This policy applies between you, the user of this website, and Express Dispense Limited the owner and provider of this website (www.lovepharmacy.com).This policy applies to our use of any and all Data collected by us in relation to your use of the website.
1. Definitions and Interpretation
In this policy the following terms shall have the following meanings:
means collectively all information that you submit to www.lovepharmacy.com via the website. This definition shall, where applicable, incorporate the definitions provided in the Data Protection Act 1998.
means a small text file placed on your computer by this website when you visit certain parts of the website and/or when you use certain features of the website.
Express Dispense Limited
means Express Dispense Limited, trading as www.lovepharmacy.com, of Unit 4, Woking Business Park, Albert Drive, Woking, Surrey GU21 5JY.
UK and EU Cookie Law
means the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011.
means any third party that accesses the website and is not employed by Express Dispense Limited and acting in the course of their employment.
Means the website that you are currently using, www.lovepharmacy.com and any sub-domains of this site (e.g. subdomain www.lovepharmacy.com/slides unless expressly excluded by their own terms and conditions)
2. Scope of this Policy
This policy applies only to the actions of Express Dispense Limited and Users with respect to this website. It does not extend to any websites that can be accessed from this website including, but not limited to, any links we may provide to social websites.
3. Data Collected
Without limitation, any of the following Data may be collected by this website from time to time:
3.2 Date of birth
3.4 Job title
3.6 Contact information, such as, email addresses and telephone numbers
3.7 Demographic information, such as, postcode, preferences and interests
3.8 Financial Information, such as, credit/debit card numbers
3.9 IP address (automatically collected)
3.10 Web browser type and version (automatically collected)
3.11 Operating system (automatically collected)
3.12 A list of URLs starting with a referring site, your activity on this website, and the site you exit to (automatically collected)
4. Our Use of Data
4.1 Any personal data you submit will be retained by Express Dispense Limited for at least six months. Patient medical information, prescriptions etc. will be held for longer periods (please contact Express Dispense for more specific retention periods)
4.2 Unless we are obliged or permitted by law to do so, and subject to Clause 5, your data will not be disclosed to third parties. This includes or does not include our affiliates and /or other companies within our group.
4.3 All personal data is stored securely in accordance with the principles of the Data Protection Act 1998. For details on security see Clause 11 below.
4.4 Any or all of the above data may be required by us, from time to time, to provide you with the best possible service and experience when using our website. Specifically, data may be used for the following reasons:
4.4.1 Internal record keeping
4.4.2 Improvement of our products and services
4.4.3 Transmission by email of promotional materials that may be of interest to you
4.4.4 Contact for market research purposes which may be done using email, telephone, fax or mail. Such information may be used to customise or update the website.
5. Third Party Websites and Services
5.1 Express Dispense Limited may, from time to time, employ the services of other parties for dealing with matters that may include, but are not limited to, payment and processing, delivery of purchased items, search engine facilities, advertising and marketing. The providers of such services do not have access to certain personal data provided by users of this website.
5.2 Any data used by such parties is used only to the extent required by them to perform the services that Express Dispense Limited requests. Any use for any other purposes is strictly prohibited. Furthermore, any data that is processed by third parties shall be processed within the terms of this policy and in accordance with the Data Protection Act 1998.
6. Links to Other Websites
7. Changes of Business Ownership and Control
7.1 Express Dispense Limited may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of Express Dispense Limited. Data provided by users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this policy, be permitted to use the data for the purposes it was originally supplied to us.
7.2 In the event that any data submitted by users is to be transferred in such a manner, you will not be contacted in advance and informed of the changes. When contacted you will not be given the choice to have your data deleted or withheld from the new owner or controller.
8. Controlling the Use of Your Data
8.1 Whenever you are required to submit data, you will be given options to restrict our use of that data. This may include the following:
8.1.1 use of data for direct marketing purposes
8.1.2 sharing data with third parties
9. Your Right to Withhold Information
9.1 You may access certain areas of the website without providing any data at all. However, to use all features and functions available on the website you may be required to submit certain data.
10. Accessing Your Own Data
You have the right to ask for a copy of any of your personal data held by Express Dispense limited (where such data is held) on payment of a small fee which will not exceed £10.
11.1 Data security is of great importance to Express Dispense Limited and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected via this website.
12 Changes to this Policy
Express Dispense Limited reserves the right to change this Policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the website and you are deemed to have accepted the terms of the Policy on your first use of the website following the alterations.
13 Cookies Policy
Cookies are very small text files that are stored on your computer when you visit some websites.
You can disable any cookies already stored on your computer, but these may stop our website from functioning properly.
1) The following is strictly necessary in the operation of our website.
This website will:
Remember whether you have any items in your basket.
Remember that you are logged in and that your session is secure. You need to be logged in to purchase our Pharmacy Products, to use our Online Doctor consultation service, to access the Personal Dashboard and to view secure content.
2) The following are not Strictly Necessary, but are required to provide you with the best user experience and also to tell us which pages you find most interesting (anonymously).
This website will:
Track the pages you visit via Google Analytics.
This policy sets out the procedures and management accountability that have been put in place within the pharmacy to safeguard customer and patient data used within the pharmacy. Patient data will only be shared where appropriate with a patient’s GP practice, private healthcare providers/prescribers, or other NHS clinicians providing treatment, and secure IT service providers of NHS services and for company systems, whose role is limited to managing the integrity of the data. Information will not be shared with any third party commercial organisations.
14.1 Procedures to manage Governance and Privacy
The following procedures have been put in place to support the confidential handling of information within the pharmacy and the sharing of this information with other organisations:
- Information Governance Standard Operating Procedure (SOP) is an overarching procedure to manage patient data either electronic or paper based within the surgery
- Staff Confidentiality sets out the standards expected of staff in maintaining the confidentiality of patient information
- Staff Access Control and Password Management ensures that the electronic patient data is only accessed by pharmacists and technicians who are issued with log in details and passwords for the Pharmacy Management System (PMS) and the Electronic Prescription Service (EPS). Users of EPS are issued with secure smartcards via the NEL Commissioning Support Unit part of the NHS.
- Incident Management sets out how we will manage any breach of security data.
- Business Continuity provides ways of working should our system fail. This includes how data is backed up and restored, and how we will manage resumption of the service by Helix Health, our secure IT partners, if we have an IT failure.
14.2 Staff Duties and Responsibilities
All staff, whether permanent, temporary or contracted are responsible for ensuring that they remain aware of the requirements incumbent upon them for ensuring compliance on a day to day basis. These include maintaining confidentiality of data, ensuring secure storage of data and being aware of situations where disclosure may be required or may not be required.
14.3 Accountabilities and Responsibilities
The designated Information Governance Lead in the pharmacy is responsible for overseeing the day to day Information Governance issues; developing and maintaining policies, standards, procedures and guidance, coordinating Information Governance in the pharmacy, raising awareness of Information Governance and ensuring that there is ongoing compliance with the policy and its supporting standards and guidelines.
The pharmacy contractor (owner) is responsible for ensuring that sufficient resources are available to support the implementation of Information Governance procedures in order to ensure compliance with legal and professional requirements and the NHS Information Governance requirements.
14.4 Monitoring this Policy
This policy will be reviewed at least annually.
Breach of this policy could lead to disciplinary action. Depending on the circumstances this could range from remedial training to dismissal.