Privacy Policy Privacy & Cookie Policy


Last Updated 28th September 2020 is operated by Allcures PLC (we or us), a UK company with registered address at 213 St Johns Street, London, EC1V 4LY. We are the data controllers for After reading this policy, should you have any questions please email, setting the email title as GDPR Information.


This policy covers the working of and any information gathered from or in relation to, including, but not limited to, the placing of orders, the processing of card transactions, email marketing and the processing of prescriptions. This policy describes how we collect, process, use and share data collected for It will also outline your rights in relations to the uses of your data. is a registered UK pharmacy and is subject to regulation by the General Pharmaceutical Council (GPhC). You can view our registration here: has also been issued a digital security certificate by Go Daddy that verifies an encrypted channel for processing your data is in place.

For clarity, personal information in this policy will refer information relating to any identifiable person.


The information we collect – Volunteered Information

When registering for or placing and order on, we will ask you to volunteer a range of information, some of which is stored on and  some of which is stored with third party partners. You can see a breakdown of this information below:



Collected Via


Customer Name, Address

Needed to deliver order to correct individual

Customer email address & telephone number

Used to communicate between customer care/pharmacist and customer

Credit Card Numbers


To process payment

Credit Card Numbers (fraud checks)

Email (deleted once completed)

When there is a reason to suspect the genuineness of the order, we may ask for a photograph of the customer holding the card used for payment. We insist that they only show the last four numbers.

Customer name & addresses (fraud Check)

Email (deleted once completed)

When there is a reason to suspect the genuineness of the order, we may ask for a photograph of a utility bill with the customer's name going to the delivery address

Customer Order History

To help the customer make repeat orders & to monitor the customer's order history for any medical interventions

Customer medical information

To help the pharmacist make informed decisions about the suitability of the item purchased

Customer Date of Birth, Height, Weight, Gender

To help the pharmacist make informed decisions about the suitability of the item purchased


We collect this information to help us provide our products and services. While not all of these are collected in every instance, they do help us provide our services in as efficient manner as possible while meeting our legal responsibilities.

When we collect any information that does not identify you as a specific natural person (Non personal information) we are permitted to use and disclose this information for any purpose, notwithstanding anything to the contrary in this policy, except where we are required to do otherwise by law.


The Information We Collect – Automatically Collected Information

By visiting, registering and placing orders with, we automatically collect information from your device as well as from other third parties. This information includes both personal and non-personal information. This can be technical information about your device (IP address, Operating System, Browser), what you do on our website (what page you landed on, which pages you visit) as well as information relating to your transactions (was your card issued in the UK, is your address considered high risk, does the address information you provided match the details the card is registered to).

We collect this information through the following means:

Cookies and Tracking Technologies:

Cookies are small bits of information that are stored on your device that allow us to identify it. This allows us to do things like remember who you are when you visit the website a second time after registering or track your process through our website to try and identify issues so we can improve our messages. The aim of this is to improve our service and make the website more user friendly.


3rd Man Results:

All card transactions are processed through Sagepay, one of the largest online payment gateways. One of the services they provide is the 3rd Man fraud checking system. This will give us a general score relating to the risk on the order. It will also give us a breakdown of how it came to this score including whether the address given when placing the order matched the address registered on the card, whether the card was issued in the domestic country, whether the card/address/telephone number is on a high risk list as well as other information that will allow us to make a judgement on whether to proceed with the order


If the order is considered high risk, we might ask for additional information such as a photograph of the card used to make the transaction (only showing the last 4 numbers) or a utility bill for the delivery address (See The information We Collect – Volunteered Information) to try to establish the veracity of the order.


How We Use This Information

The information we collect is necessary to fulfil our services as well as to ensure we meet our legal obligations with regards to those services. We also collect information  to analyse and improve our platform going forward.  


Improving the Website and Personalising Content:

We use cookies and other tracking technologies to identify you when you visit our website. This allows us to recognise you on our website, providing faster access to your information.. It will also allow us to provide you with advertising content on third party sites that is personalised to you. We can also use this tracking information to spot bottlenecks and other areas where we can improve the flow of our website and improve your customer experience.


Making Informed Decisions:

As part of our legal obligations, we need to collect information from you so our pharmacist can judge whether the item you ordered is safe for use. This information may include your gender, age, BMI and information on any underlying medical conditions.  This information, along with your order history, are used by the pharmacist to decide as to the suitability of the item.  If following a review, the item is deemed unsuitable , the order will be cancelled, and monies returned to you.



As mentioned previously, we use cookies and other tracking information to allow us to provide you with personalised adverts on third party websites. We may also use your browsing and order history to provide you with target emails with custom offers. It will be possible to deregister from these via the email or from your customer account.


Customer service

Occasionally we may need to contact you if there is a query with your order.  We would use the contact details provided, email or phone number, that you provided.


How We Share Your Data

Marketing and Development

As part of our ongoing effort to improve the service we offer, we allow third party marketing and development companies access to our data. They help us deliver our services and run our business. They are all subject to strict data management agreements as well as the Europe-wide GDPR regulations.



To ensure orders placed on our website are delivered to the correct address, we will pass your details on to a third party courier company such as Royal Mail or DPD to complete your order. These details may include information such as your name, address and telephone number. If the delivery address is outside the UK, these details may be passed to a local courier company that partners with our courier to ensure your order is delivered to you.



Should you nominate Allcures as your designated pharmacy, your prescription will be delivered electronically to our pharmacy and the information within will be stored there. If you have a paper prescription, you will need to send this to our Head Office whereupon it will be handed to the pharmacy. All information pertaining to the prescription will be stored on an encrypted Patient Medical Record (PMR system) only accessible by pharmacy staff and the developers of the PMR. The only information stored on will be record of the order and delivery charge.

Private Prescriptions

You may be asked to choose the item you want when you place your order for a private prescription, and this information would be stored on You will also need to send your prescription to Head Office whereupon it will be dealt with like NHS prescriptions detailed above



We may be contacted by other NHS bodies, such as hospitals, asking for relevant details about the items you have ordered from us. In cases such as these, we will pass these details on to them so that they can make medically sound decisions.


Sale of Data to Other Companies

We will never sell your data to other companies. However, as part of the sale or restructuring of Allcures PLC, your data may be transferred to another company subject to that company and its affiliates agreeing to the commitments made in this policy.



As part of our legal obligations as members of the GPhC, we may be obliged to share your data with various legal authorities. Where possible, we will endeavour to let you know where this is the case but this may not always be possible.


By registering and placing orders with, you agree for us to use the data we collect in the ways outlined above. Should we need to use your data in any other way, we would need to notify you either directly or via a message on that the privacy policy has been updated.


We will also give options to withdraw/add your consent to various services such as email marketing.


Cookies and other Tracking Technology

We use cookies to improve your customer experience as well as get anonymised Google Analytics reports about the usage of our website. This information will include data about your device, including its operating system and the browser you are using. It will allow us to see what web pages are being visited and the general flow of traffic across our website. We use this information to troubleshoot and improve our website. We may also use cookies to allow third party website to provide targeted advertising for you.


We do not currently give you the ability to manage these cookies individually, but you can use your browser to delete any cookies you currently have stored. If you are not sure how to do this, you can search “how to delete cookies in….” in Google before entering the browser you are using.


Other Information

Your Rights

You have a right to access/correct/delete/restrict any personal data held . You can do this by emailing with the title GDPR Information. You can also request us to restrict the processing of your data or ask for portability for this data, however, this is subject to our legal obligations as members of the GPhC and as a registered Pharmacy in the United Kingdom.


You will have the right to opt out of email marketing either by clicking on the unsubscribe link on the email or by removing your consent from your account on


You can withdraw your consent for the processing of your data at any point by emailing Withdrawing your consent does not affect the lawfulness of any previous processing carried out prior to the withdraw of consent. This is also subject to our legal obligations as members of the GPhC.


You have the right to complain to the Information Commissioner’s office ( if you are in the UK. If you outside of the UK you can make a complaint to your local data protection authority.


How Long Do We Keep Your Information

We will keep your information for as long as we need to ensure our legal obligations are fulfilled.

Retention periods can vary significantly but these will be based on legal requirements and contract requirements.

When we no longer need to use your personal data and there is no need for us to keep it to comply with our legal and regulatory we will either remove it from our systems or depersonalise it so you cannot be identified.


Safeguards employs digital, physical, and managerial systems to help protect your data. However, no system is fool proof and should there be a security breach involving your information we will notify you.


Additionally, you can help protect your data by ensuring you delete cookies from any shared PC or device nice you have finished using. 



We do not collect information of children under the age of 13. For those between the ages of 13 and 18, we will ask that you are being supervised by a responsible adult before you can register. If you become aware that a child under the age of 13 has provided us with personal data then please contact us immediately and we will do our best to remove it in accordance with our legal obligations.

If we become aware that a child under the age of 13 has provided us with personal data, we will take the necessary action in accordance with our legal obligations.



We may update the privacy policy from time to time by posting an updated version to the website. Should the revisions be minor, this will become active immediately. If we make a change that reduces your rights or increases your responsibilities, we will notify you via email and via a notice on the website. This will be done prior to the changes coming into effect. We encourage you to check the Privacy Policy from time to time to make sure you are abreast of the latest version of the policy.