Privacy policy

Effective Date: 11 July 2025
Last Updated: 11 July 2025

Agentis Health Group Ltd (“we”, “our”, or “us”) is committed to protecting your privacy and handling your personal data responsibly and in accordance with applicable data protection laws. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you:

  • Use our websites or web applications
  • Place orders via our online shop
  • Interact with our digital-enabled healthcare systems
  • Apply for jobs through our career’s pages
  • Participate in surveys or other forms of engagement

By accessing or using our services, you agree to the practices described in this Privacy Policy.

1. Third-Party Links and Services

Our websites or services may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these websites and are not responsible for their privacy practices. We encourage you to review the privacy notices of any third-party site you visit.

2. The Data We Collect About You

We may collect the following categories of personal data:

  • Identity Data – e.g. name, title, date of birth, NHS or national insurance number, passport details, user IDs, and photographs
  • Contact Data – e.g. postal address, email address, phone numbers, and social media accounts
  • Technical Data – e.g. device ID, IP address, browser type/version, time sone setting, location, operating system, platform, and cookie data
  • Profile Data – e.g. login credentials, preferences, feedback, and survey responses
  • Usage Data – e.g. information on how you use our websites, applications, and services
  • Special Category Data – e.g. health data, biometric or genetic data, prescriptions, over-the-counter medicines, healthcare provider details, and notes on your medical treatment or care
  • Aggregated Data – e.g. statistics and metrics that do not identify individuals directly

If you do not provide personal data when requested, we may be unable to provide certain services or features.

3. How We Collect Your Data

We collect your personal data through:

  • Direct interactions – e.g. forms on our website, applications, email, social media, phone, and job applications
  • Automated technologies – e.g. cookies, log files, analytics tools
  • Third parties – e.g. analytics providers, NHS and healthcare professionals, recruitment platforms, and public databases

4. How We Use Your Personal Data

We use your data for the following purposes:

  • To provide and manage our digital healthcare and pharmacy services
  • To fulfil online orders and provide customer support
  • To manage user registrations and accounts
  • To process job applications
  • To carry out surveys and research
  • To ensure safety, quality, and compliance
  • To improve our websites and services
  • To comply with applicable laws and regulations
  • To protect life or safety in emergencies

Legal Bases for Processing

We process your personal data under the following legal grounds:

  • Consent
  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate interests
  • Vital interests (e.g. emergency medical care)

5. Controller and Contact Details

Agentis Health Group Ltd is the data controller responsible for your personal data.

Data Protection Officer (DPO):
Our full details are:  Ashtons, Units 2-10, 74 Dyke Road Mews, Brighton, BN1 3JD.

Email: dataprotection@ashtons.com

6. Sharing Your Personal Data

We may share your data with:

  • Service providers – e.g. IT support, hosting providers, email services, order fulfilment
  • Healthcare professionals or NHS – where needed to deliver healthcare services
  • Regulatory or law enforcement authorities – where required by law
  • Professional advisors – e.g. legal, tax, or auditing firms
  • Business transfers – e.g. mergers, acquisitions, or reorganisation
    We require all third parties to respect the security of your personal data and to process it lawfully.

7. Data Security

We implement appropriate technical and organisational measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. These include:

  • Secure data centres
  • Encryption and access controls
  • Staff training
  • Regular audits and risk assessments

9. Data Retention

We only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including:

  • Legal, regulatory, or contractual obligations
  • Business and medical recordkeeping
  • Job application and employment law purposes

When your data is no longer required, it will be securely deleted or anonymised.

10. Your Legal Rights

Under applicable data protection laws (e.g. UK GDPR, EU GDPR), you have the right to:

  • Request access to your personal data
  • Request correction of inaccurate or incomplete data
  • Request erasure (where applicable)
  • Object to processing or request restriction
  • Request data portability
  • Withdraw consent (where processing is based on consent)
  • Lodge a complaint with the Information Commissioner’s Office (ICO): https://ico.org.uk

To exercise your rights, please contact our DPO using the details in Section 5.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date at the top of this page. Where required by law, we will notify you of material changes. We recommend checking this page regularly to stay informed.