Privacy Policy

Our website address is https://www.highfieldpharmacyclinic.co.uk.

Highfield Pharmacy St Albans is a community pharmacy based at 3 Loyd Court, 63 Russet Drive, Highfield Park, St Albans, AL4 0AZ. We provide NHS pharmacy services and selected private healthcare services, including travel health, vaccinations, appointment booking, and related pharmacy support.

For privacy enquiries, you can contact us by telephone on 01727 582019 or email info@highfieldpharmacyclinic.co.uk.

We may collect personal information that you provide directly to us, including your name, email address, mobile number, appointment details, prescription-related information, travel destination, selected vaccine, account details, and messages submitted through website forms.

Where you use healthcare services, we may also collect relevant clinical information such as medical history, allergies, current medicines, vaccination history, consultation notes, consent records, and other information needed to provide safe pharmacy care.

We may automatically collect technical information when you use our website, including IP address, browser type, device information, pages visited, approximate location information, and cookie identifiers.

If the website allows visitors to leave comments or submit forms, we collect the data shown in the comments or form fields, together with the visitor's IP address and browser user agent string to help with spam detection, security, and abuse prevention.

If a comment feature uses Gravatar, an anonymised string created from your email address, also known as a hash, may be provided to the Gravatar service to check whether you use it. The Gravatar privacy policy is available at https://automattic.com/privacy/.

After approval of a public comment, your profile picture may be visible to the public in the context of that comment. Healthcare appointment and enquiry form data is not treated as public comment data.

If you upload images, documents, or other media to our website, you should avoid uploading files that contain embedded location data such as EXIF GPS information.

Visitors to a public website may be able to download and extract location data from images if such information is embedded in the file. For healthcare or appointment submissions, only upload files that are relevant and safe to share with the pharmacy team.

We use cookies and similar technologies to operate the website, keep users signed in, remember preferences, support security, measure website performance, and improve the user experience.

If you leave a comment on our site, you may be able to opt in to saving your name, email address, and website in cookies. These are for convenience so you do not need to fill in your details again when leaving another comment. These cookies may last for up to one year.

If you visit our login page, we may set a temporary cookie to determine whether your browser accepts cookies. This cookie contains no personal data and is normally discarded when you close your browser.

When you log in, we may set cookies or secure session tokens to save your login information and session status. Login-related cookies may last for a limited period or until you log out, depending on the website settings and whether persistent login is enabled.

If the website includes admin or publishing features, an additional cookie may be saved when editing or publishing content. This cookie contains no personal data and simply indicates the content item that was edited. It usually expires after a short period.

Pages on this website may include embedded content from other websites, such as maps, videos, images, articles, booking widgets, payment tools, or social media content.

Embedded content behaves in the same way as if you visited the third-party website directly. These websites may collect data about you, use cookies, embed additional tracking, and monitor your interaction with that embedded content.

We are not responsible for the privacy practices of third-party websites. You should review the privacy policies of any third-party services you use.

We use your information to provide pharmacy services, manage appointments, process prescription-related requests, respond to enquiries, maintain clinical records, support account login, improve our website, and meet legal, regulatory, professional, NHS, and safety obligations.

We may use your contact details to send appointment confirmations, reminders, service updates, clinical follow-up messages, or important information relating to care you have requested.

We do not sell your personal information.

We may share information where necessary with healthcare professionals, NHS systems, service providers, booking or IT suppliers, payment processors, regulatory bodies, professional advisers, or law enforcement where legally required.

If you request a password reset, your IP address may be included in the reset email or security log.

Healthcare information is shared only where there is an appropriate legal, clinical, contractual, or safety reason to do so.

We retain personal data only for as long as necessary for the purpose it was collected, including to provide services, keep clinical records, meet legal obligations, resolve disputes, and maintain security.

If you leave a public comment, the comment and its metadata may be retained indefinitely so we can recognise and approve follow-up comments automatically rather than holding them in a moderation queue.

For users who register on our website, we store the personal information provided in the user profile. Users can usually see, edit, or delete certain personal information at any time, except where information must be retained for legal, healthcare, security, or administrative reasons.

Clinical and pharmacy records may need to be retained for periods required by NHS rules, professional standards, pharmacy law, medicines legislation, insurance requirements, and UK healthcare guidance.

Under UK data protection law, you may have rights to access your personal data, request correction, request deletion, restrict processing, object to processing, request data portability, and complain to the Information Commissioner's Office.

If you have an account on this site, have submitted forms, or have used our services, you can request a copy of the personal data we hold about you, including data you have provided to us.

You can also request that we erase personal data we hold about you. This does not include data we are required to keep for administrative, legal, clinical, regulatory, professional, security, or public health purposes.

Visitor comments and form submissions may be checked through automated spam detection, security, or fraud-prevention services.

Some website, booking, analytics, email, hosting, or IT service providers may process data outside the UK. Where this happens, we aim to ensure appropriate safeguards are in place in accordance with UK data protection law.

We use reasonable technical and organisational measures to protect personal information against unauthorised access, loss, misuse, alteration, or disclosure.

No website or online transmission can be guaranteed to be completely secure. Please take care when sharing sensitive information online and contact us directly if you have concerns about submitting information through the website.

We may update this Privacy Policy from time to time to reflect changes in our website, services, legal requirements, or data protection practices.

The most current version will be published on this page with the date of last update. Continued use of the website or services after changes are published means you acknowledge the updated policy.