Introduction

Staywell Kinsealy Pharmacy is committed to protecting the privacy and confidentiality of all personal data in

accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
This privacy policy outlines how we collect, store, and manage personal data, as well as the steps we take to
ensure its security and confidentiality.

1. Data Collection and Purpose

We collect and process personal data for the purpose of providing high-qualiy pharmacy services, including
but not limited to:
• Dispensing medicines and other pharmacy services
• Managing patient records and prescriptions
• Communication with patients regarding their medications and services
• Compliance with regulatory requirements (e.g., HSE, PSI)
Personal data collected may include the following:
• Patient Data: Name, address, contact details, medical history, prescription details, medication
history, etc.
• Financial Data: Billing information, payment history for prescriptions.
• Security Data: CCTV footage of the premises for security purposes.

2. Data Processing and Use
We process personal data only for the purposes specified above, ensuring that data is used in a way that is
fair, lawful, and transparent. Data processing activities may include:
• Managing prescriptions and patient care
• Sending reminders or health information relevant to the patient
• Conducting administrative tasks
• Ensuring compliance with legal obligations
We do not process data for purposes other than those outlined unless we obtain explicit consent.

3. Data Security and Access
We take all reasonable measures to protect personal data from unauthorised access, loss, or destruction.
This includes:
• Securing all patient and staff records, both physical and digital
• Encrypting sensitive data and using secure platforms for storing and transferring information
• Restricting access to personal data to authorised staff only
• Implementing security policies that require secure disposal of records when no longer needed

4. Data Retention
We retain personal data only for as long as necessary for the purposes outlined above and in compliance
with legal or regulatory requirements. When personal data is no longer needed, it will be securely disposed
of..

5. Data Sharing and Disclosure
We may share personal data with third parties in the following circumstances:
• Healthcare Providers: To ensure continuity of care (e.g., sharing patient information with prescribers
or hospitals).
• Regulatory Bodies: To comply with legal and regulatory obligations, including the HSE, PSI, and the
Data Protection Commissioner (DPC).
• External Service Providers: For tasks such as payroll processing or IT services, where these
providers are required to protect the data and comply with GDPR.
We will never sell or lease your personal data to third parties.

6. Your Rights
As a data subject, you have several rights under the GDPR, including:
• Right of Access: You may request access to the personal data we hold about you.
• Right to Rectification: You may request that we correct any inaccuracies in your personal data.
• Right to Erasure: You may request the deletion of your personal data, subject to legal exceptions.
• Right to Restrict Processing: You may request that we restrict the processing of your personal data
under certain conditions.