Privacy Policy

Please note that links from the Sites may take you to external websites, plug-ins and applications which are not covered by this privacy policy. Clicking on those links or enabling those connections may allow third parties to collect or share information about you. We do not control these third-party websites and are not responsible for their privacy statements or policies.

We recommend that you check the privacy policies on those websites before submitting any personal information to such websites. We will not be responsible for the content, function, or information collection policies of such external websites.

Personal information or personal data means any information about an individual from which that person can be identified and is generally referred to throughout this privacy policy as “personal information”. It does not include data where the identity has been removed (anonymous data).

We collect personal information to provide you with services. We also collect personal information when you visit our website or contact us by email or social media.

You are not required (by law or by any contract you enter into via the Sites) to provide personal information to us when you visit the Sites. We will only require you to provide personal information to us where it is necessary for us to provide you with access to a service at your request, such as when you contact us, register a patient account on the Sites or purchase medicines or testing kits via the Sites.

When you use our services, visit our Sites, or otherwise contact us, we collect personal information about you. We collect personal information to provide you with services. Examples of when we collect personal information include when you are:

●    Enquiring about medicines, products or services that are made available via the Site
●    Submitting personal or health information as part of a Consultation (being either: (i) an online consultation; or (ii) a suitability check in respect of the potential supply of a medicine, which will result in either the supply of the medicine or appropriate onward signposting)
●    Purchasing medicines, products or services
●    Supplying us with your medicines, products or services
●    Using and browsing the Site
●    Telephoning, texting, writing by post or emailing us
●    Enquiring about, or applying for, job vacancies

This information may include the following:

●    Normal identification information, such as your full name and title, date of birth, age, gender and marital status
●    Contact information, such as your postal address, email address and telephone number
●    Information about your health, including your current health and wellbeing status, your medical history and records, and details of any medicines or treatment that you are receiving
●    Correspondence or information provided by you in your patient account (such as chat messages or other messages that you send to the pharmacy or our customer care team)
●    Information about your medicines purchase (including your purchase history)
●    Payment information (this is securely collected and processed by our payment service provider)
●    Additional information relevant to your use of the Site and you accessing the medicines, products or services, such as your marketing preferences, survey responses and feedback
●    We understand that any information concerning your health is particularly sensitive (known as “special categories” of personal data). We take extra precautions to ensure that any special category personal data is kept secure and confidential, and we will only retain this data for as long as necessary for the purposes for which we collect it.

Where we need to collect personal information by law, legitimate interest or under the terms of a contract we have with you, and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.

We collect information using cookies and other similar technologies to help distinguish you from other users of the Sites. This can streamline your online experience by saving you from re-inputting some information and allows us to make improvements to the Sites and to analyse user statistics. 

When you visit the Sites, we may collect the following information:

●    Which pages you view, and which links you follow
●    Your IP address and general location
●    Details of the hardware and software that you use to access the Site
●    Any passwords that you use on the Site
●    A device identifier (cookie or IP address) for fraud prevention
●    Details of your visits to the Site and the resources that you access, including, but not limited to, traffic data, location data, web logs and other communication data
●    You must be at least 18 years old to use the Site and to access the services. We do not knowingly collect any personal information relating to children.

Our Sites use cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. 

A cookie is a piece of data stored locally on your computer containing information about your activities on the Internet. Each website can send its own cookie to your web browser if your browser's preferences allow it. Many websites do this whenever a user visits their website in order to track online traffic flows.

For detailed information on the cookies, we use and the purposes for which we use them see our Cookie Policy.

We may collect information about you from other sources, which may include the following:

●    Publicly available information, from sources such as (in the UK) the Electoral Roll or Companies House
●    Information you have shared publicly, including on social media (particularly in respect of job applications)
●    Information from third party databases, such as identity and credit reference agencies, which may include details about your home
●    Information from your other healthcare providers (only with your consent, or where it is necessary for us to provide you with access to a service or comply with our legal obligations)

This list is not exhaustive, and, in specific instances, we may need to collect additional information for the purposes set out in this privacy policy.

Sometimes, you will have given your consent for other websites, services or third parties to provide information to us.

This could include information which we receive about you if you use any other website that we operate or the other service that we provide, in which case we will have informed you when we collected that data if we intend to share such data internally and combine it with data collected on the Sites. We will also have told you for what purpose we will share and combine your data.

