Privacy Policy

1. Introduction

Complete Care Pharmacy is committed to protecting and respecting personal data in accordance with the General Data Protection Regulation (“GDPR”), the Data Protection Act 2018, applicable Irish healthcare confidentiality obligations, and related data protection legislation.

This Privacy Policy explains how personal data may be collected, used, stored, disclosed, and otherwise processed through this website, pharmacy services, healthcare-related enquiries, booking systems, ecommerce functionality, communications, and associated services.

This policy should be read alongside our Cookie Policy.

2. Data Controller

Complete Care Pharmacy acts as the data controller in respect of personal data processed through this website and associated services.

For data protection enquiries, contact:

Complete Care Pharmacy
Email: managercl@completecarepharmacy.ie

3. Categories of Personal Data Collected

Depending on how individuals interact with the website or associated services, Complete Care Pharmacy may process:

  • name;
  • email address;
  • telephone number;
  • account registration details;
  • billing and transaction information;
  • booking and appointment information;
  • communications and enquiry details;
  • healthcare-related enquiry information;
  • newsletter subscription information;
  • order and purchase history relating to permitted retail products and services;
  • technical and device information;
  • IP address and cookie-related information.

Complete Care Pharmacy seeks to ensure that personal data collected is adequate, relevant, and limited to what is necessary for the purposes for which it is processed, in accordance with the principle of data minimisation.

4. Special Category Data

Certain interactions with the pharmacy may involve health-related information, which constitutes special category personal data under Article 9 GDPR.

Where health-related information is processed, appropriate safeguards and confidentiality measures are applied in accordance with applicable legal, regulatory, and professional obligations.

Prescription submissions from healthcare professionals are accepted exclusively through secure Healthmail channels.

This website does not facilitate:

  • the online sale of prescription medicines;
  • the online sale of over-the-counter medicines;
  • the online sale or shipment of regulated drugs;
  • payment processing for prescription medications.

5. Purposes of Processing

Personal data may be processed for purposes including:

  • responding to enquiries;
  • facilitating pharmacy-related communications;
  • responding to travel vaccination or healthcare-related enquiries;
  • managing healthcare consultation or vaccination bookings;
  • administering customer or patient accounts;
  • processing permitted retail purchases;
  • facilitating secure payment processing;
  • sending newsletters or marketing communications where consent has been provided;
  • maintaining website functionality and security;
  • fraud prevention and service integrity;
  • complying with legal and regulatory obligations.

Personal data is not processed in a manner incompatible with these purposes, in accordance with the principle of purpose limitation.

6. Legal Bases for Processing

Personal data is processed in accordance with Article 6 GDPR and, where applicable, Article 9 GDPR.

Depending on the circumstances, processing may be necessary for one or more of the following legal bases:

Contractual Necessity

Processing may be necessary:

  • to provide requested services;
  • to manage bookings or purchases;
  • to respond to service requests or enquiries.

Consent

Processing may occur on the basis of consent where individuals:

  • subscribe to newsletters;
  • consent to non-essential cookies;
  • request marketing communications.

Consent may be withdrawn at any time.

Legal Obligation

Processing may be necessary to comply with:

  • Irish pharmacy obligations;
  • taxation and accounting requirements;
  • regulatory obligations;
  • healthcare and professional obligations.

Legitimate Interests

Processing may be necessary for legitimate interests including:

  • website administration;
  • fraud prevention;
  • network and information security;
  • service improvement;
  • responding to enquiries;
  • maintaining website functionality.

Where special category health-related information is processed, applicable conditions under Article 9 GDPR and relevant healthcare confidentiality obligations are relied upon where appropriate.

7. Newsletter and Marketing Communications

Where individuals subscribe to newsletters or consent to marketing communications, Complete Care Pharmacy may contact them regarding:

  • pharmacy services;
  • healthcare updates;
  • seasonal vaccination services;
  • promotions relating to permitted retail products or services;
  • relevant pharmacy information.

Marketing communications are issued only where a lawful basis exists, including consent where required.

Individuals may unsubscribe or withdraw consent at any time.

8. Payments and Ecommerce Services

Online payments are processed securely through Stripe.

Payment card information is not stored directly by Complete Care Pharmacy.

