Download The App
Download The App

MedAdvisor UK Privacy Policy

MedAdvisor's approach to protecting personal data

MedAdvisor Welam UK Limited (MedAdvisor, we, us, our) is committed to processing your Personal Data in accordance with the written instructions obtained from customers and strictly in compliance with all relevant Data Protection Legislation, which may change from time to time, but currently includes the Data Protection Act 2018 and the provisions of the General Data Protection Regulations.

Personal Data is any information which is related to an identified or identifiable natural person.

Please take a moment to read our Privacy Policy as it describes what happens to your Personal Data, which is collected and/or processed by the information technology platform, here termed the MedAdvisor Service or Service or App and/or on occasion sub-processed as necessarily required.

The MedAdvisor Service is defined as any software offered by MedAdvisor and accessed by consumers (consumers, patients or users) or pharmacy staff via Apple iOS Apps, Android Apps, in web format at www.mymedadvisor.co.uk/privacy or via software installed in pharmacies, and any other software or documentation which supports the Service. Our Privacy Policy is divided into three parts:

  • Part 1: MedAdvisor consumer users
  • Part 2: Pharmacy Users
  • Part 3: Resolving Personal Data concerns

Part 1 – MedAdvisor Consumer Users


Part 1 of our Privacy Policy describes how MedAdvisor handles the Personal Data of consumers who use the App and also covers the handling/processing of the Personal Data of consumers who access the App via the MedAdvisor Carer Mode.

In Part 1, 'you' refers mainly to consumer users of the App. Where appropriate, 'you' also refers to caregivers of consumer users where those caregivers are also registered with the App.

Collection of your Personal Data

MedAdvisor will collect and hold your Personal Data strictly within the regulations permitted and only for as long as the Personal Data has been authorised and is required. Where it is necessary and reasonably practical to do so, we will collect your Personal Data directly from you. However, when duly authorised we may also collect Personal Data from third parties such as pharmacies participating in the App or using MedAdvisor Services and, with your consent, from the NHS Spine, and other health related apps/websites.

We may collect and process your Personal Data in a number of ways including through some of the following means:

  • when completing the registration process for the App and other related correspondence (whether in writing or electronically), including where caregivers provide their own information or information of those they care for;
  • via our website and apps;
  • via any pharmacy using MedAdvisor Services that you deal with (the types of Personal Data we collect from such pharmacies is further outlined in the "Types of Personal Data we collect" section below);
  • in the course of supporting you;
  • when administering any of our services; and
  • as otherwise required to support, or provide, the App or MedAdvisor Service.

We may also collect Personal Data automatically through some of the following means:

  • we may receive your location data passed to us from third-party services or other GPS-enabled devices that you have set up;
  • we may also collect information about how you use the Service to enable us to assist you with more tailored services, and to enable us to also develop and improve our services;
  • we may also collect information from the devices and networks that you use to access the App to help us develop and further secure our services; and
  • we may use ‘cookies’ to store and sometimes track information about you in accordance with our Cookie Policy (available at https://www.mymedadvisor.co.uk/cookiepolicy). 

Types of Personal Data we collect

For initial account setup, as a minimum, you will need to provide us with your first name, surname, date of birth, postcode, mobile number, email address and select a password.

To sign up for the App in a pharmacy, with your consent, a pharmacy staff member will use your name, NHS number, date of birth and mobile number to create an activation code that is sent to you via SMS communication. The pharmacy may already have these details on file in their pharmacy software system.

MedAdvisor may collect information about your prescribed medications, including details of the medication prescribed and/or dispensed, dates dispensed, and any repeat dosages left. MedAdvisor may also collect information such as title, gender and full address, as this information is included with prescriptions.

MedAdvisor may also collect information that you:

  • choose to enter into the App, for example, in the optional health and medical profile on the App if you choose to complete the profile, or notes you may keep about each medication; and
  • link/s to or associated other health related apps/websites with your App account.

In addition to the types of Personal Data identified above, we may from time to time collect Personal Data as otherwise permitted or required by law.

Our purposes for handling your Personal Data

MedAdvisor only processes Personal Data for purposes that are considered necessary and relevant in the circumstances. MedAdvisor will only collect information that is necessary for the purposes as described in this Privacy Policy, or other purposes specifically communicated to you. MedAdvisor collects Personal Data in accordance with the DPA18 and GDPR.

MedAdvisor also collects, holds, uses and discloses your Personal Data, with your consent, to:

  • provide the App to you;
  • enable access to and share your Personal Data with your nominated pharmacy for the purpose of assisting you in managing your App account and managing your medication use (also see the "Use and disclosure of your Personal Data" and "Value Added Messages" sections below);
  • share your Personal Data stored on the App with any nominated medical practitioner or other health professional involved in your care;
  • enable optional access by a caregiver to the Service (where you have authorised a caregiver via the MedAdvisor Carer Mode Consent Form);
  • assist you with a support query in connection with the App;
  • comply with its legal and regulatory obligations;
  • otherwise to run our business, including business development activities; and
  • contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.

