Privacy Policy

Privacy Policy

At Express Chemist, we value your privacy and are committed to protecting your personal data. This Privacy Policy outlines how we collect, use, store, and protect your information when you use our website and services.

1. Who We Are

Express Chemist is a registered UK-based online pharmacy. Our data protection practices comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller:
Express Chemist

2. What Information We Collect

We may collect and process the following types of personal data:

  • Identity Data: Name, date of birth, gender

  • Contact Data: Address, email, phone number

  • Health Information: Medical details (only when necessary for dispensing orders)

  • Transaction Data: Order details, payment information (processed via secure third-party providers)

  • Technical Data: IP address, browser type, operating system, and usage statistics

  • Marketing Preferences: Your preferences in receiving marketing from us

3. How We Use Your Information

We use your data to:

  • Process and dispatch your orders

  • Provide pharmaceutical advice and support

  • Manage your account and customer service queries

  • Comply with legal and regulatory obligations

  • Send marketing communications (only with your consent)

  • Improve website performance and customer experience

We will never sell your personal data to third parties.

4. Lawful Basis for Processing

We process your data under one or more of the following legal bases:

  • Contractual Necessity – to fulfill your order

  • Legal Obligation – to comply with pharmacy regulations

  • Legitimate Interests – to improve our service

  • Consent – for marketing and optional data collection

5. Sharing Your Information

Your data may be shared with:

  • Trusted third-party service providers (e.g. payment processors, couriers)

  • Regulatory or governmental bodies when required by law (e.g. GPhC, MHRA)

  • IT and system administration providers under strict confidentiality agreements

We ensure all partners uphold high standards of data protection.

6. International Transfers

If your data is transferred outside the UK or European Economic Area (EEA), we ensure it is protected using appropriate safeguards, such as Standard Contractual Clauses (SCCs).

7. How We Store and Protect Your Data

  • Your data is stored on secure servers within the UK or EEA.

  • Access is restricted to authorised personnel only.

  • We use encryption, firewalls, and secure payment gateways.

  • We retain your data only as long as necessary for the purpose it was collected.

8. Your Rights

You have the right to:

  • Access your personal data

  • Request correction or deletion

  • Object to or restrict processing

  • Withdraw consent at any time (where applicable)

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, contact us at [email protected]

9. Cookies

We use cookies to enhance your browsing experience. For more information, see our [Cookie Policy].

10. Changes to This Policy

We may update this Privacy Policy occasionally. Changes will be posted on this page with an updated “last updated” date.