It could also include information from third parties that we work with to provide products and services, such as payment processors, delivery companies, technical support companies and advertising companies. Whenever we receive information about you from these third parties, we will let you know what information we have received and how and why we intend to use it.

Any data obtained from third parties will be kept in accordance with this privacy policy, and with any additional restrictions imposed by the third party that shared your personal information with us.

We take data protection legislation seriously, so below we have set out exactly how and why we use your information, and what our legal basis is to be able to use your information in each way.

We will only use your personal information when the law allows us to do so. 
We will only process your personal data in line with the relevant regulations and law. As a data controller, data protection legislation permits us to use the following grounds for processing personal information:

• Legitimate interests;
• Compliance with our legal obligations;
• Fulfilment of a contract;
• Consent; and / or 
• Performance of a task carried out in the public interest.

When you register an account on the Sites as a patient, we will collect and use your personal information in order to maintain and administer your patient account. This may be necessary in order for us to perform our contractual obligations or, otherwise, we have a legitimate interest to manage our patients’ accounts to facilitate purchases and communication between us.

You may contact us at any time to close your patient account. However, please bear in mind that we may be required to retain your personal information in order to comply with our legal obligations.

If you wish to purchase medicines via the Sites, you will be required to undergo a Consultation (as defined above). The information that you provide during a Consultation is reviewed by a registered pharmacy. If the pharmacy considers that it requires further information from you after reviewing your answers, it will ask you to provide this via email. 

The information which you provide is essential to the clinical decision-making process. The pharmacists with whom we work need to know about your current health, your medical history and any other treatment which you are receiving, so that they can make sure that the medicine is safe and suitable for you. Your current health and medical status may also determine whether or not you need to seek medical attention in person.

It is necessary for us to use personal information about you to enter into and perform any contracts, such as when you purchase medicines or other products or services via the Sites. Using your information in this context is necessary so that we can:

• Provide you with information about medicines, products and services that we make available to you via the Sites
• Administer your order, including taking payments and arranging delivery
• Provide you with information about your purchase and your contract 
• Make decisions about your purchase, including about the suitability of any medicines
• Verify your identity
• Deal with any complaints you may have
• Contact you about any changes that we make to the medicines, products or services that we make available to you via the Site
• Administer the Site, including troubleshooting problems, analysing statistics, conducting research and tests and keeping the Site secure

We may use your information to identify and tell you about certain medicines, products or services that we think may be of interest to you. If you have given your consent to receive marketing emails, you can withdraw this at any time, or if we are relying on our legitimate interests to send you marketing, you can object. You may update your preferences at any time by contacting us.

We may also use your information to invite you to participate in patient feedback surveys and other market research. If we contact you about market research, you do not have to participate. If you tell us that you do not want to receive market research communications, we will respect this.

If you have already bought medicines, products or services via the Sites, we may contact you with information about similar medicines, products and services that are available via the Sites. We have a legitimate interest to contact you for this purpose, but you may object to receiving these messages at any time.

We will only contact you by email or text message and you can choose not to receive these messages at any time. Simply follow the unsubscribe instructions in the message or contact us.

We always want to offer you the best user experience that we can. Sometimes, this means we may use your information to find ways that we can improve what we do, or how we do it.

• We have a legitimate interest to use your information to improve our business, and we will only use your information where it is necessary so that we can:
• Review and improve existing products and services and develop new ones
• Review and improve the performance of our systems, processes and staff (including training)
• Improve the Site to ensure that content is presented in the most effective manner for you and for your computer
• Measure and understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you

We want to stay in touch with you. Sometimes, we may need to use the information that we have about you in order to respond to your questions or let you know about important changes. We have a legitimate interest to keep in contact with you, as a customer, but this may also be necessary in connection with any contract that you enter into via the Site. We will only use your information in this respect where it is necessary so that we can:

• Interact and respond to any communications you send us, including any social media posts that you tag us in
• Contact you in connection with any orders, including where any pharmacist with whom we work requires further information from you, so that we can notify you of the status of your order, and so that we, the pharmacy or our courier partners can inform you when your order is due to arrive
• Let you know about any important changes to our business or policies

We will primarily contact you via email, SMS messaging and your patient account to update you on your order. In certain cases, where our customer service team needs to contact you regarding your order, we may contact you by telephone.

We may use your information where it is necessary for us to do so in order to meet our legal obligations and to detect and prevent fraud, money-laundering and other crimes.

