Last updated: 23 April 2025
At All Your Medication, your privacy and the protection of your personal information is a top priority. This Privacy Policy outlines how we collect, use, disclose, and protect your data when you use our website and services as an online distance-selling pharmacy operating in the United Kingdom
1. Who We Are
All Your Medication is a registered distance-selling pharmacy, regulated by the General Pharmaceutical Council (GPhC) and operating in compliance with UK law.
Contact Details:
All Your Medication
1 Castle St, Suite 3, Hinckley LE10 1DA
Email: [email protected]
Phone: 07721 393949
GPhC Registration Number: Pending
Data Protection Officer: Alex Leigh
2. Information We Collect
We may collect and process the following types of personal data:
a. Personal Information
• Name, date of birth, address, phone number, email address
• NHS number (if applicable)
• Payment and billing information
b. Health & Medical Information (Special Category Data)
• Details of prescriptions and medication history
• Information submitted via consultation forms
• Communication between you and our pharmacists
c. Technical & Usage Information
• IP address, browser type, device type
• Site usage, including cookies (see Cookie Policy)
3. How We Use Your Information
We process your information for the following lawful reasons:
• Provision of healthcare services (Article 6(1)(b) and 9(2)(h)): To safely dispense medications and offer pharmaceutical advice
• Legal compliance: To meet regulatory obligations (e.g. GPhC, MHRA) • Consent: For marketing communications, where consent has been explicitly given
• Legitimate interest: To monitor service quality and improve user experience
4. Sharing Your Data
We may share your data with:
• Qualified pharmacists and prescribers within our service
• Regulatory bodies such as the GPhC, MHRA, or NHS if legally required • Delivery providers for medication dispatch
• IT service providers for secure data hosting and website operation We do not sell your personal data to third parties.
5. Data Retention
We retain your data only for as long as necessary. For healthcare records, this is typically 8 years in accordance with NHS and GPhC guidelines. After this period, records are securely deleted or anonymised.
6. Your Data Protection Rights
Under UK GDPR, you have the right to:
• Access your data
• Request correction of inaccurate data
• Request erasure (where applicable)
• Object to processing
• Request data portability
• Withdraw consent (where applicable)
To exercise your rights, contact us at: [email protected]
7. International Transfers
Your data is stored within the UK or EEA. If we ever need to transfer data outside of the UK/EEA, we will ensure adequate safeguards are in place (e.g. Standard Contractual Clauses).
8. Data Security
We implement industry-standard technical and organisational measures to safeguard your data, including:
• Encrypted data storage
• Secure socket layer (SSL) for website encryption
• Access controls and regular staff training
9. Complaints
If you are unhappy with how your data is handled, please contact us first. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: https://ico.org.uk
Phone: 0303 123 1113
10. Updates to This Policy
We may update this policy from time to time. Please check our website periodically to stay informed of any changes.
