Last updated: 21/01/2026

SwiftDoctor Ltd (“we”, “us”, or “our”) is committed to protecting your privacy and handling your personal data lawfully, fairly, and transparently. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website https://swift-doctor.com, our services, or interact with us in any way.

We are a UK-registered, GPhC-regulated online pharmacy and healthcare provider. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable laws.

Who we are

Data Controller: SwiftDoctor Ltd

Registered Pharmacy Address: Unit 20, Appleton Court, Wakefield, WF2 7AR

Trading Address: Unit 20, Appleton Court, Wakefield, WF2 7AR

Telephone: 01924 654100

Email: support@swift-doctor.com

What personal data we collect

We may collect and process the following categories of personal data depending on how you use our services:

Identity and contact information such as your name, date of birth, address, email address, and telephone number.

Health and medical information including questionnaire responses, consultation notes, prescribing history, medication use, photographs submitted for clinical assessment, and information required to assess suitability for treatment.

Account and transaction data including login details, order history, payments, delivery information, and correspondence with us.

Technical data such as IP address, browser type, device information, operating system, and usage data collected via cookies and similar technologies.

Communications data including emails, messages, WhatsApp conversations, and call records where relevant to your care or customer support.

How we use your personal data

We only use your personal data where there is a lawful basis to do so. This includes:

Providing safe, appropriate, and regulated healthcare services, including clinical assessment, prescribing, dispensing, and follow-up.

Managing your account, orders, payments, and deliveries.

Complying with legal, regulatory, and professional obligations, including GPhC, CQC, and MHRA requirements.

Communicating with you about your treatment, orders, safety information, reminders, and service updates.

Improving our website, services, and user experience through analytics and feedback.

Preventing fraud, ensuring security, and maintaining audit trails.

Lawful bases for processing

Under UK GDPR, we rely on one or more of the following lawful bases:

Performance of a contract where processing is necessary to provide healthcare services or fulfil orders.

Legal obligation where we must comply with regulatory or legal requirements.

Vital interests where processing is necessary to protect your health or safety.

Public interest in the provision of healthcare services.

Consent, where explicitly required, such as for marketing communications.

Processing of health data

Health data is classified as special category data. We process this information only where necessary for medical purposes, under the responsibility of qualified healthcare professionals, and in accordance with UK GDPR Article 9 and healthcare regulations.

Who we share your data with

We only share your data where necessary and appropriate, including with:

Registered prescribers, pharmacists, and clinicians involved in your care.

Regulatory bodies such as the GPhC, CQC, MHRA, or NHS authorities where legally required.

Trusted service providers who support our operations, such as payment processors, delivery partners, IT providers, and clinical software platforms.

Professional advisers, insurers, or legal authorities where required by law.

All third parties are required to keep your data secure and use it only for the agreed purpose.

Data storage and security

We store personal data securely using appropriate technical and organisational measures. Access to data is restricted to authorised personnel only. We retain data only for as long as necessary to meet clinical, legal, and regulatory requirements. Medical records are retained in line with professional and statutory retention periods.

International data transfers

Where data is transferred outside the UK, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses, to protect your personal data.

Your rights

You have the right to:

Access the personal data we hold about you.

Request correction of inaccurate or incomplete data.

Request erasure of your data where legally permitted.

Restrict or object to certain processing activities.

Request data portability where applicable.

Withdraw consent at any time where processing is based on consent.

To exercise your rights, please contact us using the details above. We may need to verify your identity before responding.

Cookies

We use cookies and similar technologies to operate and improve our website. For detailed information on how cookies are used and how you can control them, please see our Cookie Policy.

Marketing communications

We may contact you with service-related messages as part of your care or account management. Marketing communications will only be sent where you have consented, and you can opt out at any time by following the unsubscribe instructions or contacting us directly.

Complaints

If you have concerns about how your data is handled, please contact us first so we can resolve the issue. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK data protection authority.

Changes to this policy

We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated revision date. Continued use of our services after changes are made constitutes acceptance of the updated policy.