Privacy policy

Data protection

The GPhC is registered as a data controller under the Data Protection Act 1998 (DPA). This means we are an organisation that controls how we collect, store, and use personal data. The register of data controllers is held by the Information Commissioner’s Office

Personal data is information about an identifiable living person. The person to whom the personal data refers is called a ‘data subject’.

The DPA sets out eight principles which state that any organisation collecting personal data must ensure that it is:

processed fairly and lawfully
processed for specific and lawful purposes
used in a way that is adequate, relevant and not excessive
accurate and, where necessary, kept up to date
not kept for longer than is necessary
processed in accordance with data subjects’ legal rights
kept secure
not transferred outside the UK without adequate protection.

Pharmacists, pharmacy technicians and pre-registration trainees

How we will use your personal data

The GPhC is a data controller registered with the Information Commissioner’s Office. The GPhC makes use of personal data to support its work as the regulatory body for pharmacists, pharmacy technicians and retail pharmacy premises in Great Britain. Data may be shared with third parties in pursuance of the GPhC's statutory aims, objectives, powers and responsibilities under the Pharmacy Order 2010, the rules made under the Order and other legislation. Personal data may be processed for purposes including (but not limited to):

updating the register
administering and maintaining registration
processing complaints
compiling statistics

Information may be passed to organisations with a legitimate interest including (but not limited to) other regulatory and enforcement authorities, NHS trusts, employers, Department of Health, universities and research institutions. Please note that the GPhC will not share your personal data on a commercial basis with any third party.

Sharing personal data with other organisations

The GPhC shares information with other organisations in pursuance of its statutory aims, objectives, powers and responsibilities under the Pharmacy Order 2010, the rules made under the Order and other legislation.

Information sharing enables organisations to improve client services, protect the public and respond to statutory requirements. The GPhC will only share information with other organisations to further our statutory role and responsibilities, whilst respecting the confidentiality of our registrants.

We recognise the importance of having clear guidelines to follow and ensuring that this information is shared in a secure and confidential manner and in accordance with the law, including the common law duty of confidence, the Data Protection Act 1998, the Human Rights Act 1998 and other related legislation and guidance.

Copies of the data sharing agreements we have with other organisations for the regular sharing of personal information of registrants are displayed on this page. In these agreements we make sure that:

they are only provided with the minimum amount of information they need to carry out the activity or service.
they agree not to use the information received from us for any other purposes other than those agreed by us.
they have proper systems in place to protect personal data.
both parties to the agreement publish a copy of the agreement on their websites. This is to promote openness and transparency and ensure that the profession and the public are aware of what information is shared and the reasons for this.

Information Sharing Agreement NES 13032013 [PDF 647.84 KB]

Information Sharing Agreement - Centre for Pharmacy Postgraduate Education [PDF 716.41 KB]

Information Sharing Agreement WCPPE 02042013 [PDF 645.8 KB]

Information sharing agreement NWSSP [PDF 318.81 KB]

Requesting personal data about you

If you want to make a request to see personal data that we may hold about you, this is called a subject access request. Please send your request in writing to the information access team, describing the information you want. It would be helpful if you could mark your mail ‘Subject Access Request’.

Please note that we are allowed to charge a fee of up to £10 before providing the information to you. There are also a number of exemptions under the DPA which may mean we are unable to provide some of the information you want. You may also be asked to supply proof of your identity.

Governance Team
General Pharmaceutical Council
129 Lambeth Road
London
SE1 7BT
Tel: 020 3365 3507
Email: foi@pharmacyregulation.org