{"id":916,"date":"2025-09-30T20:30:26","date_gmt":"2025-09-30T20:30:26","guid":{"rendered":"https:\/\/quilliamcare.com\/?page_id=916"},"modified":"2025-10-05T21:11:50","modified_gmt":"2025-10-05T21:11:50","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/quilliamcare.com\/index.php\/privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"916\" class=\"elementor elementor-916\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-95a4d01 e-flex e-con-boxed e-con e-parent\" data-id=\"95a4d01\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-a40c819 elementor-widget elementor-widget-heading\" data-id=\"a40c819\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Privacy Policy<\/h2>\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-f1446c2 e-flex e-con-boxed e-con e-parent\" data-id=\"f1446c2\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-5aed2f2 elementor-widget elementor-widget-text-editor\" data-id=\"5aed2f2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<h2>Quilliam Care Privacy Policy<\/h2><div class=\"subtitle\">Last updated: 01\/10\/2025<\/div><p>Quilliam Care Ltd (\u201c<strong>Quilliam Care<\/strong>\u201d, \u201c<strong>we<\/strong>\u201d, \u201c<strong>us<\/strong>\u201d, or \u201c<strong>our<\/strong>\u201d) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in accordance with the UK General Data Protection Regulation (<strong>UK GDPR<\/strong>), the Data Protection Act 2018 (<strong>DPA 2018<\/strong>), and other applicable laws and professional standards.<\/p><p>This policy applies to personal data processed through our website\u00a0<span class=\"mono\">https:\/\/www.quilliamcare.com<\/span>, related digital services, and in the provision of our NHS and private pharmacy services (collectively, the \u201c<strong>Services<\/strong>\u201d).<\/p><h3>1. Who We Are (Controller)<\/h3><p><strong>Controller:<\/strong>\u00a0Quilliam Care Ltd<\/p><p><strong>Registered Address:<\/strong>\u00a0128 City Road, London, United Kingdom, EC1V 2NX<\/p><p><strong>Email:<\/strong>\u00a0<a href=\"mailto:info@quilliamcare.com\">info@quilliamcare.com<\/a><\/p><p><strong>Telephone:<\/strong>\u00a00800\u00a0999\u00a04888<\/p><p><strong>Data Protection Lead:<\/strong>\u00a0Mr\u00a0Sajid Khan, Superintendent Pharmacist. Quilliam Care Ltd does not require a formal Data Protection Officer under Article\u00a037 UK GDPR. All data protection matters are overseen by our Superintendent Pharmacist and can be contacted at\u00a0<a href=\"mailto:privacy@quilliamcare.com\">privacy@quilliamcare.com<\/a>.<\/p><p>We act as the\u00a0<strong>Data Controller<\/strong>\u00a0for the personal information we process about our patients, website visitors, and service users.<\/p><h3>2. Information We Collect<\/h3><p>We may collect and process the following categories of personal data:<\/p><h4>2.1 Personal Data<\/h4><ul class=\"list-tight\"><li>Identity information: name, date of birth, NHS number, gender.<\/li><li>Contact details: address, telephone number, email address.<\/li><li>Health information: prescription details, medical history, allergies, vaccination status (necessary for providing pharmacy services).<\/li><\/ul><h4>2.2 Transactional Data<\/h4><ul class=\"list-tight\"><li>Records of prescriptions, orders, payments, and delivery details.<\/li><\/ul><h4>2.3 Technical and Usage Data<\/h4><ul class=\"list-tight\"><li>IP address, browser type, device identifiers, operating system, access times, and browsing activity on our site.<\/li><\/ul><h4>2.4 Financial Data<\/h4><ul class=\"list-tight\"><li>Limited payment details for private services (processed securely via third\u2011party payment providers; we do not store full card details).<\/li><\/ul><h4>2.5 Special Category Data (Health)<\/h4><ul class=\"list-tight\"><li>Required to safely provide NHS and private pharmacy services.<\/li><li>Processed under Article\u00a09(2)(h) UK GDPR and Schedule\u00a01, Part\u00a01(2)(h) DPA\u00a02018 (health or social care purposes).<\/li><\/ul><h4>2.6 Children\u2019s Data<\/h4><p>Where pharmacy services relate to children, we may collect limited data from parents\/guardians or directly from the child where appropriate.<\/p><h3>3. Legal Bases for Processing<\/h3><p>We process personal data lawfully under the following bases:<\/p><ul class=\"list-tight\"><li><strong>Contractual necessity<\/strong>\u00a0\u2014 to fulfil our obligations in providing pharmacy services.<\/li><li><strong>Legal obligation<\/strong>\u00a0\u2014 to comply with NHS regulations, GPhC standards, HMRC requirements, and safeguarding duties.<\/li><li><strong>Legitimate interests<\/strong>\u00a0\u2014 to improve our services, prevent fraud, and ensure security (balanced against your rights).<\/li><li><strong>Consent<\/strong>\u00a0\u2014 for optional marketing communications or non\u2011essential cookies.<\/li><li><strong>Public interest in healthcare \/ Provision of health or social care<\/strong>\u00a0\u2014 for special category (health) data under Article\u00a09(2)(h) UK GDPR and Schedule\u00a01, Part\u00a01(2)(h) DPA\u00a02018.<\/li><\/ul><h3>4. How We Use Your Information<\/h3><ul class=\"list-tight\"><li>Dispensing and delivering NHS and private prescriptions.<\/li><li>Providing pharmacy services including Pharmacy First, medicines use reviews, and public health campaigns.<\/li><li>Communicating with you regarding your medicines, care, or account.<\/li><li>Maintaining accurate pharmacy records as required by NHS and GPhC.<\/li><li>Processing payments, refunds, and managing transactions.<\/li><li>Sending service updates, health campaigns, or newsletters (if you opt in).<\/li><li>Ensuring safety, preventing fraud, and protecting against misuse.