Use and disclosure of your Personal Data

We may share and disclose only your relevant Personal Data to our employees, professional advisors or contractors to help us run our business and in connection with the purposes specified in the 'Our purposes for handling your Personal Data ' section of this this Privacy Policy. Each of our employees, advisors and contractors is bound by obligations of confidentiality and by the terms of this Privacy Policy.

We may also use, share or disclose your Personal Data:

  • for the purposes for which we collected it;
  • for other purposes to which you have consented; and
  • as otherwise authorised or required by law.

Anonymised Personal Data

As the GDPR permits, we may also use your Personal Data in an anonymised form (anonymisation being a process by which a collection of Personal Data is irreversibly altered to remove or obscure personal identifiers and Personal Data) to assist us in running and improving our business. We may also provide further anonymised Personal Data drawn from the App in aggregated form, to third parties. This information may include (but is not limited to):

(a) locations of users
(b) dispense records of prescriptions dispensed/not dispensed, and prescription dispensing behaviour and patterns that App users have been prescribed by their medical professional, and
(c) functions accessed by users including analytics of use of the App.

When referring to the use of 'aggregate data', this means the aggregate of data composed of at least 10 or more individuals’ records.

When your Personal Data is included in anonymised data, or anonymised aggregated data, it is not possible to identify you or anything about you from that data.

Value-added messages

We may provide you with information such as tips, advice and warnings about your prescribed medications.

You may opt out at any time if you no longer wish to receive commercial messages generally or about any specific prescribed medication.

Accessing and correcting your Personal Data

At any time, you may contact our Data Protection Officer via email at privacy@medadvisor.co.uk to make a subject access request for the Personal Data that we hold about you and/or to make corrections to your Personal Data.

Deleting your Personal Data

You may request to have your Personal Data deleted by contacting our Data Protection Officer via email at privacy@medadvisor.co.uk or via the App, by navigating to Settings, selecting Help Options and choosing Contact Support. Subject to our legal obligations to retain copies, we will delete or anonymise your Personal Data.

Protection of Personal Data

MedAdvisor maintains appropriate physical, procedural, back-up and technical security for its offices and information storage facilities so as to prevent any misuse, interference or loss, or unauthorized access, disclosure, or modification of Personal Data. This also applies to disposal and/or anonymisation of Personal Data.

MedAdvisor will notify the applicable pharmacy if it becomes aware of any data breach and provide the pharmacy with full co-operation and assistance.

MedAdvisor further protects Personal Data by restricting access to Personal Data to those who strictly need access to do their job (for example, to respond to your queries or provide you or your pharmacist/pharmacy with support services in relation to the App).

Overseas transfers of Personal Data

We do not disclose, store or transmit any of your Personal Data outside of the UK or the European Economic Area (EEA), except as expressly disclosed in our Cookie Policy.

NHS login

Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS Digital. NHS Digital is the controller for any personal information you provided to NHS Digital to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a “processor” only and we must act under the instructions provided by NHS Digital (as the “controller”) when verifying your identity. To see NHS Digital’s Privacy Notice and Terms and Conditions, please click here. This restriction does not apply to the personal information you provide to us separately.

Part 2 – Pharmacy Users


Part 2 of our Privacy Policy describes how MedAdvisor handles data collected and stored for participating pharmacies, and the staff of those pharmacies.

Part 1 of our Privacy Policy applies equally to our handling of the Personal Data of pharmacists and other staff at participating pharmacies, and other individuals from whom we may collect Personal Data in the course of our business from time to time (such as our suppliers, job applicants and contractors), except for those passages in Part 1 that clearly relate only to patient users.

Collection of Personal Data of pharmacy staff

We may collect basic contact information of pharmacy staff in the course of providing the MedAdvisor Services to your pharmacy and its patients. Basic contact information may include the name, role, email address, postal address or phone numbers of pharmacy staff. Where requested, supply of such information is optional but can assist us in providing better support and training services to your pharmacy.

Use and disclosure of Personal Data of pharmacy staff

We will only use contact information of pharmacy staff for the purposes of providing the MedAdvisor Service to your pharmacy and patients, and in supporting and training on the use of MedAdvisor by your pharmacy staff. Personal Data may be disclosed to third parties used in conjunction with pharmacy relationship management (e.g., email, invoicing, service request management, etc.) or in other cases where consent has been given. This may involve disclosure, transmission and storage of Personal Data outside of the UK and EEA to regions including but not limited to Australia and the USA.

Part 3 - Resolving Personal Data concerns

If you have any questions, concerns or complaints about this Privacy Policy, or how we handle your Personal Data please email our Data Protection Officer at: privacy@medadvisor.co.uk. Once a request has been lodged, the Data Protection Officer will respond within the period specified under the GDPR. If you are not satisfied with the response to any request for information or any complaint you may also lodge a complaint with the Information Commissioner at:

Information Commissioner's Office
Wycliffe House
Water Lane

Telephone: 0303 123 1113
Fax: 01625 524510


We reserve the right to change the terms of this Privacy Policy from time to time. We will use our best endeavours to notify users of the MedAdvisor Service when we make material changes to our Privacy Policy. This may include displaying a notification on our software through which we provide the MedAdvisor Service or via email notification. An up-to-date copy of our Privacy Policy is available at: www.mymedadvisor.co.uk/privacy

This Privacy Policy was last updated on 21 June 2022.