Privacy Policy – ​​Alfa-Med

Policy rules and purpose

The policy is formulated in the masculine form for convenience only, but is addressed to both women and men.
Alpha-Med respects the privacy of website users and operates in accordance with the Privacy Protection Law, 5741-1981, Amendment 13, and the Privacy Protection (Information Security) Regulations, 5777-2017. This document explains what information we collect, what legal bases we rely on, how we use and share the information, how long we will keep it, and what your rights are. There is no obligation to provide personal information; however, without certain information, some of the services (such as purchase and delivery) cannot be provided. Use of the website constitutes consent to this policy.

incidence

The policy applies to the use of the website and the services provided through it, as well as to contacts with us via digital channels such as email, telephone and WhatsApp, to the extent that they are used for customer support and service.
The site is not intended for minors under the age of 18, and its use is subject to the approval of a parent or guardian.
Use of the site and services is also subject to Alfa-Med's general terms of use.

Types of information we collect

When you use the site, information that you have provided on your own initiative (e.g. contact information, shipping address and your preferences), information about purchases and order and payment performance (credit card details are processed by a secure clearing company and are not stored in their entirety by us), as well as technical and useful information that is automatically generated (IP address, browser type and device, pages viewed and usage times). Customer service inquiries may be saved for documentation and service improvement; in telephone calls, a notification will be provided at the beginning of the call about a recording, if any. We do not knowingly collect information about minors under the age of 18; if it becomes apparent that such information has been collected, we will act to reasonably and promptly delete it.

Website registration and user details

Some services on the Site may require registration and opening a user account. When registering, you will be asked to provide basic personal information such as name, email address and additional contact information as necessary.
You must ensure that the details you provide are accurate, complete and up-to-date.
Access to your account is protected by a personal password, and maintaining the confidentiality of your password and access to your account is your sole responsibility. It is recommended that you change your password periodically and not disclose it to others.
Alfa-Med will not be liable for any damage caused by unauthorized use of your account or for improperly storing your password.

Legal basis for processing

We will act on the basis of one or more of the following: performance of a contract or taking steps prior to its conclusion (order processing, delivery and service), free and informed consent (e.g. marketing mailings or non-essential cookies – can be withdrawn at any time), legal obligation (keeping accounting documents and responding to orders), and legitimate interest (system security, fraud prevention and improving the service while protecting your rights).
Alpha-Med does not collect personal medical information, but if such information is voluntarily provided by the customer (for example, as part of a service request), it will be processed only for the purpose of providing a professional response and will be retained for a short and necessary period only.
Providing information is voluntary, but without it we may not be able to provide some of the services.

Purposes of use

The purposes include managing orders and payments, coordinating deliveries and status notifications, providing customer support and service, improving the user and website experience, complying with legal requirements and protecting rights. Marketing content will only be sent if you have given consent, and you can always request removal.

Sharing information with external parties

We will share information only to the extent necessary with clearing and payment providers, courier and postal companies, cloud/hosting/maintenance/security providers, analytics and digital marketing systems that comply with the law and their policies (e.g. Google Analytics and Meta/Facebook Pixel), and professional consultants as needed. In addition, we will provide information to authorized authorities by law and only to the extent required. In the event of a data security incident that may harm your privacy, we will maintain internal documentation and notify the Privacy Protection Authority and those concerned in accordance with the law. Any provider that processes information for us is bound by appropriate agreements to maintain confidentiality and data security and to use it according to our instructions.

International transfers

Processing or storage may be carried out outside of Israel (e.g. cloud services or analytics). Transfer will be made to countries with an adequate level of protection or by virtue of appropriate contractual mechanisms, while taking reasonable measures to protect the information.

Information retention policy

Transaction and invoice data will be retained for tax and bookkeeping purposes; service requests and support documentation will be retained for a reasonable period after the processing has been closed, unless a longer period is required to protect rights; marketing mailing data will be retained as long as there is consent or until a request for removal; technical logs are retained for short periods of time for security and operational purposes. Anonymous data and statistical information may be retained for research and analysis purposes indefinitely, as they do not identify you.

Data Security

We implement standard security measures, including TLS/SSL encryption in transit, access controls, separation of environments, firewalls, monitoring, and backups. Access to information is only granted to authorized persons who are bound by confidentiality obligations. Despite our best efforts, absolute security cannot be guaranteed; in the event of a serious security incident, we will act in accordance with the law and provide appropriate notices.
We periodically review our security measures and update them in accordance with technological and regulatory developments.
The Privacy Protection Officer periodically audits the company's compliance with legal provisions and security regulations.

Using WhatsApp and digital channels

Inquiries via WhatsApp or instant messaging are optional and subject to the privacy policy and terms of use of the provider (e.g. WhatsApp/Meta). Information you provide may be processed and stored on third-party servers outside of Israel. We maintain reasonable and short-term records of correspondence for service, documentation, and process improvement purposes. Medical or sensitive information should not be sent through these channels; requests regarding such information should be made by email or phone. Joining the WhatsApp channel constitutes consent to receive service and sometimes commercial messages, and you can request removal at any time.

Cookies

The site uses cookies and similar tags for essential operation, security, measurement/analytics and targeted marketing purposes. In the cookie banner you can choose which categories to allow, and you can always delete or block them through your browser settings. Blocking certain cookies may affect the functionality of parts of the site. For more details, see Cookie Policy.

External links and third-party services

The Site may include links to platforms/sites that we do not own or control. This Policy does not apply to them, and we are not responsible for their privacy practices. It is recommended that you review the privacy policy of any external site before using or providing information.

Your rights and response procedure

You may contact us to review information about you, as well as request correction or deletion of information that is incorrect, incomplete, or up-to-date, in accordance with sections 13–14 of the law. We will endeavor to respond within 30 days of receiving the request and identification. We may be asked for identifying information for the purpose of identity verification. Excessive or unfounded requests may result in a reasonable charge or a reasoned rejection in accordance with the law. A complaint may also be filed with the Privacy Protection Authority (Ministry of Justice) in accordance with its procedures.

Merger, transfer of activity and change of control

If we undertake a restructuring, merger, sale of operations or transfer of assets, we may transfer the information to the acquiring corporation, provided that it adopts a similar privacy policy and does not prejudice your rights under law. Notice will be provided on the website if a material change is made.

Policy updates

We will update the policy from time to time, for example due to changes in law or service. The updated version will be published on the site and will take effect on the date of its publication. Your continued use of the site constitutes your agreement to the updated version.

Identity of the database owner and contact information

Database owner: Alfa-Med
Address: Giborei Yisrael 5a, New A.T., Netanya
Phone: 052-5677240
Email for private inquiries: [email protected]
Privacy Protection Officer: Privacy Manager on behalf of Alfa-Med, can be contacted at the email address above.
Privacy inquiries will be answered within a reasonable time and subject to the law.

Last updated: November 2025