Privacy policy.

.

Coda Pharmacy Privacy Policy

 

This website (https://www.codapharmacy.co.uk) is wholly owned and operated by Coda Health Limited (company registration - 13866559)
We take your privacy and the security of your personal and medical information very seriously. Please read this Privacy Policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal information. It also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event you have a complaint.  
 We collect, use and are responsible for certain personal information about you. When we do so we are subject to the UK’s Data Protection Act, its Privacy and Electronic Communications Regulations (PECR) and the General Data Protection Regulation, which applies across the European Union. We are responsible as ‘controller’ of that personal information for the purposes of those laws.
This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from www.codapharmacy.co.uk (the “Site”).

 

Managing our data processing activities

 

We have appointed a Data Protection Officer to oversee our handling of personal data. You may contact the Data Protection Officer by email at info@codapharmacy.co.uk, by phone at 01323 924038, or in writing at our head office address above.
If you have any questions about our privacy policy or our approach to data protection and privacy, please contact our Data Protection Officer.

 

Personal information we collect about you  

 

We may collect and use the following personal information about you:  
  • your name and contact information, including postal address, email address and telephone number;   
  • information to enable us to check and verify your identity, e.g. your date of birth, scanned images of your exemption certificates, driving licence or passport;   
  • your gender information;  
  • your NHS number;  
  • information about your medicines, and the medicines you have been prescribed currently and in the past;  
  • your billing information, transaction and payment card information;   
  • your contact history, purchase history and saved items;   
  • information about how you use our website, information technology (IT), communication and other systems; and  
  • your responses to surveys, competitions and promotions.  
Personal information is required to provide our services to you. If you do not provide personal information we ask for, it may delay or prevent us from providing services to you.  

 

How your personal information is collected  

 

We collect most of this personal information directly from you—in person, by telephone, text or email and/or via our website and apps. However, we may also collect information:   
  • from a third party with your consent, e.g. your General Practitioner, NHS login or the NHS Spine system, which is the main database of your medical history with the NHS; 
  • from cookies on our website - for more information on our use of cookies, please see our https://www.codapharmacy.co.uk/cookie-policy  
  • via our IT systems, e.g. automated monitoring of our websites and other technical systems, such as our computer networks and connections. 
     

How and why we use your personal information  

 
In general, we only collect your information to provide you with our services – to help you order and keep track of your prescriptions and to dispense your prescriptions. We take our data protection responsibilities very seriously and will only process your information where we have a lawful basis for doing so. This will be the case if:
 - You have given us your consent to process the data.
- We need to process the data to perform our contractual obligations or to take steps to enter a contract (for example, we need certain contact details and details of your prescription in order to provide the service to you).
- We have to process your information to meet our legal obligations as a data controller (such as VAT and tax accounting rules).
- We have a legitimate interest in processing your data (this includes things like improving our service by collecting behavioural information to see what actions are taken within the app, auditing and investigation of any issues).
 We collect and process your information for a variety of purposes, but our main purpose is to provide the services you request. These include:
 - Storing your data in databases so that we can create and maintain your account.
- Verifying your identity so that we can complete your registration
- Communicating with GP surgeries and internally so that your orders can be processed and your prescriptions dispensed.
- Auditing and analysis of your data, in particular to help us respond to issues and improve our services.
- Managing returns and confidential waste.
- Communicating to you via in-app messaging services and logging these communications to ensure we give you the best customer experience.
- Communicating to you via email, push alerts and in-app notifications so that you are fully updated with the progress of your order and any related communications.
- On the rare occasion, we may need to contact you; this would only be in relation to your order, a query you have raised.
- we process your data not only to provide you with our direct services but also to facilitate a cohesive and enhanced service experience across the pharmacy group. This involves working collaboratively within the group to improve prescription services, streamline our operations, and deliver a seamless patient experience in line with our unified brand strategy. This may include sharing your data within the group entities where necessary to fulfil our service commitments to you and to realise our goal of continuous service improvement. All such processing is grounded in our legitimate interest to optimise our service delivery and in some cases may be based on your consent or as part of our contractual obligation to you.
 By using our service, you acknowledge and agree to the terms outlined in our Privacy Notice. This agreement is effective from registration

 

 

Special Category Personal Data

 

"Special categories" of particularly sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data.  
 
We will collect information about your health, including any medical condition, medication or health and/or sickness records.  This data is special category data.  
 
Special protection is given to this special category of personal data. We use this special category personal data primarily to comply with our legal obligations (including verifying your identity and ensuring that the correct medicines are dispensed to you).  
 
We handle your special category data with extra care. For example, we will not provide special category data to our delivery drivers.
   

NHS login  

 

Please note that if you access our services using your NHS login details, the identity verification services are managed by NHS England. NHS England is the controller of any personal information you provided to NHS England to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a "processor" only and we must act  under the instructions provided by NHS England (as the "controller") when verifying your identity. 
To see NHS login's Privacy Notice and Terms and Conditions, please click here. This restriction does not apply to the personal information you provide to us separately.
 

SHARING YOUR PERSONAL INFORMATION

 

 We share your Personal Information with third parties to help us use your Personal Information, as described above.  We use Google Analytics to help us understand how our customers use the Site--you can read more about how Google uses your Personal Information here:  https://www.google.com/intl/en/policies/privacy/.  You can also opt-out of Google Analytics here:  https://tools.google.com/dlpage/gaoptout.
 Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
 As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you.  For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
 

Your rights

The UK’s data protection laws provide you with certain rights: the right to request access to, rectification or erasure and portability of information relating to you as well as the right to request the restriction of our processing/use of information concerning you and the right to object to our processing in certain circumstances. You have the right to withdraw consent at any time for processing that is based on your consent and to information about how we are using information relating to you. You may lodge a complaint about us with the Information Commissioner’s Office (www.ico.org.uk)
 

DO NOT TRACK

Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
 

 

DATA RETENTION

When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
 

CHANGES

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
 

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@codapharmacy.co.uk or by mail using the details provided below:
 Coda Pharmacy, Unit 15 Westham Business park, Pevensey, BN24 5NP