top of page

Privacy Policy

​

Last updated: October 2025

​

At The Red Drop, we value your privacy and are committed to protecting your personal and health information. This Privacy Policy explains how we collect, use, and safeguard your data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable laws.

​

1. Who We Are

​

The Red Drop (Company No. 11669066) is a doctor-led healthcare initiative registered in England and Wales.
Registered address: Gatcombe House, Copnor Rd, Portsmouth, PO3 5EJ
Email: info@reddrop.co.uk

​

The Red Drop acts as the Data Controller for the information you provide. We determine how and why your personal data is processed.

​

2. Information We Collect

​

We may collect and process the following information when you use our website, book a consultation, purchase a service, or communicate with us:

  • Personal details: name, date of birth, gender, contact details.

  • Health and lifestyle information: information provided during consultations, in health questionnaires, or via blood tests.

  • Payment details: processed securely by third-party providers (e.g. Stripe).

  • Technical data: IP address, browser type, cookies, and analytics data.

  • Communication data: emails, messages, or feedback you send to us.​

 

3. Special Category (Health) Data

​

As a medical and wellness provider, we handle special category data, including health information and blood test results.
This data is processed only by authorised clinicians and administrative staff under strict confidentiality.

Your health data is used for the purpose of:

  • Conducting health screenings and wellness assessments.

  • Providing summaries or referral letters where appropriate.

  • Monitoring service quality and ensuring clinical safety.

 

4. Lawful Basis for Processing

​

We process your data under the following lawful bases:

  • Consent: when you provide explicit consent for us to collect and process health data.

  • Contract: to provide services you purchase or request.

  • Legal obligation: to comply with medical, tax, or regulatory requirements.

  • Legitimate interests: to improve our services, prevent fraud, or manage our business operations securely.

 

5. How We Use Your Information

​

We use your personal and health information to:

  • Deliver our health plans, blood test services, and wellness programmes.

  • Provide doctor-led consultations and referral letters (if required).

  • Contact you regarding appointments, test results, or service updates.

  • Process payments and manage billing securely.

  • Improve the quality and performance of our services.

All information derived from blood tests is for informational and wellness purposes only.
We do not provide medical diagnoses or emergency medical advice.
If any result is abnormal or clinically significant, we will recommend that you contact your GP or appropriate healthcare provider for further assessment.

 

6. Sharing Your Information

​

We may share your data only with trusted third parties who assist us in delivering our services:

  • Partner laboratories for blood analysis.

  • Partner pharmacies for dispensing prescribed medication.

  • Payment processors (Stripe) for secure transactions.

  • Website and cloud providers (Wix, Google Workspace) for secure data hosting.

  • Analytics providers (Google Analytics, Meta Pixel) for service improvement.

All third parties act under strict data processing agreements and comply with UK GDPR standards.
We never sell or rent your personal data.

 

7. Data Storage and Retention

​

Your data is securely stored using encrypted systems and password-protected platforms, including Google Workspace and Wix.
We retain personal and health data only as long as necessary to fulfil the purpose for which it was collected or to comply with legal and professional obligations.
When no longer required, data is deleted or anonymised.

 

8. International Data Transfers

​

Some service providers (e.g. Google, Wix) may store or process data outside the UK.
Where this occurs, appropriate safeguards such as the UK International Data Transfer Agreement or Standard Contractual Clauses (SCCs) are in place to ensure your data remains protected.

 

9. Your Rights

​

Under UK GDPR, you have the right to:

  • Access your data (Data Subject Access Request).

  • Request correction or deletion of inaccurate data.

  • Withdraw consent at any time (where applicable).

  • Object to or restrict processing in certain circumstances.

  • Request data portability.

To exercise your rights, please contact us at info@reddrop.co.uk. We will respond within 30 days as required by law.

 

10. Cookies and Analytics

​

Our website uses cookies to improve user experience, track website traffic, and measure ad performance through Google Analytics and Meta Pixel.
You can control or disable cookies in your browser settings. For detailed information, please refer to our Cookie Policy (if separate) or contact us for assistance.

 

11. Data Security

​

We take appropriate technical and organisational measures to protect your data from loss, misuse, or unauthorised access.
Only authorised staff and clinicians can access your records, and all are bound by confidentiality obligations.

 

12. Changes to This Policy

​

We may update this Privacy Policy from time to time to reflect changes in legislation or our services.
The updated version will always be available on our website with the latest revision date shown above.

 

Contact Us

​

If you have any questions or concerns about how we handle your data, or if you wish to exercise your rights, please contact:

​

The Red Drop
Email: info@reddrop.co.uk
Registered Office: Gatcombe House, Copnor Rd, Portsmouth, PO3 5EJ

bottom of page