The website facilitates payment processing only for:

  • permitted retail products;
  • healthcare consultation services;
  • vaccination or booking services;
  • non-medication wellness and beauty products.

The website does not facilitate payment processing for prescription medications or regulated pharmacy medicines.

9. Disclosure of Personal Data

Personal data may be disclosed to third-party service providers where necessary for the operation of the website and associated services, including:

  • Stripe;
  • WooCommerce;
  • website hosting providers;
  • booking and scheduling systems;
  • IT and website support providers;
  • email communication providers;
  • security and fraud prevention services.

Personal data is not sold to third parties.

Where third-party processors are engaged, appropriate contractual and security measures are applied where required.

10. International Transfers

Certain third-party service providers engaged by Complete Care Pharmacy may process or access personal data outside the European Economic Area (“EEA”) in connection with the provision of website, payment processing, communication, security, hosting, or technical support services.

Where personal data is transferred outside the EEA, Complete Care Pharmacy seeks to ensure that appropriate safeguards are implemented in accordance with Chapter V GDPR and applicable data protection requirements. Such safeguards may include:

  • adequacy decisions adopted by the European Commission;
  • Standard Contractual Clauses (“SCCs”);
  • or other lawful transfer mechanisms recognised under GDPR.

Complete Care Pharmacy takes reasonable steps to ensure that personal data transferred internationally remains subject to appropriate confidentiality, security, and data protection safeguards.

11. Data Retention

Complete Care Pharmacy retains personal data only for as long as necessary for the purposes for which it was collected and processed, including compliance with legal, regulatory, taxation, accounting, healthcare, and operational obligations.

Retention periods may vary depending on the nature of the interaction, service provided, and applicable legal obligations.

In general:

Category of DataRetention Approach
Website contact and general enquiriesRetained for up to 12 months following closure of the enquiry unless a longer retention period is required
Newsletter subscription dataRetained until consent is withdrawn or the individual unsubscribes
Booking and appointment informationRetained for as long as necessary to administer the booking and manage related operational or legal requirements
Ecommerce order and transaction recordsRetained in accordance with applicable taxation, accounting, and financial record retention obligations
Customer or patient account informationRetained for as long as the account remains active and thereafter only as necessary for legal, regulatory, dispute resolution, or operational purposes
Technical logs, website security data, and cookie-related informationRetained for limited periods appropriate to security, troubleshooting, fraud prevention, and website administration purposes
Healthcare-related enquiries or communicationsRetained only for as long as necessary in connection with the relevant enquiry, service, legal obligation, or professional requirement

Where personal data is no longer required, Complete Care Pharmacy will seek to ensure that it is securely deleted, anonymised, or otherwise disposed of appropriately.

Retention periods may be extended where necessary:

  • to establish, exercise, or defend legal claims;
  • to comply with legal or regulatory obligations;
  • to investigate complaints or disputes;
  • or where otherwise required or permitted by applicable law.

12. Security Measures

Appropriate technical and organisational measures are implemented to protect personal data against:

  • unauthorised access;
  • accidental loss;
  • misuse;
  • unauthorised disclosure;
  • alteration or destruction.

Such measures may include:

  • access controls;
  • secure hosting environments;
  • encrypted communications;
  • authentication measures;
  • payment security controls;
  • administrative access restrictions.

13. Cookies and Website Technologies

The website uses cookies and similar technologies for:

  • website functionality;
  • ecommerce functionality;
  • secure payment processing;
  • analytics;
  • website security;
  • consent management.

Further information is available in the Cookie Policy.

14. Data Subject Rights

Subject to applicable legal limitations, individuals may have the right to:

  • request access to personal data;
  • request rectification of inaccurate data;
  • request erasure of personal data;
  • request restriction of processing;
  • object to processing;
  • request data portability;
  • withdraw consent where processing is based on consent.

Requests may be submitted to:

managercl@completecarepharmacy.ie

15. Complaints

Individuals who believe their personal data has been processed unlawfully may lodge a complaint with the Irish Data Protection Commission:

https://www.dataprotection.ie

16. Changes to This Policy

This Privacy Policy may be updated periodically to reflect legal, regulatory, operational, or technological changes.

The most recent version will always be published on this website.

Version 1.0

Effective Date: 14 May 2026

Last Updated: 14 May 2026

Scroll to Top