_edited.png)
Privacy Policy
​
Worlingham Pharmacy
Last Updated: February 2026
1. Introduction:
Worlingham Pharmacy is committed to protecting your personal data and respecting your privacy.
This Privacy Policy explains how we collect, use, store, and protect your personal information when you:
Visit our website (https://www.worlighampharmacy.co.uk/)
Use our online booking system
Submit online prescription requests
Use our pharmacy services
Contact us directly
We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable NHS data governance requirements.
2. Who We Are (Data Controller)
Worlingham Pharmacy,
1 Woodland Ave, Worlingham, Beccles NR34 7EF
Telephone: 01502 712571
Worlingham Pharmacy is the data controller responsible for your personal data.
3. The Information We Collect
We may collect and process the following categories of personal data:
3.1 Identity Data
Full name
Title
Date of birth
​
3.2 Contact Data
Postal address, Email address, Telephone number
3.3 Health Data (Special Category Data)
Prescription information
Medication history
NHS number (where provided)
GP details
Relevant medical conditions
Service eligibility information
3.4 Transaction and Service Data:
Appointment details, Service history, Prescription requests.
3.5 Technical Data:
IP address,
Browser type and version
Device type
Pages visited
Cookie data
3.6 Communication Data
Emails, messages sent via website forms
Telephone call records (where applicable).
Health information is classified as special category data and is handled with enhanced protections.
4. How We Collect Your Information
We collect information:
Directly from you when you fill in forms or contact us.
Through online booking or prescription request forms.
When providing pharmacy or NHS services
Automatically via cookies when you use our website
From NHS systems or GP surgeries, where required to provide care
5. How We Use Your Personal Data
We use your information to:
Provide pharmacy services and healthcare advice
Process prescriptions
Manage repeat prescription requests
Book and manage appointments
Communicate with you about your care
Comply with NHS and regulatory obligations
Improve our website and services
Maintain security and prevent fraud
6. Legal Basis for Processing.
Under UK GDPR, we rely on the following lawful bases:
Healthcare Provision (Article 6(1)(e) and Article 9(2)(h)).
Processing is necessary for the provision of health or social care.
Legal Obligation (Article 6(1)(c))Processing required to comply with pharmacy and NHS regulations.
Contract (Article 6(1)(b))Processing necessary to provide requested services (e.g. online bookings).
Legitimate Interests (Article 6(1)(f))Operating and improving our services, provided your rights do not override those interests.
Consent (Article 6(1)(a))Where required, such as for marketing communications.
7. Online Booking Services
When you book an appointment online, we may collect:
Name,
Date of birth
Contact details
Address
Relevant health information
Appointment preferences
​
We use this information to:
Schedule and manage appointments
Provide pharmacy services
Send confirmations and reminders
Meet NHS and regulatory requirements
8. Online Prescription Requests
When submitting an online prescription request, we may collect:
Patient name
Date of birth
Address
NHS number
GP details
Medication details
Contact information
We use this information to:
Process repeat prescriptions
Liaise with your GP surgery
Dispense medication
Contact you regarding your prescription
Prescription data may be shared with NHS systems such as the NHS Spine where required.
9. Data Sharing
We only share your data when necessary and lawful. This may include:
GP surgeries
NHS bodies
NHS Business Services
Authority
Regulatory authorities (e.g., GPhC, ICO)
IT service providers (hosting, booking platforms, prescription systems)
All third-party processors are required to handle data securely and in accordance with data protection law.
We do not sell your personal data.
10. Cookies
Our website uses cookies to:
Ensure the website functions properly
Enable online booking and prescription services
Improve user experience
Analyse website traffic
Non-essential cookies are only used with your consent. You can manage your preferences through our cookie banner or your browser settings.
​
11. Data Security
We implement appropriate technical and organisational measures to protect your data, including:
Secure website encryption (HTTPS)
Access controls
Secure NHS-compliant systems
Staff confidentiality training
Secure storage of pharmacy records
12. Data Retention
We retain healthcare records in accordance with NHS and pharmacy regulatory retention schedules.
Website enquiry data is retained only as long as necessary to respond to your request.
13. International Transfers
We do not routinely transfer personal data outside the UK. If any service provider processes data outside the UK, appropriate safeguards will be implemented in accordance with UK GDPR.
14. Your Rights
Under UK data protection law, you have the right to:
Request access to your personal data
Request correction of inaccurate data
Request erasure (in certain circumstances)
Restrict processing
Object to processing
Request data portability
Withdraw consent where processing is based on consent
To exercise your rights, please contact us using the details above.
15. Complaints
If you have concerns about how we handle your data, please contact us first.
You also have the right to lodge a complaint with:
Information Commissioner’s Office (ICO)Website: https://www.ico.org.ukTelephone: 0303 123 111316.
Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be published on our website with the updated revision date.