Mon–Sat

Privacy and Data Protection

Effective date: 2026-04-19. If you have questions, contact us at tonbridgepharmacy@gmail.com.

Privacy Policy

We process personal data lawfully, fairly, and transparently to provide pharmacy and appointment services.

Information We Collect

  • Identity and contact data such as name, email, phone number, and address.
  • Appointment and service data including booking date, time, selected service, and related notes.
  • Technical data such as browser information, IP address, and website usage events.
  • Payment reference information from payment processors; we do not store full card details.

How We Use Your Information

  • To schedule, confirm, and manage appointments and related communication.
  • To send service notifications, reminders, confirmations, and operational emails.
  • To meet legal, regulatory, and healthcare record obligations.
  • To improve website performance, reliability, and user experience.

Data Sharing

  • With trusted service providers such as payment, hosting, and email vendors under data processing agreements.
  • With regulators, legal authorities, or auditors when required by law.
  • Within internal care and operations teams on a need-to-know basis.
  • We do not sell personal data to third parties.

Retention

  • We retain personal and appointment data only as long as needed for service delivery, legal, and compliance purposes.
  • Retention periods vary based on record category and regulatory obligations.
  • Expired or unnecessary data is securely deleted or anonymized.

GDPR Policy

For UK/EU users, we follow GDPR principles including purpose limitation, minimization, and accountability.

Lawful Bases

  • Contract: to provide booked appointments and requested services.
  • Legal obligation: for required healthcare, accounting, and compliance records.
  • Legitimate interests: for service quality, fraud prevention, and security.
  • Consent: for optional marketing or non-essential communication when requested.

Your Rights

  • Right of access to your personal data.
  • Right to rectification of inaccurate or incomplete information.
  • Right to erasure where legally applicable.
  • Right to restrict or object to specific processing activities.
  • Right to data portability for eligible data.
  • Right to withdraw consent where processing depends on consent.

How to Exercise Rights

  • Email tonbridgepharmacy@gmail.com with the subject 'Data Rights Request'.
  • Include your full name and enough information to verify your identity.
  • We respond within applicable legal timelines.

Data Protection Policy

We apply technical and organizational controls to protect confidentiality, integrity, and availability of data.

Security Controls

  • Role-based access controls and least-privilege permissions for staff systems.
  • Encryption in transit using HTTPS/TLS and secure credentials management.
  • Audit logging and monitoring for critical operational and administrative actions.
  • Regular patching, dependency updates, and vulnerability review practices.

Incident Handling

  • Potential incidents are investigated promptly with risk assessment and containment.
  • Where required, affected parties and authorities are notified within legal timelines.
  • Corrective actions are documented and tracked to completion.

Staff and Governance

  • Staff handling personal data are trained on confidentiality and data handling responsibilities.
  • Access to sensitive data is limited to authorized personnel with business need.
  • Policies are reviewed periodically and updated when legal or operational requirements change.
Need help? Chat with us!