Privacy Policy

We view our customer’s security and privacy as paramount, below is an outline of our privacy policy but if you have any further queries, please contact our Customer Service team. Any personal information you provide to us and from which you can be identified is stored securely and confidentially and is processed fairly and lawfully in accordance with this privacy policy.

We take appropriate technical and organisational measures to protect against unauthorised or unlawful processing of your personal information, including encrypting your information to applicable industry standards.

1. What data do we collect?

Personal data is defined as any data relating to an individual that would allow them to be identified either directly or indirectly, this includes information such as your name, address and date of birth.

During your visit to our site we may gather certain personal information that is necessary to set up your account, for the purposes of billing, delivery of your goods and queries. We only keep your information for as long as is necessary to process your order, process any applicable refunds, respond to any complaints/feedback or to provide you with promotional information you have subscribed to.

We collect data from you when you:

This data will only be used to:

Our analytics software is used to help us provide the best service to all users of the Dr Felix website. This software may also record information relating to:

Ordinarily we do not have access to your financial information which is securely transferred directly to our card processing agents and who process it on our instructions.

We use cookies to improve our service to you. Cookies are small pieces of information stored on your computer or other device. They are used to remember useful information, such as what’s in your shopping basked while you browse or if you’re logged in or not. Cookies do not store your personal details. For more information, please see our Cookies Policy.

When you register your details with us, you have the option to subscribe to future promotions and special offers. You may unsubscribe from this at any time by emailing info@drfelix.co.uk.

When you supply your information to us you accept the risks associated with the internet and will not hold us responsible for any loss of your information unless we have breached our duty of care to you.

2. Third Parties

We supply some of your information electronically to selected third parties including:

We take your privacy seriously and we will never sell your data to any third party.

If you order an STI test kit via Dr Felix, your test kit is passed on to an outside laboratory. They will return you results to us, which we then pass on to you.  

Our website contains links to other websites with their own privacy policies, we are not responsible for the privacy policies of these websites.

3. How we use your data

We use your data to:

In delivering our service to you we use your data:

In monitoring and improving our service, product range and website, we use your data:

Legal Requirements for Sharing Your Data

In conforming to legal, compliance and regulatory requirements, we use your data:

We will only share your data in response to a legal request if we believe that the law requires us to do so, that sharing of your data is required in that jurisdiction and is consistent with internationally recognised standards.

Examples of legal requirements for sharing your data include:


4. Data Storage & Retention

We are registered with the Information Commissioners Office (ICO) under the registration number ZA298635

Any data you provide us with will be stored securely on a private database

This database and our website are stored on Amazon AWS which is ISO 27001 certified

Only our doctors, pharmacy team and a small number of employees have access to this data base. All our staff are subject to our Confidentiality Protection Policy.

We do not transfer your information outside the European Economic Area (“EEA”) unless you are a user located outside the EEA in which case we may need to transfer your information to deliver your goods, process payment/refunds, or to send you promotional information you have subscribed to.

We only keep your information for as long as is necessary to process your order, process any applicable refunds, respond to any complaints/feedback or to provide you with promotional information you have subscribed to.

If you choose to delete your account, we will delete all your data after 30 days, unless we are legally required to share your data (see section 4.4).

5. PCI Compliance

www.drfelix.co.uk is Payment Card Industry Data Security Standards (PCI DSS) compliant and is scanned for server vulnerabilities on a regular basis to ensure our security systems are up to date and comply with industry standards.

Dr Felix abides by Data Protection Act and understands why safety is paramount for our customers making payments online. We endeavour to make sure we secure ours customer’s payment card data. Our customers depend on us to keep their information safe and Dr Felix repays their trust with compliance to the PCI Security Standards.

6. What is PCI compliance?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. The PCI DSS is administered and managed by the PCI Security Standards Council PCI SSC, an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB). A copy of the PCI DSS is available: download PCI Security Standards (pdf).

What you need to know about PCI Compliance

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Cardholder data is any personally identifiable data associated with a cardholder. This could be an account number, expiration date, name, address, social security number, etc. All personally identifiable information associated with the cardholder that is stored, processed, or transmitted is also considered cardholder data.

Dr Felix is PCI compliant and subject to quarterly checks to make sure our security systems are secure and compliant so you can make payments on our website without a single worry.

7. Patient Rights

You have the right to correct your data, should you realise something is incorrect. You can change most of your data by logging-in to your account, if the data is not accessible via your account and you wish to change it, you should contact our customer service team. 

You have the right to request that your data is deleted, unless it is required for a legal reason.

We are required to store your medical data and identity for an undefined period to protect your health interests should any problems arise.

You can request to access your data at any point by contacting our customer service team.

To protect your data from fraud, you must provide us with two forms of identity and your request in writing, before we are able to release your data records to you.

We advise you use a unique strong password (at least 8 characters including upper and lowercase letters, numbers and symbols) for our website. We recommend that you do not share this password with anyone.

If you suspect a breach of your security i.e. an unauthorised log-in to your account, please contact our Data Protection Compliance Officer immediately on +44 (0)1236 758420.

8. How can you exercise your rights under the GDPR?

The GDPR (General Data Protection Regulation) gives you the right to access, change and erase your data.

You also have the right to restrict what your data is used for. This includes:

9. How we will notify you of changes to this policy 


Any changes we may make to this privacy notice in the future will be posted on this page, and for any major changes, we’ll notify you by e-mail. If we are going to change the way we process your data, we will ask for your consent first by email, unless you have opted out, in which case please check this page for updates.

10. How to contact us for more information


If you have any queries or comments regarding our use of your personal information or this privacy policy, you can contact our Data Protection Officer via email at sam.malik@drfelix.co.uk. Alternative you can also write to us at Dr Felix, 37 Main Street, Calderbank, Airdrie, ML6 9SG or contact us on +44 (0)1236 758420.

If you are not satisfied with our response or have a complaint, you can also contact the ICO (Information Commissioner’s Officer). Our ICO registration number is ZA298635.

Thank you for reading the Dr Felix privacy policy.