<\/li><li>Meeting regulatory and audit obligations, including the NHS DSP Toolkit.<\/li><\/ul><h3>5. Data Retention<\/h3><p>We retain personal information only as long as necessary for the purposes set out in this policy and to meet professional or legal obligations:<\/p><ul class=\"list-tight\"><li><strong>NHS prescription records:<\/strong>\u00a0at least 2 years from the date of dispensing (5 years for controlled drugs).<\/li><li><strong>Private prescription records:<\/strong>\u00a0at least 2 years.<\/li><li><strong>Patient medication records (PMRs):<\/strong>\u00a0typically 10 years.<\/li><li><strong>Financial\/transaction records:<\/strong>\u00a06 years (HMRC).<\/li><li><strong>Website account data:<\/strong>\u00a0retained until you request deletion.<\/li><\/ul><h3>6. Disclosure of Your Information<\/h3><p>We may share your information with:<\/p><ul class=\"list-tight\"><li>NHS bodies (e.g., NHSBSA, ICBs) for payment and audit.<\/li><li>Healthcare professionals involved in your care.<\/li><li>Regulators such as the GPhC or MHRA where required.<\/li><li>Service providers (couriers, IT support, payment processors) under written data processing agreements.<\/li><li>Law enforcement or courts if legally required.<\/li><\/ul><p>We do not sell personal data to third parties.<\/p><h3>7. International Transfers<\/h3><p>We do not routinely transfer data outside the UK. Where an international transfer is necessary (e.g., cloud hosting), we ensure appropriate safeguards, such as UK GDPR standard contractual clauses or adequacy regulations.<\/p><h3>8. Security of Your Information<\/h3><p>We implement physical, technical, and administrative safeguards to protect your data, including encrypted storage, secure servers, role\u2011based access controls, staff training, and secure prescription delivery systems. We complete the NHS Data Security and Protection (DSP) Toolkit annually.<\/p><div class=\"callout\"><strong>Breach handling:<\/strong>\u00a0In the unlikely event of a personal data breach, we assess and, where required, report the incident to the ICO within 72 hours and inform affected individuals promptly.<\/div><h3>9. Your Rights<\/h3><p>You have the right to:<\/p><ul class=\"list-tight\"><li>Access the data we hold about you.<\/li><li>Request correction or deletion.<\/li><li>Restrict or object to certain processing.<\/li><li>Request transfer of your data (data portability).<\/li><li>Withdraw consent at any time (where consent is the legal basis).<\/li><\/ul><p>We respond to all valid requests within\u00a0<strong>one calendar month<\/strong>. We may need to verify your identity before providing access to personal data to protect confidentiality. To exercise your rights, contact\u00a0<a href=\"mailto:info@quilliamcare.com\">info@quilliamcare.com<\/a>\u00a0or\u00a0<a href=\"mailto:privacy@quilliamcare.com\">privacy@quilliamcare.com<\/a>.<\/p><h3>10. Cookies and Tracking<\/h3><p>We use essential cookies for site security and session management. Non\u2011essential cookies (e.g., analytics) are used only with your consent via our cookie banner. For full details, see our\u00a0<a href=\"#\">Cookie Policy<\/a>, which lists each cookie, its purpose, and expiry. You can change or withdraw consent at any time via \u201cCookie settings\u201d.<\/p><h3>11. Accountability &amp; Training<\/h3><p>All staff handling personal data receive annual data protection and confidentiality training. We maintain records of processing activities (RoPA) in line with Article 30 UK GDPR and operate policies and procedures to evidence accountability.<\/p><h3>12. Complaints<\/h3><p>If you are unhappy with how we process your data, please contact us first so we can resolve your concerns.<\/p><p>If you remain dissatisfied, you may complain to the Information Commissioner\u2019s Office (ICO):<\/p><p><strong>Address:<\/strong>\u00a0Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF<br \/><strong>Telephone:<\/strong>\u00a00303 123 1113<br \/><strong>Website:<\/strong>\u00a0<a href=\"https:\/\/www.ico.org.uk\" rel=\"noopener\">www.ico.org.uk<\/a><\/p><h3>13. Contact Us<\/h3><p>If you have questions about this Privacy Policy or how we handle your information:<\/p><p><strong>Email:<\/strong>\u00a0<a href=\"mailto:info@quilliamcare.com\">info@quilliamcare.com<\/a><br \/><strong>Phone:<\/strong>\u00a00800 999 4888<br \/><strong>Address:<\/strong>\u00a0Quilliam Care Ltd, 128 City Road, London, United Kingdom, EC1V 2NX<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Privacy Policy Quilliam Care Privacy Policy Last updated: 01\/10\/2025 Quilliam Care Ltd (\u201cQuilliam Care\u201d, \u201cwe\u201d, \u201cus\u201d, or \u201cour\u201d) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"elementor_header_footer","meta":{"footnotes":""},"class_list":["post-916","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/quilliamcare.com\/index.php\/wp-json\/wp\/v2\/pages\/916","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/quilliamcare.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/quilliamcare.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/quilliamcare.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/quilliamcare.com\/index.php\/wp-json\/wp\/v2\/comments?post=916"}],"version-history":[{"count":46,"href":"https:\/\/quilliamcare.com\/index.php\/wp-json\/wp\/v2\/pages\/916\/revisions"}],"predecessor-version":[{"id":1484,"href":"https:\/\/quilliamcare.com\/index.php\/wp-json\/wp\/v2\/pages\/916\/revisions\/1484"}],"wp:attachment":[{"href":"https:\/\/quilliamcare.com\/index.php\/wp-json\/wp\/v2\/media?parent=916"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}