MedAdvisor Welam UK Limited (MedAdvisor, we, us, our) is committed to processing your Personal Data in accordance with the written instructions obtained from customers and strictly in compliance with all relevant Data Protection Legislation, which may change from time to time, but currently includes the Data Protection Act 2018 and the provisions of the General Data Protection Regulations.
Personal Data is any information which is related to an identified or identifiable natural person.
Please take a moment to read our Privacy Policy as it describes what happens to your Personal Data, which is collected and/or processed by the information technology platform, here termed the MedAdvisor Service or Service or App and/or on occasion sub-processed as necessarily required.
The MedAdvisor Service is defined as any software offered by MedAdvisor and accessed by consumers (consumers, patients or users) or pharmacy staff via Apple iOS Apps, Android Apps, in web format at www.mymedadvisor.co.uk/privacy or via software installed in pharmacies, and any other software or documentation which supports the Service. Our Privacy Policy is divided into three parts:
Part 1 of our Privacy Policy describes how MedAdvisor handles the Personal Data of consumers who use the App and also covers the handling/processing of the Personal Data of consumers who access the App via the MedAdvisor Carer Mode.
In Part 1, 'you' refers mainly to consumer users of the App. Where appropriate, 'you' also refers to caregivers of consumer users where those caregivers are also registered with the App.
MedAdvisor will collect and hold your Personal Data strictly within the regulations permitted and only for as long as the Personal Data has been authorised and is required. Where it is necessary and reasonably practical to do so, we will collect your Personal Data directly from you. However, when duly authorised we may also collect Personal Data from third parties such as pharmacies participating in the App or using MedAdvisor Services and, with your consent, from the NHS Spine, and other health related apps/websites.
We may collect and process your Personal Data in a number of ways including through some of the following means:
We may also collect Personal Data automatically through some of the following means:
For initial account setup, as a minimum, you will need to provide us with your first name, surname, date of birth, postcode, mobile number, email address and select a password.
To sign up for the App in a pharmacy, with your consent, a pharmacy staff member will use your name, NHS number, date of birth and mobile number to create an activation code that is sent to you via SMS communication. The pharmacy may already have these details on file in their pharmacy software system.
MedAdvisor may collect information about your prescribed medications, including details of the medication prescribed and/or dispensed, dates dispensed, and any repeat dosages left. MedAdvisor may also collect information such as title, gender and full address, as this information is included with prescriptions.
MedAdvisor may also collect information that you:
In addition to the types of Personal Data identified above, we may from time to time collect Personal Data as otherwise permitted or required by law.
MedAdvisor only processes Personal Data for purposes that are considered necessary and relevant in the circumstances. MedAdvisor will only collect information that is necessary for the purposes as described in this Privacy Policy, or other purposes specifically communicated to you. MedAdvisor collects Personal Data in accordance with the DPA18 and GDPR.
MedAdvisor also collects, holds, uses and discloses your Personal Data, with your consent, to:
We may share and disclose only your relevant Personal Data to our employees, professional advisors or contractors to help us run our business and in connection with the purposes specified in the 'Our purposes for handling your Personal Data ' section of this this Privacy Policy. Each of our employees, advisors and contractors is bound by obligations of confidentiality and by the terms of this Privacy Policy.
We may also use, share or disclose your Personal Data:
As the GDPR permits, we may also use your Personal Data in an anonymised form (anonymisation being a process by which a collection of Personal Data is irreversibly altered to remove or obscure personal identifiers and Personal Data) to assist us in running and improving our business. We may also provide further anonymised Personal Data drawn from the App in aggregated form, to third parties. This information may include (but is not limited to):
(a) locations of users
(b) dispense records of prescriptions dispensed/not dispensed, and prescription dispensing behaviour and patterns that App users have been prescribed by their medical professional, and
(c) functions accessed by users including analytics of use of the App.
When referring to the use of 'aggregate data', this means the aggregate of data composed of at least 10 or more individuals’ records.
