Last updated: October 2025
This Privacy Policy explains how eHealth Solutions Ltd (“we”, “our”, “us”) collect, use, and protect your personal data when you visit our website or use our software products and services.
We are committed to protecting your privacy and handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. About Us
eHealth Solutions Ltd
Company number: 13084298
Registered office: Tricorne Stables, 15a Sandy Lane, Wokingham, England, RG41 4DD
Email: info@ehealthsolutions.co.uk
We are a UK-based healthcare technology company providing software services including:
- ePrivate Prescription (EPP) – private electronic prescribing platform
- EMRpro – electronic medical records system
- eHealth Rx Network – nationwide network linking prescribers and pharmacies
For the purposes of data protection law, we act as:
- Data Processor when we process patient or client data on behalf of healthcare providers.
- Data Controller for personal data collected directly by us (e.g., website visitors, business contacts, and account holders).
2. Information We Collect
We may collect and process the following types of data:
a) Information You Provide Directly
- Name, email address, phone number, and professional details when you contact us or register for our services.
- Payment or billing information for subscription or partnership agreements.
- Patient or clinical data entered by prescribers, clinics, or pharmacies using our software (EPP or EMRpro).
b) Information Collected Automatically
- IP address, browser type, and device information when you visit our website.
- Usage data and activity logs within our software to ensure security, performance, and compliance.
c) Information from Third Parties
Verification or reference data from regulatory bodies (e.g. GMC, GPhC) where necessary to validate professional users.
3. How We Use Your Information
We process personal data for the following purposes:
- To provide access to and operate our software products.
- To maintain system security and data integrity.
- To manage user accounts, subscriptions, and billing.
- To provide customer support and respond to enquiries.
- To improve our software and website user experience.
- To comply with legal and regulatory obligations.
- To send service updates or product communications (you may opt out at any time).
We do not sell or rent your personal information to any third party.
4. Legal Basis for Processing
We process your personal data under one or more of the following legal bases:
- Contractual necessity – when processing is required to deliver our software or services.
- Legal obligation – for compliance with regulatory or tax laws.
- Legitimate interests – to maintain and improve our software and business operations.
- Consent – where you have explicitly agreed (e.g., marketing communications).
5. Data Sharing and Transfers
We may share data only with:
- Authorised pharmacies, laboratories, or healthcare providers as part of prescription or record management.
- Technology partners who host or maintain our secure infrastructure.
- Regulatory authorities where legally required (e.g., GPhC, CQC, HMRC).
All partners are bound by confidentiality and data processing agreements ensuring GDPR compliance.
We do not transfer data outside the UK or EEA without appropriate safeguards.
6. Data Retention
We retain data only as long as necessary for the purpose it was collected or as required by law.
For clinical data handled within EPP or EMRpro, retention periods are determined by the relevant healthcare provider’s policies.
After the retention period, data is securely deleted or anonymised.
7. Data Security
We employ robust technical and organisational measures to protect your data and have Cyber Essentials Certification, including:
- Encrypted connections (SSL/TLS)
- Role-based access control
- Two-factor authentication (2FA) for authorised users
- Regular data backups and penetration testing
- Compliance with NHS Digital Data Security & Protection (DSP) principles
Despite these safeguards, no online system is completely secure. Users must also protect their login credentials and access devices.
8. Your Data Protection Rights
You have the following rights under UK GDPR:
- Right to access – request a copy of the personal data we hold.
- Right to rectification – request correction of inaccurate or incomplete data.
- Right to erasure – request deletion of your personal data (subject to legal retention).
- Right to restrict processing – request limited use of your data.
- Right to data portability – request transfer of your data to another controller.
- Right to object – object to processing based on legitimate interests or marketing.
To exercise your rights, please contact info@ehealthsolutions.co.uk.
We will respond within one month, as required by law.
9. Cookies
Our website uses cookies to enhance user experience and collect analytics.
You can control or delete cookies through your browser settings. For more details, please see our Cookie Policy (if applicable).
10. Links to Other Websites
Our website may contain links to third-party sites. We are not responsible for their privacy practices or content.
We encourage you to read the privacy policies of any linked websites before providing personal data.
11. Changes to This Policy
We may update this Privacy Policy periodically.
Any changes will be posted on this page with an updated “Last updated” date.
Your continued use of our website or services after such changes indicates acceptance of the revised policy.
12. Contact Us
For privacy-related enquiries, please contact:
Data Protection Officer
eHealth Solutions Ltd
📧 Email: info@ehealthsolutions.co.uk
📍 Address: Tricorne Stables, 15a Sandy Lane, Wokingham, RG41 4DD
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.
