© 2018 New Line Pharma ® ™, All Rights Reserved.

New Line Pharma

Mail: info@newlinepharma.co.uk





The policy: This privacy policy is for New Line Pharma (D K Wood Ltd), Unicorn House, Prestbury Cheshire, SK10 4DG and governs the privacy of those who use it and our services. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information when providing services, including your rights under current laws and regulations. If you do not agree to the following policy you may wish to cease viewing / using this website.

The Data Protection Officer can be contacted at DPO@newlinepharma.co.uk

Policy key definitions:

•"I", "our", "us", or "we" refer to the business, New Line Pharma

•"you", "the user" refer to the person(s) using our services.

•GDPR means General Data Protection Act.

•PECR means Privacy & Electronic Communications Regulation.

•ICO means Information Commissioner's Office.

•Cookies mean small files stored on a user’s computer or device.


Your individual rights

Under the GDPR your rights are as follows

•the right to be informed;

•the right of access;

•the right to rectification;

•the right to erasure;

•the right to restrict processing;

•the right to data portability;

•the right to object; and

•the right not to be subject to automated decision-making including profiling.


You also have the right to complain to the ICO if you feel there is a problem with the way we are handling your data at ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We handle subject access requests in accordance with the GDPR.

What Personal Data do we collect?

Private medical professionals who register to use New Line Pharma provide the following information on the completed registration form; name, invoicing address, delivery address, , registration number to their professional body, phone number, email address, bank reference trade reference, prescriber contact information – name, address, phone number, email address, photographic identification and proof of address

When prescription orders are placed we collect: patient details – name, address, date of birth, relevant medical history; payment information

With regards to prescriber visits to both our main website and our E-Prescribing site we may automatically collect the following information: IP address, information about your visit including URL, user behaviour data such as length of time on each page, products searched for.

What do we do with the data collected?

All data is used to provide you with services. We only take the information required to carry out the dispensing of medications for your patients and to fulfil your orders.

Patient information is stored on our secure PMR (Patient Medical Record) system provided by a fully accredited and GDPR compliant, UK based PMR service provider. This data is kept for as long as advised by the NHS.

Customer information necessary for generating invoices, completed registration forms, stock order forms and paper prescriptions are kept securely on site. Paper prescriptions are kept securely for 2 years as recommended by the General Pharmaceutical Council. Other data is stored for as long as the account remains active.

Orders and prescriptions received by email and fax are hosted on our secure email server. Orders and prescriptions sent via the E-Prescribing platform are encrypted on our secure UK based server and cloud.

Only staff who require access in order to provide the necessary service have access to the data.

All staff contracts of employment contain a requirement to keep patient information confidential. All staff that deal with Personal Data with regards to prescriptions are also trained in and must comply with the NHS Code of Practice on Confidential Information. In addition, pharmacists have a requirement under their professional standards to keep records about you confidential, secure and accurate.

Who may the information be shared with?

We may need to share the data about private medical professionals who use our services with the following third-parties:

 Service providers such as courier and delivery companies, accountants, credit reference companies, support and hosting providers, technical engineers, IT professionals and other third parties who assist us in providing our services

 Professional Regulators such as GPhC, GMC, GDC, NMC, MHRA

 Suppliers – we may share data limited to your clinic name and postcode to our suppliers to fulfil our legitimate interests and for product support. You may write to us to opt out. All our suppliers are UK based and governed by the same GDPR regulations.

What is the legal basis for processing the Personal Data?

We may process your Personal Data on the following bases:

 Contractual Obligation – processing data is required to carry out the agreement between ourselves and our customers, and to provide a service to you

 Legal Obligation – processing data is necessary for compliance to our regulatory bodies

 Necessary for the performance of a task in the public interest – processing patient data is necessary to provide the service

 Legitimate Interest – processing data is required to handle customer enquiries and orders, enforce our terms and conditions, to protect our rights

Email marketing messages & subscription

Under the GDPR we use the consent lawful basis for anyone subscribing to our marketing mailing list. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third-party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.

Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.

Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences.

Our EMS provider is Mail Chimp. We hold the following information about you within our EMS system;

•Email address

•Consent to marketing date


We may from time to time sent direct print marketing to you, under our legitimate interests.

We will still contact you regarding your account or orders even if you have opted out of receiving marketing from us.

Internet cookies

We may use cookies on our website to provide you with a better user experience. We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third-party website.

Some cookies are required to enjoy and use the full functionality of our website.

We use a cookie control system which allows you to accept the use of cookies, and control which cookies are saved to your device / computer. Some cookies will be saved for specific time periods, where others may last indefinitely. Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.

Changes and Updates.

Any changes we may make to our privacy policy will be posted on our website and, where appropriate, notified to you by e-mail.


Privacy Policy