latter may include the means you used to visit our website, details of the device you used, such as web browser type and language, access times, pages displayed, cookie-related IDs or other technologies that can uniquely identify your device or browser, and pages you visited before or after browsing our website.
By navigating to our website, you declare that you accept the terms of this Policy.
You may also choose to receive newsletters for products and/or services that are available through our website after providing us with your explicit consent. You can withdraw this consent at any time by contacting Support Team or by clicking the unsubscribe link at the end of the newsletter you received.
How we use your personal data
The table below details what personal data we process, the scope of processing and the lawfulness of processing.
|Category of personal data
|Purpose for processing
|Legal basis under the GDPR
|Device information, such as type and language of web browsing program.
|Improvement of our website and setting default options for you.
|Legitimate interests of the company [Art. 6 (f) GDPR]
|Information about your computer, your visits and the use of this Website (e.g. your IP address, your location, your browser, the way the website was updated, the duration of the visit and the number views of the page).
|Statistical reasons and improvement of our website
|Your consent [Art. 6 (a) GDPR] Legitimate interests of the company [Art. 6 (f) GDPR]
|Data included on the medical prescription you or your doctor send us via email
|Medical prescription dispensing
|Performance of the contract between our company and the patient [Art. 6 (b) GDPR], Provision of medical treatment [Art. 9 (h) GDPR],
|Contact Details (e.g. name, surname, email)
|Legitimate interests of the company [Art. 6 (f) GDPR]
|Contact Email Address
|Sending you a newsletter
|Your consent [Art. 6 (a) GDPR]
Who we share your data with?
In order to provide our services successfully or to fulfill your requests, we may share your personal data with the following recipients:
- Professional service providers such as marketing agencies, advertisers, and website managers that help us run our website
- Companies approved by you, such as social networking websites.
Some of these recipients may be located outside of the European Economic Area – for more information on how we protect your personal data outside of the EEA, see “International Data Transfers”.
How long your personal information will be kept
We will keep your personal information for as long as necessary to provide our services or in case of any contact you may have with our Support Team. We may continue to maintain your personal data even after the end of your communication with our Team, respecting the principle of proportionality and only on the basis of the “absolute necessity of knowledge” to comply with legal or regulatory requirements, resolve disputes, or prevent fraud and abuse.
Maintaining patient medication records when dispensing prescriptions is a legal obligation. We will keep your medical prescriptions for 30 days. The renewable prescriptions will be kept up to 6 months, or until you send us a new or updated one.
International Data Transfers
Your personal data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).
Specifically, our Website servers are located in ……… This server is connected with our Cloud-Based ERP System we use, which is accessible only to authorized persons of our Company.
Personal information published by users or linked applications on the website or submitted for publication on the website or linked applications may be made available via the Internet worldwide. The website may not prevent the use or misuse of such information by other persons. In any case, the transfer to third countries will be made in accordance with the provisions of General Data Regulation (EU) 2016/679 and the applicable Greek law, L. 4624/2019.
Your rights as per the data the website collects
We inform you that you have the right of:
- Access to your data,
- Correction of your data in case of any inconsistency,
- Erasure of your data in specific circumstances,
- Limitation of the processing of your personal data,
- Objection to the processing of your personal data,
- Transfer of your data to another company
- Withdrawal of your consent at any time
- Complaint to the competent Personal Data Protection Authority in the event of an unfortunate violation of your data.
The website will review and respond to your requests within one month of receipt. This deadline may be extended by a further 2 months if further time is required.
Please note that you can contact the Data Protection Officer (DPO) with regards to any matter about the security of your data in our website under the following number: and e-mail address:
The appointed Data protection Officer is………
How to exercise your rights
You can exercise any of the rights described above by contacting our Data Protection Officer by email at: … or by phone at ……
You can submit an access request without any cost. However, depending on the personal data you request, we may levy a reasonable fee to cover the cost of providing details of the information we have. We will notify you of the possibility of such charges upon receipt of your access request and we will await your confirmation of the continuation of the procedure and payment of this amount.
We have taken appropriate security measures to prevent accidental loss of personal data or unauthorized use or access.
Those who process your personal data for the legitimate purposes explained above are subject to a confidentiality obligation.
In addition, we have procedures to deal with any data breaches. Specifically, our website:
- Takes every organizational and technological precaution to prevent the loss, misuse, or alteration of users’ personal information.
- Stores all personal information provided by users on secure servers (password protected and firewall).
The user acknowledges that sending information over the Internet presents inherent security concerns and therefore the company can not guarantee the security of the data being trafficked through it.
Personal Data Protection Authority
We hope that we can resolve any question or concern you may have about the use of your personal data. If you are unhappy with the way NP Labs manages your personal data, you have the right to contact the competent supervisory authority. The competent supervisory authority is the Hellenic Data Protection Authority, which is located at 1-3, Kifissias Avenue, Athens, Zipcode. 11523, tel. +30 2106475600 and with e-mail address firstname.lastname@example.org
Changes of this privacy notice: