Skip to content
  • GPhC Registered Pharmacy
  • Same-Day Appointments · Sheffield
  • Next-Day Delivery · England
  • Free On-Site Parking
  • Confidential Consultations
  • Ongoing Clinical Support

Legal & regulatory

Privacy Policy

Last updated: 27 May 2026

This Privacy Policy explains how Belgrave PharmHealth Ltd (“Belgrave PharmHealth”, “we”, “us”) collects, uses, shares and protects your personal information when you use our website, visit our clinic or use our online pharmacy services. We are committed to protecting your privacy and handling your data in line with the UK GDPR and the Data Protection Act 2018.

Who we are

Belgrave PharmHealth is a GPhC-registered pharmacy at Belgrave PharmHealth | 20 Asline Road | Sheffield | S2 4UJ. We are the “data controller” for the personal information we hold about you. Our data protection registration with the Information Commissioner’s Office (ICO) is ZA000000. If you have any questions about this policy or your data, contact us at hello@belgravepharmhealth.co.uk or 0114 358 1973.

What information we collect

  • Identity and contact details — name, date of birth, address, email and phone number.
  • Health information — the details you give during a consultation, your medical history, current medicines, allergies and the treatment you receive. This is “special category” data and is given extra protection.
  • Consultation and prescription records — the clinical decisions made and treatment supplied.
  • Payment information — processed securely by our payment provider; we do not store full card details.
  • Website and technical data — IP address, device and browser information, and (with your consent) analytics about how you use the site. See our Cookie Policy.

How and why we use your information

We use your information to provide safe, appropriate pharmacy and healthcare services, including to:

  • Carry out clinical consultations and decide whether treatment is suitable for you.
  • Dispense, prepare and deliver medicines and provide vaccinations.
  • Keep accurate clinical and dispensing records as required of a registered pharmacy.
  • Contact you about your appointment, treatment or order, and provide follow-up care.
  • Take payment and prevent fraud.
  • Meet our legal, professional and regulatory obligations.

Our lawful basis

Under UK GDPR we rely on the following lawful bases:

  • Contract (Article 6(1)(b)) — to provide the services you request.
  • Legal obligation (Article 6(1)(c)) — to meet record-keeping and regulatory duties.
  • Legitimate interests (Article 6(1)(f)) — to run and improve our services safely.
  • Consent (Article 6(1)(a)) — for optional analytics cookies and marketing, where given.

For health information we additionally rely on Article 9(2)(h) — the provision of health or social care and treatment by, or under the responsibility of, a health professional.

Who we share your information with

We only share your information where necessary and lawful. This may include:

  • Our prescribers and clinical team involved in your care.
  • Delivery couriers, to dispatch your order (limited to what is needed for delivery).
  • Your GP, where you ask us to or where it is clinically important for your safety.
  • Our secure IT, payment and dispensing service providers, under data processing agreements.
  • Regulators such as the GPhC, CQC, NHS or MHRA, where we are required to.

We never sell your personal information, and we never confirm or deny whether someone is a patient to third parties.

How long we keep your information

We keep clinical and pharmacy records for the period required by law and professional guidance, after which they are securely destroyed. Retention periods vary by record type; we will tell you more on request.

Keeping your information secure

We use appropriate technical and organisational measures to protect your data, including access controls, encryption in transit and staff confidentiality obligations. Any payments are handled by PCI-DSS-compliant providers.

International transfers

We aim to keep your data within the UK. Where any provider processes data outside the UK, we ensure appropriate safeguards (such as an adequacy decision or standard contractual clauses) are in place.

Your rights

Under UK GDPR you have the right to: access your data; ask us to correct it; ask us to erase it (subject to our legal duty to retain clinical records); restrict or object to processing; data portability; and to withdraw consent at any time. To exercise any of these, contact hello@belgravepharmhealth.co.uk.

Children

Some services are provided to children with appropriate consent. We only collect the information needed to provide care safely.

Complaints

If you are unhappy with how we handle your data, please contact us first using our complaints procedure. You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk or on 0303 123 1113.

Changes to this policy

We may update this policy from time to time. The “last updated” date above shows when it was last revised.