MedAdvisor Welam UK Limited (MedAdvisor, we, us, our) is committed to processing your Personal Data in accordance with the written instructions obtained from customers and strictly in compliance with all relevant Data Protection Legislation, which may change from time to time, but currently includes the Data Protection Act 2018 and the provisions of the General Data Protection Regulations.
Personal Data is any information which is related to an identified or identifiable natural person.
In Part 1, 'you' refers mainly to consumer users of the App. Where appropriate, 'you' also refers to caregivers of consumer users where those caregivers are also registered with the App.
MedAdvisor will collect and hold your Personal Data strictly within the regulations permitted and only for as long as the Personal Data has been authorised and is required. Where it is necessary and reasonably practical to do so, we will collect your Personal Data directly from you. However, when duly authorised we may also collect Personal Data from third parties such as pharmacies participating in the App or using MedAdvisor Services and, with your consent, from the NHS Spine, and other health related apps/websites.
We may collect and process your Personal Data in a number of ways including through some of the following means:
We may also collect Personal Data automatically through some of the following means:
For initial account setup, as a minimum, you will need to provide us with your first name, surname, date of birth, postcode, mobile number, email address and select a password.
To sign up for the App in a pharmacy, with your consent, a pharmacy staff member will use your name, NHS number, date of birth and mobile number to create an activation code that is sent to you via SMS communication. The pharmacy may already have these details on file in their pharmacy software system.
MedAdvisor may collect information about your prescribed medications, including details of the medication prescribed and/or dispensed, dates dispensed, and any repeat dosages left. MedAdvisor may also collect information such as title, gender and full address, as this information is included with prescriptions.
MedAdvisor may also collect information that you:
In addition to the types of Personal Data identified above, we may from time to time collect Personal Data as otherwise permitted or required by law.
MedAdvisor also collects, holds, uses and discloses your Personal Data, with your consent, to:
We may also use, share or disclose your Personal Data:
As the GDPR permits, we may also use your Personal Data in an anonymised form (anonymisation being a process by which a collection of Personal Data is irreversibly altered to remove or obscure personal identifiers and Personal Data) to assist us in running and improving our business. We may also provide further anonymised Personal Data drawn from the App in aggregated form, to third parties. This information may include (but is not limited to):
(a) locations of users
(b) dispense records of prescriptions dispensed/not dispensed, and prescription dispensing behaviour and patterns that App users have been prescribed by their medical professional, and
(c) functions accessed by users including analytics of use of the App.
When referring to the use of 'aggregate data', this means the aggregate of data composed of at least 10 or more individuals’ records.
When your Personal Data is included in anonymised data, or anonymised aggregated data, it is not possible to identify you or anything about you from that data.
We may provide you with information such as tips, advice and warnings about your prescribed medications.
You may opt out at any time if you no longer wish to receive commercial messages generally or about any specific prescribed medication.
At any time, you may contact our Data Protection Officer via email at firstname.lastname@example.org to make a subject access request for the Personal Data that we hold about you and/or to make corrections to your Personal Data.
You may request to have your Personal Data deleted by contacting our Data Protection Officer via email at email@example.com or via the App, by navigating to Settings, selecting Help Options and choosing Contact Support. Subject to our legal obligations to retain copies, we will delete or anonymise your Personal Data.
MedAdvisor maintains appropriate physical, procedural, back-up and technical security for its offices and information storage facilities so as to prevent any misuse, interference or loss, or unauthorized access, disclosure, or modification of Personal Data. This also applies to disposal and/or anonymisation of Personal Data.
MedAdvisor will notify the applicable pharmacy if it becomes aware of any data breach and provide the pharmacy with full co-operation and assistance.
MedAdvisor further protects Personal Data by restricting access to Personal Data to those who strictly need access to do their job (for example, to respond to your queries or provide you or your pharmacist/pharmacy with support services in relation to the App).
Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS Digital. NHS Digital is the controller for any personal information you provided to NHS Digital to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a “processor” only and we must act under the instructions provided by NHS Digital (as the “controller”) when verifying your identity. To see NHS Digital’s Privacy Notice and Terms and Conditions, please click here. This restriction does not apply to the personal information you provide to us separately.
We may collect basic contact information of pharmacy staff in the course of providing the MedAdvisor Services to your pharmacy and its patients. Basic contact information may include the name, role, email address, postal address or phone numbers of pharmacy staff. Where requested, supply of such information is optional but can assist us in providing better support and training services to your pharmacy.
We will only use contact information of pharmacy staff for the purposes of providing the MedAdvisor Service to your pharmacy and patients, and in supporting and training on the use of MedAdvisor by your pharmacy staff. Personal Data may be disclosed to third parties used in conjunction with pharmacy relationship management (e.g., email, invoicing, service request management, etc.) or in other cases where consent has been given. This may involve disclosure, transmission and storage of Personal Data outside of the UK and EEA to regions including but not limited to Australia and the USA.
Information Commissioner's Office
Telephone: 0303 123 1113
Fax: 01625 524510