This Privacy Policy explains how Get Real Health Limited (trading as “Get Real Health”, “we”, “us”, “our”) collects, uses, shares and protects personal data when you visit our website, contact us, or use our services. We are committed to handling personal data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
Get Real Health Limited is a company registered in England and Wales (company number 12744898), with registered office at Unit 55, First Floor, St. Asaph Business Park, St. Asaph, Denbighshire, LL17 0JG, United Kingdom.
We are the data controller in respect of the personal data described in this policy. You can contact us at privacy@getrealhealth.co.uk.
2. What personal data we collect
We may collect and process the following categories of personal data:
- Contact details— name, job title, pharmacy name, business email, business phone number — provided when you fill in a form, request a demo, or email us.
- Account data— if you become a customer, we hold the credentials, role, and pharmacy organisation linked to your account on our platform.
- Communications— the content of emails, chat, or call transcripts you exchange with us, including AI voice receptionist call recordings and transcripts where applicable.
- Technical / device data— IP address, browser type and version, device type, operating system, referring URL, pages visited, and timestamps. This data is collected automatically through our hosting infrastructure and analytics tools.
- Cookies and similar technologies — see our Cookie Policy for details.
We do not knowingly collect or process patient health data through this website. Patient consultations carried out via the Get Real Health clinical platform are governed by a separate processing agreement between us and the operating pharmacy.
3. Lawful bases for processing
We rely on the following lawful bases under Article 6 UK GDPR:
- Legitimate interests— to respond to your enquiries, manage our customer relationships, run our business, improve our products, and keep our website secure.
- Performance of a contract— where you are a customer, to provide and administer the services you have signed up to.
- Consent— for non-essential cookies and any marketing communications. You can withdraw consent at any time.
- Legal obligation— where we are required to process data to comply with a legal or regulatory requirement.
4. How we use your personal data
We use personal data to:
- respond to enquiries and demo requests;
- set up and administer customer accounts on our platform;
- send service-related communications (e.g. account updates, billing, security notices);
- send marketing communications about our services, where you have opted in, with an unsubscribe option in every email;
- monitor, secure, and improve our website and platform (including fraud prevention and abuse detection);
- comply with legal, regulatory and clinical governance obligations.
5. Sharing your personal data
We share personal data only with trusted third parties acting on our behalf or where required by law. Our key categories of recipients are:
- Hosting and infrastructure providers— for example our web hosting, database, email and analytics providers.
- Payment processors— for customer billing.
- Professional advisers— lawyers, accountants and auditors, where necessary.
- Regulators and authorities— where required by law (e.g. CQC, MHRA, ICO, HMRC, courts).
We do not sell personal data. Where any third-party processor is located outside the UK, we put appropriate safeguards in place (typically the UK International Data Transfer Addendum).
6. How long we keep your personal data
We keep personal data only for as long as necessary for the purposes we collected it for, and to comply with our legal and regulatory obligations. As a guide:
- enquiry data: typically 24 months from your last interaction with us;
- customer account data: for the lifetime of the contract plus 7 years (to meet HMRC and clinical governance retention rules);
- marketing contact data: until you unsubscribe or ask us to delete your record.
7. Your rights
Under UK GDPR you have the right to:
- request access to the personal data we hold about you;
- request correction of inaccurate or incomplete data;
- request erasure of your personal data in certain circumstances;
- request restriction or object to certain processing;
- request data portability in certain circumstances;
- withdraw consent at any time where consent is the lawful basis;
- lodge a complaint with the UK Information Commissioner's Office at ico.org.uk if you are unhappy with how we have handled your data.
To exercise any of these rights, please email us at privacy@getrealhealth.co.uk.
8. Security
We use technical and organisational measures designed to protect personal data against unauthorised access, loss, alteration or disclosure. These include encryption in transit, role-based access controls, audit logging, and regular review of our security posture.
9. Changes to this policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top of the page shows when it was most recently revised. Significant changes will be communicated directly to customers where appropriate.
10. Contact
Questions about this Privacy Policy or how we handle your data? Email privacy@getrealhealth.co.uk.