Privacy Policy

Effective Date: 14/09/2025
Website: https://www.skiptonpharmacy.co.uk
Business Address: Skipton Pharmacy, 93 Caroline Square, Skipton, BD23 1DA
Contact: 01756 792767 email: skipton@kmcaregroup.com

1. Introduction

This Privacy Policy outlines how Skipton Pharmacy (“we,” “our,” or “us”) collects, uses, stores, and protects your personal information when you visit or interact with our website, use our services, or communicate with us.

By using our website or services, you agree to the terms set out in this policy.

2. What Information We Collect

We may collect and process the following types of data:

Personal Information

  • Full name, date of birth, email, phone number, and postal address

  • NHS number, GP details, gender, and medical history relevant to services provided

  • Service-related information such as EPS nominations, booking details, prescriptions, or test results

  • Account registration details including usernames and passwords

  • Payment and billing information (processed securely via third-party payment providers)

  • Marketing preferences, feedback, and testimonials

Website Usage Information

  • IP address, browser type, device info, and pages visited

  • Any data you submit via forms or while interacting with our services

3. How We Use Your Information

We use your data to:

  • Provide NHS and private pharmacy services

  • Process repeat prescription requests and EPS nominations

  • Respond to queries, appointment bookings, and service requests

  • Send alerts, confirmations, and reminders for services like vaccinations or consultations

  • Manage and maintain your online account

  • Send newsletters or updates (only with your consent)

  • Improve service quality and detect fraud

  • Meet regulatory or legal obligations

Where required, we may share information with third-party providers (e.g., online doctors, travel clinics), but only to deliver services you’ve requested.

4. Legal Grounds for Processing

We rely on the following lawful bases under UK GDPR:

  • Consent – e.g., signing up for newsletters or booking private services

  • Contract – necessary to deliver products or services you've requested

  • Legal Obligation – to meet NHS or regulatory requirements

  • Vital Interests – when required to protect life or health

  • Legitimate Interests – to operate our business effectively, unless overridden by your rights

5. How Long We Keep Your Data

We retain data only as long as necessary to:

  • Provide services

  • Meet legal and regulatory requirements

  • Maintain records for auditing or compliance

You may request deletion of your data unless we are legally required to retain it.

6. Data Security

We take the security of your information seriously and implement safeguards including:

  • Secure UK-based servers

  • Encrypted communication using SSL

  • Access controls and regular data backups

  • PCI-compliant payment processing (we do not store card details)

7. Where Your Data Is Stored

Data is stored on secure servers located in the UK and may be accessed by authorised IT service providers within the EEA or outside, under strict contractual and security obligations. Some services may require data sharing with your GP or third-party health providers (e.g., online consultations, travel clinics).

8. Your Rights Under UK GDPR

You have the right to:

  • Be informed about how your data is used

  • Access the personal data we hold about you

  • Request corrections to inaccurate or incomplete data

  • Request deletion (where lawful)

  • Restrict or object to processing in some circumstances

  • Request data portability

  • Withdraw consent at any time (where applicable)

To exercise any of these rights, contact us using the details provided at the end of this policy.

9. Cookies & Tracking

We use cookies to enhance your browsing experience. These small files help us understand how you use the site and tailor content to your preferences. You can manage cookie settings in your browser. See our Cookie Policy for more information.

10. Third-Party Links and Services

Our website may link to third-party providers (e.g., booking systems, online doctors). These sites operate independently and have their own privacy policies. We encourage you to review those policies before submitting personal data.

11. Testimonials & Reviews

With your permission, we may publish feedback you provide (e.g., service ratings or comments) using your first name. You can request that we update or remove your testimonial at any time.

12. Social Media

Social media buttons or widgets on our site may collect data per the policies of those platforms (e.g., Facebook, Instagram). Please check their privacy terms before interacting.

13. Policy Updates

We may update this policy from time to time to reflect changes in our services or the law. Any changes will be posted on this page, with the “Effective Date” updated accordingly.

14. Contact Us

If you have questions or concerns about this policy or how your data is used, contact:

Data Protection Officer
Skipton Pharmacy
93 Caroline Square, Skipton, BD23 1DA
Call: 01756 792767
email: skipton@kmcaregroup.com
🌐 www.skiptonpharmacy.co.uk

You may also raise concerns with the Information Commissioner’s Office (ICO) at www.ico.org.uk