top of page

Privacy Policy

Privacy Policy – PharmaFAST Ltd

Effective date: 1/9/2025

PharmaFAST Ltd (“PharmaFAST”, “we”, “us”, “our”) is committed to protecting your privacy and ensuring that your personal data is processed lawfully, fairly, and transparently in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and Irish data protection law.

1. Who We Are

Data Controller (for this website and platform operations):
PharmaFAST Ltd
University of Galway Business Innovation Centre
Upper Newcastle
Galway
Ireland

Email: office@pharmafast.co

PharmaFAST provides a digital platform that facilitates patient intake, triage, consent, appointment booking, and communication for pharmacies and healthcare providers.

2. Our Role Under Data Protection Law

PharmaFAST operates under a dual role depending on the context:

  • As a Data Processor:
    When processing personal data on behalf of pharmacies or healthcare providers using the PharmaFAST platform.

  • As an Independent Data Controller:
    For data relating to:

    • Operation of our website

    • Platform administration

    • Security and compliance

    • Customer and business communications

Pharmacies and healthcare providers using PharmaFAST remain independent Data Controllers for clinical decisions, patient records, diagnosis, treatment, and professional obligations.

PharmaFAST does not provide medical advice, does not determine treatment, and does not replace professional clinical judgment.

3. Personal Data We Process

a) Patient / Public Users

  • Name

  • Date of birth

  • Contact details (email, phone number)

  • Location data (e.g. Eircode or distance radius)

  • Appointment and booking details

  • Intake and triage questionnaire responses

  • Consent declarations

  • Secure messages exchanged with pharmacies or providers

b) Special Category Data

PharmaFAST may process limited health data only where explicitly submitted by users and only for the purpose of facilitating healthcare services via participating providers.

4. Legal Bases for Processing

We process personal data under the following GDPR legal bases:

  • Consent (Article 6(1)(a))

  • Performance of a contract (Article 6(1)(b))

  • Legitimate interests (Article 6(1)(f))

  • Explicit consent for health data (Article 9(2)(a))

  • Healthcare provision (Article 9(2)(h)), where applicable through providers

You may withdraw consent at any time, without affecting the lawfulness of processing prior to withdrawal.

 

5. How We Use Personal Data

Personal data is used to:

  • Facilitate appointment booking and service access

  • Enable intake, triage, and consent workflows

  • Support communication between patients and providers

  • Operate, secure, and improve the PharmaFAST platform

  • Meet legal, regulatory, and compliance obligations

We do not sell personal data and do not use data for advertising profiling.

6. Data Sharing

Personal data may be shared with:

  • Pharmacies or healthcare providers selected by the user

  • Trusted service providers (sub-processors) supporting hosting, messaging, analytics, or payment processing

  • Regulatory or law enforcement authorities where legally required

All sub-processors are contractually bound to GDPR-compliant data protection standards.

7. International Transfers

Where personal data is transferred outside the EU/EEA, such transfers are protected by appropriate safeguards, including Standard Contractual Clauses approved by the European Commission.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, including:

  • While a user account or service relationship remains active

  • As required by applicable legal or regulatory obligations

  • Until deletion is requested, subject to controller obligations

Pharmacies and healthcare providers determine retention periods for clinical data under their control.

9. Your Data Protection Rights

You have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request erasure (“right to be forgotten”)

  • Restrict or object to processing

  • Data portability

  • Lodge a complaint with the Data Protection Commission (Ireland)

Requests can be made by contacting office@pharmafast.co.
Verification of identity may be required.

10. Security Measures

We implement appropriate technical and organisational measures to protect personal data, including:

  • Encryption in transit and at rest

  • Access controls and role-based permissions

  • Secure infrastructure and monitoring

  • Regular security and compliance reviews

11. Data Breaches

In the event of a personal data breach, PharmaFAST will:

  • Investigate and contain the incident

  • Notify relevant controllers where applicable

  • Notify the Data Protection Commission within 72 hours where required

12. Cookies

Our website uses essential cookies and limited analytics cookies to ensure functionality and performance. Where required, cookie consent mechanisms are provided.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The most current version will always be available on our website.

14. Contact Us

For privacy or data protection enquiries, please contact:

office@pharmafast.co

Join our waiting List

Whether you’re an independent pharmacy, part of a Symbol group, or chain — we’d love to connect.
👉 Get in touch today.

2025 by PharmaFast. Powered and secured by PF-Tech 

bottom of page