PharmaFen ("we," "our," "us") is committed to protecting the privacy of our customers, employees, and business partners. This Data Retention Policy outlines how we collect, store, retain, and delete personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
We retain personal data only for as long as necessary to:
✔ Fulfill contractual obligations.
✔ Comply with legal, regulatory, and tax requirements.
✔ Support legitimate business interests (e.g., fraud prevention, security).
✔ Maintain accurate business records.
✔ Provide customer support and improve services.
| Data Type | Retention Period | Legal Basis |
| Customer Data (Account Info) | Retained while the account is active + 5 years after closure. | Contractual obligations, fraud prevention. |
| Transaction & Billing Records | 7 years from transaction date. | Tax & financial regulations. |
| Marketing Data (Email, Preferences) | 12–24 months after last interaction or until consent is withdrawn. | Legitimate interest, consent. |
| Website Analytics Data | 12 months (aggregated data may be kept longer). withdrawn. | Business insights, analytics. |
| HR & Employee Records | 6 years after employment termination. | Labor law compliance. |
| Customer Support & Communication Logs | 3 years from last interaction. | Customer service improvement. |
| Security & Access Logs | 12–24 months | Cybersecurity, fraud prevention. |
At the end of the retention period, we will:
✔ Permanently delete personal data if no legal obligation requires retention.
✔ Anonymize data where possible, ensuring it cannot be linked back to individuals.
✔ Securely destroy physical records through shredding or certified disposal.
Under GDPR, users have the right to:
✔ Request access to their stored personal data.
✔ Request correction of inaccurate data.
✔ Request deletion of data ("Right to be Forgotten").
✔ Request data portability (transfer to another provider).
✔ Object to processing for marketing purposes.
Users can submit deletion or data access requests by contacting: clientserv@pharmafen.com. Requests will be processed within 30 days, subject to verification and legal obligations.
We may be required to retain data beyond the standard retention periods in the following cases:
✔ Compliance with tax, accounting, or legal investigations.
✔ Preservation of evidence in ongoing legal proceedings.
✔ Ensuring fraud prevention & cybersecurity protection.
This policy is reviewed annually to ensure compliance with GDPR and evolving regulations. Any changes will be communicated to users via email or website updates.