Apothelink

ApothelinkApothelinkApothelink

Apothelink

ApothelinkApothelinkApothelink

Privacy Policy

   

Apothelink Privacy Policy

Last updated: [January 2026]

Apothelink is committed to protecting privacy and handling personal data responsibly and transparently, in accordance with UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how personal data is handled when you use the Apothelink website and platform.


1. Who we are

Apothelink is a digital booking and coordination platform designed to support referrals and appointments between GP practices and community pharmacies.

For the purposes of UK data protection law, Apothelink acts as a data controller in relation to the limited personal data it processes.

Contact email: info@apotheplanner.co.uk


2. Patient data and clinical information

Apothelink is designed using strict data minimisation principles.

  • No      patient clinical data is stored, processed, or transmitted through the      Apothelink platform 
  • Apothelink      does not store patient names, dates of birth, NHS numbers,      diagnoses, or consultation details 
  • Apothelink      does not act as a clinical system or patient record 

Instead, Apothelink uses unique, non-identifiable reference codes to support booking coordination. These codes allow GP practices and community pharmacies to link appointments to records held within their existing NHS systems (such as PharmOutcomes), where clinical data is stored and managed.

All clinical records remain the responsibility of the relevant GP practice or pharmacy and are processed within their established NHS information governance frameworks.


3. Personal data we may collect

Apothelink may collect and process limited personal data relating to website visitors and platform users.

Website and contact data

  • Name      
  • Organisation      
  • Role      
  • Email address 
  • Any information you choose to include when contacting us 

This data is collected when you submit a contact form, request a demo, or communicate with us by email.

Platform user data

For authorised platform users (e.g. GP practices or community pharmacies), we may process:

  • Name      
  • Work email address 
  • Organisation name 
  • User role and access permissions 

This data is used solely to manage platform access and security.


4. How we use personal data

We use personal data only where necessary and lawful, including to:

  • Respond to enquiries and demo requests 
  • Provide access to the Apothelink platform 
  • Communicate operational or service-related information 
  • Maintain platform security and access controls 
  • Improve the performance and usability of the service 

We do not use personal data for marketing purposes unless you have explicitly opted in.


5. Lawful basis for processing

Under UK GDPR, Apothelink relies on the following lawful bases:

  • Legitimate interests – to operate, secure, and improve the platform 
  • Consent – where you choose to contact us or opt in to communications 
  • Legal obligation – where required to comply with applicable law 


6. Data sharing

Apothelink does not sell or trade personal data.

We may share limited personal data with trusted service providers who support the operation of the platform (for example, hosting, email, or technical support services). These providers act as data processors on our instructions and are subject to appropriate contractual and data protection safeguards.

Where personal data is processed outside the UK, appropriate safeguards are in place in accordance with UK GDPR, such as standard contractual clauses or equivalent protections.

No patient data is shared because patient data is not held within the Apothelink platform.


7. Data security

Apothelink implements appropriate technical and organisational measures to protect personal data, including:

  • Secure hosting environments 
  • Role-based access controls 
  • Authentication and permission management 
  • Regular review of user access 

These measures are designed to protect the confidentiality, integrity, and availability of the data we process.


8. Data retention

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, including operational, legal, or regulatory requirements.

When data is no longer required, it is securely deleted.


9. Your data protection rights

Under UK GDPR, you have the right to:

  • Access      the personal data we hold about you 
  • Request      correction of inaccurate data 
  • Request      erasure of your data (where applicable) 
  • Object      to or restrict processing 
  • Withdraw      consent where processing is based on consent 

Requests can be made by contacting us using the details above.


10. Cookies

Apothelink’s website may use essential cookies required for basic functionality and performance. We do not use cookies to collect unnecessary personal data or track individuals for marketing purposes.

Further information will be provided where applicable.


11. Changes to this policy

This Privacy Policy may be updated from time to time to reflect changes in legislation or the operation of the platform. The most current version will always be available on our website.


12. Contact us

If you have any questions about this Privacy Policy or how personal data is handled, please contact:

Email: info@apotheplanner.co.uk


  • Privacy Policy
  • Terms and Conditions

Apothelink

Copyright © 2026 Apothelink - All Rights Reserved.

Powered by

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept