Our commitment to protecting patient information, handling data responsibly, and supporting your rights under UK data protection law.
Bessacarr Pharmacy is committed to processing personal information lawfully, fairly, transparently, and securely. We follow the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and relevant healthcare confidentiality requirements.
Personal data is information that can identify you. In a pharmacy setting, this may include your name, contact details, date of birth, address, NHS number, prescription information, consultation notes, medical history, medication details, and service enquiry information.
Health information is special category data and is handled with extra care because it is sensitive.
Depending on the situation, we may process your information because it is necessary for healthcare provision, legal obligations, legitimate interests, contract-related services, or your consent. Where consent is required, you can withdraw it at any time.
We use appropriate safeguards to protect personal information, including access controls, staff confidentiality, secure systems, and responsible record handling. We only allow access to personal information where it is needed for pharmacy work or legal/regulatory purposes.
We may share relevant information with NHS bodies, GP practices, prescribers, hospitals, care providers, payment providers, IT system suppliers, regulators, or other organisations where required for healthcare, safety, legal compliance, or service delivery.
We do not sell patient information.
Under UK data protection law, you may have the right to:
We keep records only for as long as needed for healthcare, legal, regulatory, insurance, and professional requirements. Pharmacy and clinical records may need to be retained for specific periods under NHS, legal, and professional guidance.
If you want to exercise your data rights or ask how your information is used, please contact Bessacarr Pharmacy using the details on this page.