Privacy Policy
This Privacy Policy explains how Health Check Pharmacy Ltd ('we', 'us', 'our') collects, uses, discloses and safeguards your personal information when you visit our website or use our pharmacy services. Please read this policy carefully.
1. Who We Are
Health Check Pharmacy Ltd is registered in England & Wales. We are the data controller for the personal information we hold about you. Our registered superintendent pharmacist is responsible for ensuring compliance with applicable data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Information We Collect
We may collect and process the following categories of personal information:
- Identity data: name, date of birth, gender
- Contact data: email address, telephone number, postal address
- Health data: medical history, prescriptions, consultation notes (special category data)
- Usage data: IP address, browser type, pages visited, time spent on our website
- Financial data: payment card details processed securely via our payment provider
3. How We Use Your Information
We use your personal information for the following purposes:
- Providing NHS and private pharmacy services, including dispensing prescriptions
- Processing bookings and appointment requests
- Communicating with you about your healthcare, appointments and orders
- Complying with legal and regulatory obligations (GPhC, NHS, MHRA)
- Improving our website and services
- Sending you marketing communications where you have consented
4. Legal Basis for Processing
We rely on the following legal bases to process your personal information:
- Contract: processing necessary to fulfil our services to you
- Legal obligation: compliance with NHS regulations, GPhC standards and other legal duties
- Vital interests: in an emergency where processing is necessary to protect life
- Legitimate interests: improving our services and preventing fraud
- Consent: for marketing communications and non-essential cookies
5. Special Category Data
Health information is special category data under UK GDPR. We process this data only where necessary for the provision of healthcare and social care services, or where you have given explicit consent. We apply strict technical and organisational safeguards to protect this data.
6. Sharing Your Information
We may share your personal information with:
- NHS bodies, GP practices and other healthcare providers involved in your care
- Our technology partners who process data on our behalf under data processing agreements
- Regulatory bodies (GPhC, CQC, NHS England) where required by law
- Law enforcement or government agencies where legally required
We do not sell your personal information to third parties.
7. Data Retention
We retain personal data in line with NHS and GPhC guidance. Pharmacy records are typically retained for a minimum of 8 years from the date of last entry, or until the patient's 25th birthday (whichever is longer) for records relating to children.
8. Your Rights
Under UK GDPR you have the right to:
- Access a copy of the personal information we hold about you
- Request correction of inaccurate data
- Request erasure of your data (where no legal obligation to retain applies)
- Object to processing based on legitimate interests
- Withdraw consent at any time (where consent is the legal basis)
- Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk
9. Cookies
We use cookies and similar tracking technologies on our website. Please see our Cookie Policy for full details.
10. Contact Us
To exercise your rights or ask questions about this policy, please contact our Data Protection Officer by emailing the address shown on our Contact page or writing to our registered pharmacy address.
Last updated: June 2025