We may use your information where it is necessary to protect your interests, or the interests of others, in accordance with our legal obligations and the pursuit of legitimate interests. This may include in the event of criminality, such as identity theft, piracy or fraud.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

To conduct our business and to comply with legal obligations imposed on us, we may share your information with third party companies, agents, contractors, service providers or related companies.

We share the information that you provide to us with our staff so that we can make certain medicines, products and services available to you via the Sites. In particular, the following persons may have access to the data that you provide to us:

• Our pharmacy team
• Our customer services team, which processes your order
• Our medical safety support team

We may also share your personal information with any member of our Group. We will share your personal information within our Group, only to the extent required and with the appropriate agreements in place, so that we can provide you with the relevant services,

We may share your information with selected third parties. For example, we may share your information with:

A registered pharmacy, which is responsible for dispensing your medicine.

A web development company which maintains the Sites. They will only access your data in the event that there is a problem with your order which needs to be resolved.

Our payment service provider, to process payments on our behalf. We will share your full name, address, phone number, email address and details of your order for this purpose. Our payment provider will collect and process your payment details; we will not store or have access to your full credit or debit card details.

A credit reference agency, for carrying out identity checks. All orders made via the Site are subject to identity checks, in order to prevent online fraud. Your full name, date of birth and home address will be shared for this purpose.

Third party couriers (e.g. Royal Mail, DPD or UPS) in order to arrange delivery of your order. Again, we will only share your full name, postal address and phone number or email address.

Clinical auditors and regulatory bodies. The registered pharmacy with which we work is regulated and inspected by the General Pharmaceutical Council (“GPhC”). During an inspection, we may be required to share information about your consultation with an approved auditor.

Contact management systems, to send emails, instant messages, social media messages and SMS messages.

We only provide third parties with the information they need to know to perform their specific task or services. We work closely with all the third parties to ensure that your personal information is secure and protected at all times. 

We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions. Our contracts with our third parties make it clear that they must hold information securely, abide by the principles and provisions of data protection, and only use information as we instruct them to.

In all instances where we disclose your information to third parties, we will ensure that your information is appropriately protected. If we stop using their services, any of your personal information held by them will either be deleted or rendered anonymous.

There are certain other exceptional circumstances in which we may disclose your information to third parties. This would be where we believe that the disclosure is:

• Required by the law, or in order to comply with judicial proceedings, court orders or legal or regulatory proceedings.
• Necessary to protect the safety of our employees, our property or the public.
• Necessary for the prevention or detection of crime, including exchanging information with other companies or organisations for the purposes of fraud protection and credit risk reduction.
• Proportionate as part of a merger, business or asset sale. In the event that this happens, we will share your information with the prospective seller or buyer involved.

Occasionally, we may compile data sets for research purposes using anonymised (so that it can no longer be associated with you) information from our patient database. In some cases, we have a legitimate interest in sharing such research data for wider consumption. Any data that we use for such purposes will always be anonymised; a process by which certain parts of the data are removed prior to dissemination so that the relevant data subject cannot be directly or indirectly identified from such disseminated data.

Where we anonymise your personal information for analytical or statistical purposes, we may use this information indefinitely without further notice to you.

We will only store your personal information for as long as we need it for the purposes for which it was collected.

Where we provide you with a service, such as where you register an account as a patient on the Sites, we will retain any information you provide to us at least for as long as we continue to provide that service to you.

We retain personal information relating to patient health care in accordance with guidance issued by the UK National Health Service. On the expiry of the relevant period, we will review the information that we hold and, unless we have a legitimate reason to keep holding that information (in accordance with our legal obligations and the purposes set out in this policy), it will be securely deleted.

We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this privacy policy. We have implemented, and will maintain current, reasonable physical, technical, and organisational security measures to protect your personal information from loss, misuse, and unauthorised access, disclosure, alteration, or destruction.

We try to ensure that all information you provide to us is transferred securely via the Sites (always check for the padlock symbol in your browser, and “https” in the URL, to ensure that your connection is secure).

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Site; and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

All information you provide to us is stored on secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Your personal information will be stored on systems with technical and organisational security measures and controls located within the UK.

Sometimes, we will need to share your personal information with third parties and suppliers outside the UK, such as Europe and the USA. 

In the event we need to transfer your personal information outside the UK, for instance to our third-party service providers, we will ensure we have in place adequate safeguards to do so. Our safeguards ensure that your personal information receives the same protection as if it were being processed inside the UK. For example, our contracts with third parties stipulate the standards they must follow at all times.

