Skip to main content

Privacy Policy

How we protect and use your information

Last Updated: 19 May 2026

Introduction

Resolven Pharmacy (“we”, “us”, “our”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you visit our pharmacy, use our website, or engage with our services.

As a registered pharmacy with the General Pharmaceutical Council (GPhC Registration: 1234567), we comply with all applicable data protection laws including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller Information

Data Controller: Resolven Pharmacy Ltd

Address: 1 Commercial Road, Resolven, Neath, SA11 4DA

Telephone: 01639 710303

Email: headoffice@resolvenpharmacy.co.uk

Superintendent Pharmacist: [Name]

ICO Registration Number: [Number]

2. Information We Collect

Personal Information

  • Name, date of birth, and contact details
  • NHS number and GP surgery details
  • Address and delivery information
  • Payment card details (processed securely via our payment provider)

Health Information (Special Category Data)

  • Prescription details and medication history
  • Medical conditions and allergies
  • Consultation notes and health assessments
  • Vaccination records

Technical Information

  • IP address and browser information
  • Cookies and similar technologies (see our Cookie Policy)
  • Website usage data and preferences

3. Legal Basis for Processing

Healthcare Services

We process your health data under the following legal bases:

  • Legal Obligation: To dispense NHS prescriptions and maintain pharmaceutical records
  • Vital Interests: In medical emergencies where consent cannot be obtained
  • Public Health: For vaccination programmes and public health reporting
  • Healthcare Provision: Under Article 9(2)(h) GDPR for healthcare services

Other Processing

  • Contract Performance: To process orders and deliveries
  • Legitimate Interests: For fraud prevention and service improvements
  • Consent: For marketing communications (where applicable)

4. How We Use Your Information

Healthcare Purposes

  • Dispensing prescriptions safely
  • Medication reviews and counselling
  • Clinical interventions and health checks
  • Vaccination administration
  • Safeguarding and patient safety

Administrative Purposes

  • Appointment scheduling
  • Payment processing
  • Delivery arrangements
  • NHS reimbursement claims
  • Regulatory compliance

5. Information Sharing

We only share your information when necessary for your care or as required by law:

Healthcare Providers

Your GP, NHS services, and other healthcare professionals involved in your care

Regulatory Bodies

GPhC, NHS Business Services Authority, MHRA for safety reporting

Service Providers

IT support, delivery services, payment processors (under strict contracts)

Legal Requirements

Law enforcement, courts, or regulatory investigations when legally required

6. Data Retention

We retain your data in accordance with legal and professional requirements:

Data TypeRetention Period
Prescription records10 years from last entry
Controlled drug records2 years from last entry
Patient medication records10 years or until 25th birthday (whichever is longer)
Financial records6 years
CCTV footage30 days (unless needed for investigation)

7. Your Rights

You have the right to:

  • Access your personal data
  • Rectify inaccurate information
  • Erase data (where applicable)
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent (where applicable)

How to exercise your rights:

Contact us using the details above. We will respond within 30 days.

Note: Some rights may be limited for pharmaceutical records due to legal obligations and patient safety requirements.

8. Data Security

We implement appropriate technical and organisational measures:

  • Encryption of data in transit and at rest
  • Secure premises with controlled access
  • Staff training and confidentiality agreements
  • Regular security assessments
  • Access controls and audit trails
  • Secure disposal of records
  • Incident response procedures
  • Business continuity planning

9. Children's Privacy

We provide services to patients of all ages. For patients under 16:

  • Parental consent may be required for certain services
  • We assess competence for consent on a case-by-case basis
  • Special safeguards apply to children's health data
  • Parents/guardians can exercise rights on behalf of young children

10. Cookies and Website Analytics

Our website uses cookies for:

  • Essential functionality (e.g., secure areas, shopping basket)
  • Analytics to improve our services (Google Analytics)
  • Remembering your preferences

You can control cookies through your browser settings. Essential cookies cannot be disabled as they are necessary for the website to function.

11. International Transfers

We store your data within the UK. If we need to transfer data internationally (e.g., to service providers), we ensure appropriate safeguards are in place, such as:

  • UK adequacy decisions
  • Standard contractual clauses
  • Your explicit consent (where required)

12. Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify you of significant changes via our website or, where appropriate, by contacting you directly.

13. Complaints

If you have concerns about how we handle your data:

  1. Contact us first - we aim to resolve issues promptly
  2. You can complain to the Information Commissioner's Office (ICO):

ICO Website: www.ico.org.uk
Telephone: 0303 123 1113
Address:Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Contact Our Data Protection Team

For any questions about this privacy policy or your data:

Email: privacy@resolvenpharmacy.co.uk
Phone: 01639 710303
Post: Data Protection, Resolven Pharmacy, 1 Commercial Road, Resolven, Neath, SA11 4DA