• Your shopping cart is empty!

Privacy Policy

Privacy Policy for drmed.ie

drmed.ie operates the website www.drmed.ie and provides online GP consultation services in the Republic of Ireland. We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR), the Irish Data Protection Act 2018, and related Irish law, including telemedicine and healthcare data standards.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal and medical information when you use our website and services. By using our services, you consent to the practices described in this policy.

1. Data Controller

drmed.ie is the data controller of the personal data you provide. This means we determine how and why your information is processed.

If you have questions about this Privacy Policy or wish to exercise your data rights under GDPR, you can contact us at:

Email: drmmhltd.ie@gmail.com
Phone: +353 83 373 21483

2. Types of Personal Data We Collect

We collect different types of personal information for different purposes, including:

a. Personal Identification Data:
Name, date of birth, phone number, email address, postal address.

b. Health and Sensitive Personal Data:
Medical history, symptoms, current medications, allergies, consultation notes, diagnoses, treatment plans, and prescriptions.
This is special category data under GDPR and receives enhanced protection under Irish law.

c. Technical & Usage Data:
IP address, device type, browser type, and website usage for improving our service (e.g., analytics and cookies).

d. Payment Data:
Information necessary to process payments. We do not store full payment card details; these are handled securely by trusted third-party payment processors.

3. How We Use Your Personal Data

We use your information for the following purposes, all in line with Irish GDPR rules:

  • To provide online GP consultations and related healthcare services

  • To support clinical decision-making, prescriptions, referrals, and medical certificates

  • To communicate with you, including appointment confirmations and follow-ups

  • To process secure payments for services

  • To comply with legal, regulatory, and professional obligations

  • To improve our website and services through anonymised analytics

Your data is processed only when there is a lawful basis under GDPR, such as your consent, the performance of a contract, or compliance with healthcare regulations in Ireland.

4. Data Sharing and Disclosure

We will never sell your personal data to third parties. We may share your data only as necessary to provide care and comply with legal obligations:

  • With our medical team (e.g., Dr Shah) and authorised clinical staff

  • With pharmacies to fulfil prescriptions (with your consent)

  • With payment processors solely to complete payments

  • With regulatory authorities or law enforcement if legally required

5. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

  • Encryption of sensitive data in transit and at rest

  • Secure server storage within the EU/EEA

  • Regular security reviews and access controls

No system can be 100% secure. We will notify affected users and the Data Protection Commission (DPC) as required under Irish GDPR law in the event of a significant data breach.

6. Data Retention

We retain personal and medical data only as long as necessary to:

  • Provide healthcare services

  • Comply with legal and professional record-keeping requirements

  • Handle enquiries, complaints, or legal matters

Data may be stored in electronic health records and archived securely in line with Irish medical record standards.

7. Your Rights under GDPR (Ireland)

You have rights under the GDPR and Irish Data Protection Act 2018, including:

  • Right of Access: Obtain a copy of your data

  • Right to Rectification: Correct inaccurate or incomplete data

  • Right to Erasure: Request deletion in certain circumstances

  • Right to Restriction or Objection: Limit or object to processing

  • Right to Data Portability: Receive your data in a structured format

  • Right to Withdraw Consent: At any time, if consent is the legal basis for processing

To exercise your rights, contact drmmhltd.ie@gmail.com. You also have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland.

8. Children’s Data

We do not knowingly collect personal data from individuals under 16 without parental or guardian consent. Parents or guardians booking on behalf of a child should ensure the accuracy of information provided.

9. Changes to This Policy

We may update this Privacy Policy to reflect legal changes, service improvements, or GDPR requirements. Updated policies will be posted on the website with a revised effective date.

10. Cookies & Tracking

We use cookies and similar technologies to enhance user experience, provide analytics, and manage sessions. You can control cookies through your browser settings. For detailed information, see our Cookie Policy.

11. Contact Us

For privacy enquiries, data access requests, or concerns under Irish GDPR law:

Email: drmmhltd.ie@gmail.com
Phone: +353 83 373 21483