Mon-Sat: 8:30am - 9:00pm118 Calais Road, Burton On Trent
Last Updated: April 2025
carltonpharmacy.com (our website) is provided by Carlton Pharmacy, a community pharmacy located at 118 Calais Road, Burton On Trent, DE13 0UW ("we", "our" or "us"). We are the controller of personal data obtained via our website, meaning we are the organisation legally responsible for deciding how and for what purposes it is used.
We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share any information relating to you (your personal data) in connection with your use of our website. It also explains your rights in relation to your personal data and how to contact us in the event you have a complaint.
We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR).
This privacy policy relates to your use of our website only.
When you interact with the website, certain information may be collected in order to operate the website and provide services effectively.
You may choose to provide personal information when completing forms, registering for services, contacting the pharmacy, or engaging with features on the website. This information may include your name, contact details, address, and other information that you voluntarily submit. Providing this information is optional, however some services may not be available if the required details are not supplied.
Certain technical information may be collected automatically when you visit the website. This can include your IP address, browser type, device information, operating system, access times, and the pages you view before or after visiting the website. This information helps us understand how the website is used and allows us to improve performance and user experience.
If you make purchases or pay for services through the website, payment details may be processed by external payment providers. We do not normally store full payment card information on our systems. Payment providers handle payment processing in accordance with their own privacy and security policies.
If the website is accessed from a mobile device, limited device information such as device type, model, and system information may be collected in order to ensure the website functions correctly.
In some circumstances, information may be received from third-party services where you have authorised such access. This may occur when connecting accounts or interacting with services provided through integrated platforms.
Under data protection law, we can only use your personal data if we have a proper reason, for example: where you have given consent; to comply with our legal and regulatory obligations; for the performance of a contract with you or to take steps at your request before entering into a contract; or for our legitimate interests or those of a third party.
A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests. Information collected through the website may be used for a variety of legitimate purposes, including:
Certain personal data we collect is treated as a special category to which additional protections apply under data protection law, including data concerning your health.
We may share information where it is necessary for operational, legal, or service-related purposes.
Information may be disclosed where required to comply with applicable laws, regulations, legal processes, or lawful requests by public authorities.
Certain third-party organisations may assist with services such as website hosting, payment processing, communications, analytics, or technical support. These providers may process information on our behalf under appropriate confidentiality and data protection obligations.
Where services are delivered in collaboration with trusted partners, limited information may be shared as necessary to provide those services.
Information may be shared where reasonably necessary to investigate fraud, enforce policies, protect users, or defend legal claims.
The website may operate using technology and infrastructure provided by PharmAppy Services Limited. In such cases, certain technical or operational data may be processed within systems operated by PharmAppy Services Limited in order to maintain platform functionality, security, and performance. PharmAppy Services Limited acts as a technology provider and processes information solely for the purpose of operating and supporting the platform.
The website may use cookies and similar technologies to improve functionality and user experience. Cookies are small data files stored on your device that allow websites to recognise returning users and understand how visitors interact with pages. These technologies may be used to:
Most web browsers allow cookies to be managed or disabled through browser settings. However, disabling cookies may affect certain features of the website.
The website may include links to websites operated by third parties. Once you leave the website, this Privacy Policy no longer applies. We are not responsible for the privacy practices or content of external websites. You should review the privacy policies of any third-party websites before submitting personal information.
Countries outside the UK have differing data protection laws, some of which may provide lower levels of protection of privacy. It is sometimes necessary for us to transfer your personal data to countries outside the UK. In those cases we will comply with applicable UK laws designed to ensure the privacy of your personal data.
Under data protection laws, we can only transfer your personal data to a country outside the UK where: the UK government has decided the particular country ensures an adequate level of protection of personal data; there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or a specific exception applies under relevant data protection law.
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine need to access it.
However, no internet-based system can guarantee absolute security. While we take appropriate precautions to protect information, transmission of data online carries inherent risks.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
You generally have the following rights, which you can usually exercise free of charge:
Requests relating to your personal information can be submitted using the contact details provided below.
Personal information will be retained only for as long as necessary to fulfil the purposes outlined in this policy, including meeting legal, regulatory, or operational requirements.
We may need to update this Privacy Policy from time to time. If the change is material, we will place a prominent notice on our website or update you by other appropriate means.
It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us.
If you have questions regarding this Privacy Policy or how your information is handled, please contact: