top of page

Privacy Policy

At MedsXperts LTD, we recognise that safeguarding your personal information is a serious responsibility. This Privacy Notice explains what data we collect, the reasons for collecting it, and how you can access, update, manage, or request deletion of your information.

We may update this Privacy Notice from time to time to reflect changes in our practices or legal requirements. Where appropriate, we will take reasonable steps to inform you of any significant updates. We encourage you to review this notice regularly to stay informed.

 

Privacy Policy

Last updated: 22.01.2026

Welcome to https://medsxperts.co.uk (the Site). MedsXperts LTD understands that privacy online is important to users of our Site, particularly when conducting business.

This Privacy Policy governs how we collect, use, store, and protect personal information from:

  • Visitors who browse the site without transacting business (“Visitors”)

  • Visitors who engage our services, training, audits, consultancy, or otherwise transact business with us (“Clients”)

This policy is written in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Company name: MedsXperts LTD
Email: info@medsxperts.co.uk

MedsXperts LTD provides medication management training, consultancy, audits, and compliance support to adult social care providers.

For data protection purposes, MedsXperts LTD is the data controller.

2. Personally Identifiable Information

“Personally Identifiable Information” means any information that identifies, or can be used to identify, contact, or locate an individual. This may include, but is not limited to:

  • Name

  • Job title and organisation

  • Email address

  • Telephone number

  • Business address

  • Enquiry details

It does not include anonymous data or aggregated demographic information that is not linked to an identifiable individual.

3. What Information We Collect

We may collect basic profile information from all Visitors.

From Clients, we may also collect:

  • Contact details

  • Organisation and business details

  • Nature of services requested or provided

  • Invoicing records and payment status

We do not collect or store credit card details, full bank details, or sensitive financial data. Payments are processed securely by banks or third-party payment providers.

We may also process sensitive health-related information from MAR charts and other relevant documents such as PRN protocols, body map administration forms, warfarin records, and insulin charts. This information is considered special category data under UK GDPR and is handled with additional safeguards.

4. How We Collect Information

We collect information:

  • When you complete a contact or enquiry form

  • When you email us directly

  • When you engage our services

  • Through cookies and similar technologies

For MAR charts and other relevant documentation, we only access or process information as necessary under contract with the client and in compliance with UK GDPR Articles 6 and 9. All audits and consultancy services are conducted only with documented client consent or via a signed service agreement. Clients explicitly authorise MedsXperts LTD to access MAR charts and related documents for the purposes of auditing, training, and consultancy.

5. How We Use Personally Identifiable Information

We use personal information to:

  • Respond to enquiries and requests

  • Provide services, training, audits, and consultancy

  • Communicate about our services

  • Manage contracts and invoicing

  • Comply with legal and regulatory obligations

Sensitive health-related data from MAR charts and other relevant documents is used solely for the purposes of auditing, consultancy, and training services, and is never shared outside of the contractual scope without explicit consent or legal obligation.

6. Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Consent

  • Contractual necessity

  • Legal obligation

  • Legitimate interests (where these do not override your rights)

For special category health data, we rely on Article 9(2)(a) (explicit consent) and, where applicable, Article 9(2)(h) (management of health or social care systems and services), together with a lawful basis under Article 6 UK GDPR.

7. Third Parties and Sharing Information

In addition to our own collection of data, trusted third-party service providers (such as IT providers, accountants, or banks) may process information on our behalf where necessary.

No third-party vendors or service providers will have access to MAR charts, PRN protocols, body map forms, warfarin records, insulin charts, or any other sensitive healthcare documents. All such sensitive information is processed solely by MedsXperts LTD staff under strict access controls and UK GDPR compliance.

We do not sell or rent personal data.

We may disclose personal data:

  • Where required by law or regulation

  • In response to lawful requests from authorities

  • Where reasonably necessary to protect our rights, safety, or those of others

Our website and business operations rely on third-party service providers, including website hosting, analytics, and cloud-based IT services (such as Wix and Google Analytics). These providers may process personal data on servers located outside the UK. Where personal data is transferred internationally, we ensure appropriate safeguards are in place in accordance with UK GDPR, such as adequacy regulations or approved standard contractual clauses. As these third-party providers act independently, we do not control how they process personal data and encourage users to review their respective privacy policies for further information.

8. Cookies

Cookies are used to enhance user experience, analyse website usage, and improve security.

You can control or disable cookies via your browser settings. Further information may be provided in a separate Cookie Policy.

9. Security of Information

All MAR charts and other sensitive healthcare documents are handled under strict security measures, including:

  • Staff trained in GDPR and data protection at induction and at least annually thereafter

  • Restricted physical access to any paper records

  • Encrypted storage for digital records (e.g., laptops, secure cloud storage)

  • Audit logs for access and modifications

  • Prompt reporting of any data breaches or incidents in line with UK GDPR requirements

Only authorised MedsXperts LTD personnel may access this sensitive data, and all processing is conducted in compliance with data protection law.

MedsXperts LTD is not required to appoint a Data Protection Officer. Data protection queries should be directed to info@medsxperts.co.uk

10. Your Rights

Clients have the right to:

  • Withdraw consent

  • ask us for copies of your personal information.

  • ask us to rectify personal information you think is inaccurate.

  • ask us to complete information you think is incomplete.

  • ask us to erase your personal information in certain circumstances.

  • ask us to restrict the processing of your personal information in certain circumstances.

  • object to the processing of your personal information in certain circumstances.

  • ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

  • We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.

Requests can be made by contacting info@medsxperts.co.uk.

We will respond promptly and, where feasible, securely delete or anonymise the relevant documents in line with GDPR and client agreements. Supporting documentation containing sensitive data will be retained for a maximum of 1 year for dispute resolution, after which it will be securely deleted or anonymised. Final audit reports will be retained for 7 years following completion.

11. Updating or Deleting Information

You may request that we update, correct, or delete personal information we hold about you. Some information may need to be retained for legal, regulatory, or accounting purposes.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page. Where changes materially affect how data is used, we will take reasonable steps to notify you.

 

13. Links to Other Websites

Our Site may contain links to external websites. Please note that we are not responsible for the privacy practices of other websites, and we encourage you to review their privacy policies.

14. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please contact:

Email: info@medsxperts.co.uk

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) www.ico.org.uk, although we would welcome the opportunity to address any concerns directly in the first instance.

bottom of page