Privacy Policy

Privacy Policy

Last updated: 2024-01-01
Company: Curavia
ICO Registration: ZA123456

1. Introduction

Curavia ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our pharmacy management services, in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

Curavia
Address: UK
Email: privacy@curavia.co.uk
ICO Registration Number: ZA123456

3. Information We Collect

3.1 Personal Information

  • Contact Information: Name, email address, phone number, postal address
  • Account Information: Username, password (encrypted), account preferences
  • Booking Information: Appointment details, service preferences, special requirements
  • Health Information: Medical questionnaire responses, consultation notes (where applicable)
  • Payment Information: Billing address, payment method details (processed securely through Stripe)

3.2 Technical Information

  • Device Information: IP address, browser type, operating system
  • Usage Data: Pages visited, time spent on site, click patterns
  • Cookies: See our Cookie Policy for detailed information

4. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract: To provide our pharmacy services and fulfill bookings
  • Consent: For marketing communications and optional services
  • Legal Obligation: To comply with healthcare regulations and tax requirements
  • Legitimate Interest: To improve our services and ensure security

5. How We Use Your Information

  • Provide and manage your pharmacy appointments
  • Process payments and maintain financial records
  • Communicate about your appointments and services
  • Comply with healthcare and pharmaceutical regulations
  • Improve our services and customer experience
  • Send marketing communications (with your consent)
  • Maintain security and prevent fraud

6. Data Sharing and Disclosure

We may share your information with:

  • Healthcare Professionals: Your GP or other healthcare providers (with your consent)
  • Payment Processors: Stripe for secure payment processing
  • Service Providers: Third-party services that help us operate (email, hosting, analytics)
  • Legal Requirements: When required by law or to protect our legal rights

7. Data Retention

We retain your personal data for:

  • Health Records: 7 years as required by healthcare regulations
  • Financial Records: 6 years as required by HMRC
  • Marketing Data: Until you withdraw consent
  • Account Data: Until account deletion is requested

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data (subject to legal requirements)
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Request transfer of your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for marketing or optional services

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication
  • Staff training on data protection
  • Secure hosting with reputable providers

10. Cookies

We use cookies to improve your experience on our website. Please see our Cookie Policy for detailed information.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

  • Email: privacy@curavia.co.uk
  • Address: UK

13. Complaints

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

  • Website: www.ico.org.uk
  • Phone: 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by email or through our website. The date of the last update is shown at the top of this policy.