Dose Direct Logo
Get Started

Privacy Policy

DoseDirect Privacy Notice
Last updated: 15 July 2025

DoseDirect Ltd (“DoseDirect”, “we”, “us”) is committed to protecting the privacy and confidentiality of our patients, customers and website visitors. This notice explains what personal data we collect, why we collect it, how we use it, the lawful bases we rely on, and the rights you have under UK GDPR, the Data Protection Act 2018, the Human Medicines Regulations 2012 and the General Pharmaceutical Council (GPhC) Standards for Registered Pharmacies.

1. Who we are

  • DoseDirect Ltd (Company No. 14345678)
  • Registered premises: 123 High Street, Coleshill, B46 3BP
  • Superintendent Pharmacist & Data-Protection Officer (DPO): Daniel Chalmers, GPhC reg 2222680

Dan.chalmers@dosedirect.co.uk

01675 592503 

We are the Controller of the personal data described in this notice.

2. Personal data we collect

Category Identity & contact Examples Source
Identity & contact
Full name, date of birth, postal address, e-mail, phone, photo-ID
You / uploaded documents
Health & clinical
Medical history, medicines, allergies, BMI evidence (screenshot, HCP form, live video), consultation recordings
You / your GP / NHS Summary Care Record (with consent)
Prescription & supply
PGD approvals, private prescriptions, batch Nos., delivery tracking
Created by our pharmacists
Payment
Card details processed by Stripe; we receive only tokenised last-4 digits
Stripe
Technical
IP address, cookies, device type, accessibility settings
Your browser
Marketing preferences
Opt-in status, affiliate codes, refer-a-friend
You

3. Why we use your data & lawful bases

Purpose Lawful basis (UK GDPR Art. 6) Additional condition (Art. 9 health data)
Dispensing medicines, issuing PGD supplies, verifying suitability
6(1)(c) legal obligation (Human Medicines Regs); 6(1)(e) public task (pharmacy practice)
9(2)(h) healthcare
Accessing Summary Care Record
6(1)(e) public task
9(2)(h)
Creating your patient record & labelling parcels
6(1)(c)/(e)
9(2)(h)
Delivering orders (Royal Mail / DPD) & returns
6(1)(b) contract
n/a
Pharmacovigilance (Yellow Card reports)
6(1)(c) legal obligation
9(2)(i) public-interest in public-health
Regulatory inspection (GPhC, MHRA, ICO)
6(1)(c)
9(2)(h)/(i)
Marketing e-mails & refer-a-friend
6(1)(a) consent
n/a
Website analytics & cookies
6(1)(a) consent
n/a
Accessibility settings (save your choices)
6(1)(a) consent
n/a

We do not sell your data.
Automated decision-making is limited to simple triage questions; a pharmacist always reviews the final decision.

4. Sharing your data

Recipient Reason Safeguards
Royal Mail / DPD
Address & tracking e-mail for delivery
UK storage; data-processing agreement
Your GP (with consent)
Continuity of care; notification of first PGD supply or safety concern
NHSmail secure e-mail
MHRA
Yellow Card ADR reports
Secure portal
Regulators (GPhC, ICO)
Inspection or statutory request
Minimal necessary
IT providers (Charac, RxWeb, Stripe, Microsoft 365, Click & Drop)
Hosting clinical record, payment & e-mail
UK/EU data centres, encryption, signed DPAs

We will only transfer data outside the UK where the destination offers UK-adequate protection or standard contractual clauses are in place.

5. Retention

Record Retention period SOP ref.
Clinical & prescription records
8 years after last supply
Record-Retention SOP
Delivery & temp-logger files
2 years
Cold-Chain SOP
Financial records
6 years
HMRC
Consultation recordings
6 months
Remote-Consult SOP
Marketing opt-in data
Until you unsubscribe
Marketing SOP

6. Security measures

  • Multi-factor authentication for staff accounts.
  • Role-based access; least-privilege.
  • Enhanced DBS-checked staff; annual data-security training.
  • Daily off-site back-ups within UK.
  • Data are encrypted at rest using industry-standard AES-256 (or equivalent) encryption on all hosting platforms we use

7. Your rights

You can: access, rectify, erase, restrict, object, or port your personal data; and withdraw consent at any time (doesn’t affect prior processing). Contact the DPO by e-mail or post (details above).

If you are unhappy, you can complain to the Information Commissioner’s Office: 0303 123 1113 | ico.org.uk.

8. Cookies & analytics

Our site uses essential cookies for security and ordering; optional cookies for analytics/marketing load only after you click “Accept cookies”. Full details are in our Cookie Policy (link in the footer).

9. Accessibility

An accessibility toolbar (widget icon, bottom-right) lets you adjust font size, contrast, spacing and screen-reader mode. Large-print PILs or braille labels are available on request (info@dosedirect.co.uk).

10. Changes to this notice

We review this policy at least annually. Significant changes will be highlighted on the website or by e-mail if they affect your rights.

Sign up our newsletter to get update information, news, insight or promotions.

Hassle-Free Medication, Straight to Your Door
Facebook X-twitter Instagram Linkedin
Company
Info
Reach Us
Email

info@dosedirect.co.uk

Let's Talk

Phone : 01675 592503

Registered Premises Address

Room 5, Lower Ground Floor, Chantry House, High Street, Coleshill, Birmingham, B46 3BP

Copyright© 2025 DoseDirect, All rights reserved.

“Booking and consultations powered by Charac”

Website by Synergy Media