Privacy Policy

Welcome to TribElle, an online pharmacy specialising in women's health. Your privacy is our top priority, and we are committed to protecting your personal and medical data. This Privacy Policy outlines how we collect, use, store, and protect your data, as well as your rights under UK GDPR (General Data Protection Regulation) and the Data Protection Act 2018.

TribElle's is regulated by the following Regulatory Bodies:

• General Pharmaceutical Council (GPhC)
• Medicines and Healthcare products Regulatory Agency (MHRA)
• Information Commissioner's Office (ICO) Registration Number

1. What Data We Collect

We collect different types of personal and health-related data to provide safe and effective healthcare services.

Personal Data

• Full Name
• Gender
• Date of Birth
• Email Address
• Phone Number
• Billing and Delivery Address
• Payment Information

Medical Data

• Health Conditions & Medical History
• Current Medications
• Prescription Information
• Online Consultation Responses
• Doctor's Notes & Assessments

Technical Data

• IP Address
• Account Log in details
• Browser Type & Device Information
• Website Usage Analytics

2. How We Collect Your Data

We collect your data in the following ways:

Directly from You:

• When you register on our website
• When you fill out medical forms for prescriptions
• When you contact customer support
• When you subscribe to newsletters

Automatically:

• Through cookies and tracking tools when you browse our website
• When you interact with our website (e.g., page visits, clicks, device type)

From Third Parties:

• Healthcare providers (e.g., GPs, prescribers)
• Payment processors (for secure transactions)

3. Why We Collect Your Data

We collect your data for the following reasons:

Purpose and Legal Basis (UK GDPR)

• Processing medication orders & prescriptions - Legal Obligation & Legitimate Interest
• Conducting online medical consultations - Legal Obligation & Legitimate Interest
• Providing healthcare advice & customer support - Legitimate Interest
• Processing payments & verifying identity - Contractual Necessity
• Complying with UK healthcare regulations - Legal Obligation
• Sending service updates & newsletters - Consent
• Improving website performance & user experience - Legitimate Interest

4. How We Use Your Data

• To provide healthcare services, including prescriptions and consultations
• To create/maintain your account after registration
• To ensure medication safety by reviewing prescription requests
• To respond to queries or complaints
• To process orders and payments securely
• To comply with UK healthcare laws
• To communicate important service updates
• To keep you informed of relevant services and updates
• To help resolve disputes
• To improve our website and services through analytics

We do NOT sell or rent your data to third-party advertisers.

5. Who We Share Your Data With

We only share your data when necessary for healthcare services or required by law.

Recipient and Reason for Sharing

• Pharmacist and Prescribers - To issue valid prescriptions
• Payment Processors - To process secure transactions
• Regulatory Bodies (GPhC, MHRA, NHS, ICO) - To comply with UK healthcare laws
• AgeChecked - For identity verification
• Delivery Couriers - To ship your medication orders
• IT & Security Providers - To maintain website security

We ensure that all third parties handle your data securely and comply with UK GDPR.

6. Data Storage & Security

We use strict security measures to protect your personal and medical data.

• Encrypted databases for storing medical records
• Access control (only authorised personnel can access sensitive data)
• Secure website (SSL encryption for safe transactions)
• Regular security audits to prevent data breaches

Data Retention:

We keep your data for as long as legally required under UK healthcare regulations.

• Prescription records are stored for at least 5 years (as required by law)
• After the retention period, data is securely deleted

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Right to Access – Request a copy of the data we hold about you
• Right to Rectification – Correct any inaccurate or incomplete data
• Right to Erasure ("Right to Be Forgotten") – Request deletion of your data (subject to legal requirements)
• Right to Restriction – Limit how we process your data in certain cases
• Right to Data Portability – Request your data in a machine-readable format
• Right to Object – Object to data processing for marketing purposes
• Right to Withdraw Consent – Opt-out of non-essential data processing at any time

To exercise your rights, email us at contact@TribElle.co.uk

8. Cookies & Tracking Technologies

Our website uses cookies to improve user experience.

Types of Cookies We Use:

• Essential Cookies – Required for website functionality
• Analytical Cookies – Track website performance (Google Analytics)
• Functional Cookies - Remember user preferences
• Marketing Cookies – Used for targeted advertising (only with your consent)

You can manage cookie preferences through your browser settings.

9. Data Breaches & Notification

If a data breach occurs, we will take immediate action to secure your data.

If your personal data is affected, we will notify you and the ICO within 72 hours.

10. Complaints & Contact Information

If you have any concerns about how we handle your data, you can contact us on contact@TribElle.co.uk

11. Updates to this Privacy Policy

We may update this Privacy Policy to reflect legal or service changes.

• Any changes will be posted on our website with an updated date
• Continued use of our services means you accept the revised policy