When your Personal Data is included in anonymised data, or anonymised aggregated data, it is not possible to identify you or anything about you from that data.
We may provide you with information such as tips, advice and warnings about your prescribed medications.
You may opt out at any time if you no longer wish to receive commercial messages generally or about any specific prescribed medication.
At any time, you may contact our Data Protection Officer via email at privacy@medadvisor.co.uk to make a subject access request for the Personal Data that we hold about you and/or to make corrections to your Personal Data.
You may request to have your Personal Data deleted by contacting our Data Protection Officer via email at privacy@medadvisor.co.uk or via the App, by navigating to Settings, selecting Help Options and choosing Contact Support. Subject to our legal obligations to retain copies, we will delete or anonymise your Personal Data.
MedAdvisor maintains appropriate physical, procedural, back-up and technical security for its offices and information storage facilities so as to prevent any misuse, interference or loss, or unauthorized access, disclosure, or modification of Personal Data. This also applies to disposal and/or anonymisation of Personal Data.
MedAdvisor will notify the applicable pharmacy if it becomes aware of any data breach and provide the pharmacy with full co-operation and assistance.
MedAdvisor further protects Personal Data by restricting access to Personal Data to those who strictly need access to do their job (for example, to respond to your queries or provide you or your pharmacist/pharmacy with support services in relation to the App).
We do not disclose, store or transmit any of your Personal Data outside of the UK or the European Economic Area (EEA), except as expressly disclosed in our Cookie Policy.
Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS Digital. NHS Digital is the controller for any personal information you provided to NHS Digital to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a “processor” only and we must act under the instructions provided by NHS Digital (as the “controller”) when verifying your identity. To see NHS Digital’s Privacy Notice and Terms and Conditions, please click here. This restriction does not apply to the personal information you provide to us separately.
Part 2 of our Privacy Policy describes how MedAdvisor handles data collected and stored for participating pharmacies, and the staff of those pharmacies.
Part 1 of our Privacy Policy applies equally to our handling of the Personal Data of pharmacists and other staff at participating pharmacies, and other individuals from whom we may collect Personal Data in the course of our business from time to time (such as our suppliers, job applicants and contractors), except for those passages in Part 1 that clearly relate only to patient users.
We may collect basic contact information of pharmacy staff in the course of providing the MedAdvisor Services to your pharmacy and its patients. Basic contact information may include the name, role, email address, postal address or phone numbers of pharmacy staff. Where requested, supply of such information is optional but can assist us in providing better support and training services to your pharmacy.
We will only use contact information of pharmacy staff for the purposes of providing the MedAdvisor Service to your pharmacy and patients, and in supporting and training on the use of MedAdvisor by your pharmacy staff. Personal Data may be disclosed to third parties used in conjunction with pharmacy relationship management (e.g., email, invoicing, service request management, etc.) or in other cases where consent has been given. This may involve disclosure, transmission and storage of Personal Data outside of the UK and EEA to regions including but not limited to Australia and the USA.
If you have any questions, concerns or complaints about this Privacy Policy, or how we handle your Personal Data please email our Data Protection Officer at: privacy@medadvisor.co.uk. Once a request has been lodged, the Data Protection Officer will respond within the period specified under the GDPR. If you are not satisfied with the response to any request for information or any complaint you may also lodge a complaint with the Information Commissioner at:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
Fax: 01625 524510
Changes
We reserve the right to change the terms of this Privacy Policy from time to time. We will use our best endeavours to notify users of the MedAdvisor Service when we make material changes to our Privacy Policy. This may include displaying a notification on our software through which we provide the MedAdvisor Service or via email notification. An up-to-date copy of our Privacy Policy is available at: www.mymedadvisor.co.uk/privacy.
This Privacy Policy was last updated on 21 June 2022.
6th Floor, Manfield House,
1 Southampton Street,
London, WC2R 0LR
United Kingdom
MedAdvisor Welam UK Limited is a limited company registered in England and Wales.
Registered number: 11292305.