Privacy Policy

Last updated: [23.03.26]

At Chrystalls Connect, we are committed to protecting your privacy and handling your personal information securely, fairly, and lawfully. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website, place an order, request a pharmacy service, or contact us.

1. Who We Are

Chrystalls Connect is operated by Zadams Chemist Ltd (trading as Chrystalls Pharmacy), a UK-based pharmacy service.

Data Controller: Zadams Chemist Ltd
Registered address: 12 The Broadway, Woodford Green, Essex, IG8 0HL
Email: support@chrystallsconnect.com
(For privacy and data requests, please include “Data Request” in the subject line)
Phone: 0208-504-0128/0208-504-2815
Website: www.chrystallsconnect.com

For the purposes of UK data protection law, we are the data controller responsible for your personal data.

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

Personal and Contact Information

  • Full name
  • Billing and delivery address
  • Email address
  • Telephone number
  • Date of birth, where required

Account Information

  • Username and login details
  • Password-protected account information
  • Order history and preferences

Transaction Information

  • Details of products ordered
  • Payment status
  • Delivery and order fulfilment information

Health and Pharmacy Information

Where relevant to a pharmacy service or medicine sale, we may collect:

  • Health declarations
  • Medication history
  • Symptoms and treatment information
  • Photos submitted for assessment
  • Test results or prescription-related information

Technical Information

  • IP address
  • Browser type and version
  • Device information
  • Website usage data
  • Cookie and analytics data

3. How We Collect Your Data

We collect personal data when you:

  • visit our website
  • create an account
  • place an order
  • complete a consultation or health questionnaire
  • upload documents, photos, or prescription information
  • contact us by email, phone, contact form, or other methods
  • opt in to receive marketing communications
  • browse our site using cookies or analytics tools

4. How We Use Your Personal Data

We use your personal data to:

  • process and fulfil your orders
  • provide safe and appropriate pharmacy services
  • assess suitability for medicines or services
  • communicate with you about your order, service, or account
  • manage payments, refunds, and customer support
  • comply with legal, regulatory, and professional obligations
  • protect against fraud, misuse, or unauthorised activity
  • improve our website, services, and customer experience
  • send marketing communications where you have given consent

5. Legal Basis for Processing

Under UK GDPR, we rely on one or more of the following lawful bases to process your personal data:

Contract

Where processing is necessary to fulfil your order or provide requested services.

Legal Obligation

Where we are required to process data to comply with pharmacy, healthcare, tax, accounting, or regulatory obligations.

Legitimate Interests

Where it is necessary for the operation and improvement of our services, fraud prevention, website security, and customer support, provided your rights are not overridden.

Consent

Where you have given clear consent, such as for marketing communications or certain health-related submissions where applicable.

Provision of Health Care

Where special category health data is processed in connection with the provision of pharmacy care, health advice, or clinical review, in accordance with applicable law.

6. Pharmacy-Level Confidentiality

As a UK pharmacy provider, we recognise the importance of patient confidentiality. Any medical or health-related information you provide is treated with a high level of care and confidentiality, similar to information shared during an in-person pharmacy consultation.

Your health information is only accessed by authorised pharmacy professionals or trained team members involved in the safe review, supply, and processing of your order or service.

7. Secure Transactions and Website Security

We take website and data security seriously.

SSL Encryption

Our website uses SSL (Secure Sockets Layer) encryption to protect personal data transmitted through the site. This helps keep information such as login details, payment interactions, health declarations, and prescription-related submissions secure during transmission.

Internal Security Measures

We use reasonable technical and organisational safeguards to protect your data against unauthorised access, misuse, loss, disclosure, or alteration.

While we take appropriate precautions, no website or transmission method can be guaranteed to be completely secure.

8. Payment Security

Chrystalls Connect does not store your full credit or debit card details on its own servers.

Payments are processed through secure third-party payment providers such as Stripe / PayPal / Klarna / Google Pay / Apple Pay etc. These providers process payment data using encrypted and secure systems in accordance with their own privacy and security standards.

When making a payment, you may also be subject to the terms and privacy policies of the relevant payment provider.

9. Who We Share Your Data With

We only share personal data where necessary and lawful. This may include:

  • payment processors
  • delivery and courier providers
  • IT, hosting, and website support providers
  • pharmacy professionals involved in patient care
  • regulatory bodies, inspectors, or law enforcement where legally required
  • professional advisers, insurers, or auditors where necessary

We do not sell your personal data to third parties.

We do not use your personal data for marketing unless you have given permission.

10. Health and Prescription Information

Clinical information you provide, including health declarations, medication history, prescriptions, photos, or other supporting information, is used only for legitimate pharmacy and clinical purposes.

This information is used to:

  • assess safety and suitability
  • support pharmacist decision-making
  • comply with professional and legal requirements
  • maintain appropriate patient records where required

We will not disclose such information outside the pharmacy team unless:

  • you have given permission
  • it is necessary for safeguarding
  • it is required by law, regulation, or professional duty

11. Marketing Preferences

We do not send promotional emails or messages unless you have opted in or otherwise given consent where required.

You can opt out of marketing communications at any time by:

  • clicking the unsubscribe link in a marketing email
  • updating your preferences in your account, where available
  • contacting us directly at [insert contact email]

Opting out of marketing does not affect essential service communications such as order updates, account notices, or safety-related messages.

12. Cookies and Analytics

Our website may use cookies and similar technologies to support functionality, security, and performance.

These may include:

  • essential cookies required for the website to function
  • performance and analytics cookies to understand site usage
  • functionality cookies to remember preferences

Analytics data is used to help improve the site and user experience. Where possible, this data is aggregated or anonymised.

You can manage cookie settings through your browser, and where applicable through our website cookie tools.

13. How Long We Keep Your Data

We keep your personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, regulatory, and professional requirements.

Retention periods may vary depending on:

  • the type of data
  • whether an order or service was completed
  • pharmacy and healthcare record requirements
  • legal obligations and dispute management

When data is no longer needed, we will securely delete or anonymise it where appropriate.

14. Your Rights

Under UK data protection law, you have the right to:

  • request access to your personal data
  • request correction of inaccurate or incomplete information
  • request deletion of personal data in certain circumstances
  • request restriction of processing in certain circumstances
  • object to certain types of processing
  • withdraw consent at any time where processing is based on consent
  • request transfer of your data where applicable

To exercise any of these rights, please contact us using the details in this policy.

15. Complaints

If you have concerns about how your personal data has been handled, please contact us first so we can try to resolve the issue.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the UK.

16. Third-Party Websites

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices, content, or security of those external websites. You should read their privacy policies separately.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, regulatory, operational, or service changes. Any updates will be posted on this page with the revised effective date.

18. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please contact:

Chrystalls Connect
Email: Support@chrystallsconnect.com
Phone: 0208-504-0128/0208-504-2815
Address: 12 The Broadway, Woodford Green, Essex, IG8 0HL

Shopping Cart
Scroll to Top