Any transfer of your personal information will follow applicable laws and we will follow the guiding principles of this privacy policy.

If you require any further information about your rights as explained below, or if you would like to exercise any of your rights, please contact us.

We have a legal obligation to provide you with concise, transparent, intelligible and easily accessible information about your personal information and our use of it. We have prepared this privacy policy to do just that, but please contact us if you have any questions.

You have the right to ask us to confirm whether or not we hold any of your personal information. If we do, you have the right to have a copy of your information and to be informed of the following:

• Why we have been using your information.
• What categories of information we were using.
• Who we have shared the information with.
• How long we envisage holding your information.

In order to maintain the security of your information, we will have to verify your identity before we provide you with a copy of the information we hold. The first copy of your information that you request from us will be provided free of charge, if you require further copies, we may charge an administrative fee to cover our costs. Please contact us to request access to your information.

If you believe that any of the information that we hold about you is inaccurate, incomplete, or out of date, you have the right to require us to rectify that information. You can update or change your personal information in the patient area on the Sites. Alternatively, please contact us so that we can correct our records.

There may be times where it is no longer necessary for us to hold personal information about you. This could be if:

• The information is no longer needed for the original purpose for which we collected it 
• You withdraw your consent for us to use the information (and we have no other legal reason to keep using it)
• You object to us using your information and we have no overriding reason to keep using it
• We have used your information unlawfully
• We are subject to a legal requirement to delete your information

In these situations, you have the right to require us to delete your personal information (although please be aware that we may be required to retain certain information in order to comply with our legal obligations). If you believe one of these situations applies to you, please contact us.

Also known as data portability, you have the right to require us to transfer your personal information in a structured, commonly used and machine-readable format, either to you or to another service provider.

If you would like us to do this, please contact us. There is no charge for you exercising this right.

You can tell us at any time that you prefer that we do not use your information for direct marketing purposes. If you would like not to receive any direct marketing from us, please contact us or use the links provided in any of our marketing communications.

Sometimes, we use your personal information to achieve goals that will help us as well as you. This includes when we tell you about medicines, products or services that are similar to ones you have already bought via the Site; when we use your information to help us make our business better; and when we contact you to interact, communicate or to let you know about changes we are making.

We aim to always ensure that your rights and information are properly protected. If you believe that the way in which we are using your data is not justified due to its impact on you or your rights, you have the right to object. Unless we have a compelling reason to continue, we must stop using your personal data for these purposes. If you have any objections to our using your personal data for our legitimate interests, please contact us.

In most cases, we do not require your consent to use your personal information in the ways set out in this privacy policy. However, where we do rely on your consent, you have the right to withdraw that consent at any time. You can use the “unsubscribe” links in any of the communications that we send to you or contact us to withdraw your consent.

• You have informed us that the information we hold about you is inaccurate, and we have not yet been able to verify this
• You have objected to us using your information for our own legitimate interests and we are in the process of considering your objection
• We have used your information in an unlawful way, but you do not want us to delete your data
• We no longer need to use the information, but you need it for a legal claim

For example, you may wish for us to retain your contact details on our “do not contact” list to ensure that we do not send marketing emails to you in the future. If you wish to exercise this right, please contact us.

You have the right to not be subject to solely automatic decisions (i.e. decisions that are made about you by computer without any human input) in relation to your treatments, care or other processes that have a legal or similarly significant effect on you.

Any automated decision-making or profiling we undertake is solely for the purpose of tailoring the information which we provide to you. We will not use automated decision-making or profiling to make any decisions which will have a legal effect upon you or otherwise significantly affect you, and you have the right not to be subject to such decisions. If you have any concerns or questions about this right, please contact us.

You will not have to pay a fee to exercise any of the rights listed above. However, we may charge a reasonable fee if your request is clearly unfounded or excessive, including where requests are repetitive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information or to exercise any of your other rights. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Any changes which we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.

If you have any questions that haven’t been covered or would like us to address any concerns about our use of your personal information, you can contact us. 

For further information on data protection please visit the Information Commissioner Office (ICO) website.

The Information Commissioner Office regulates data protection. If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal information, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113 or visit the website.

If you have any questions about your privacy or our use of your personal information, please get in touch using the details below:

Post: 30s1a-D Alderley Park, Alderley Edge, East Cheshire SK10 4TG

Email: [email protected]