Reboost.com UK LTD (DoktorABC) – Privacy Policy

1. About Us

Reboost.com UK Limited, trading as DoktorABC, is a digital healthcare company that provides online medical consultations and prescription services. We connect patients with licensed, independent healthcare professionals through our platform, enabling them to access treatments and medications conveniently and securely.

Reboost.com UK Limited (the “Company”, “we”, “our” or “us”) is committed to protecting and respecting your privacy. This privacy notice explains how we collect, use, store and share your personal data when you use our website at https://www.doktorabc.com/uk (the “Website”) and our services.

For the purposes of UK data protection legislation (including the UK General Data Protection Regulation and the Data Protection Act 2018), the data controller is Reboost.com UK Limited, a company registered in England and Wales (company number 17051536), with registered office at 219 Labs Atrium Stables Market, Chalk Farm Road, London, United Kingdom, NW1 8AH.

Our data protection officer can be contacted via heyData GmbH, Schützenstraße 5, 10117 Berlin, www.heydata.eu , email: datenschutz@heydata.eu

We have appointed Martin Bastius, c/o heyData GmbH, Schützenstraße 5, 10117 Berlin, E-Mail: eu-rep@heydata.eu as our EU representative.

2. Information We Collect

We collect and process personal data about you in the following ways:

2.1 Personal Information You Give Us

This is information about you that you give us by filling in forms on our Website, undergoing a consultation, or by corresponding with us by phone, email or otherwise. It includes information you provide when you register on our Website, place an order, complete a medical questionnaire, or report a problem. This information may include your name, date of birth, address, email address, phone number, gender, identification documents and payment information.

2.2 Special Category Data You Give Us

Special category data (also known as “sensitive personal data”) includes information about your health, medical conditions, medication history, and other health-related information. Because we provide an online healthcare service, we collect this type of data when you complete medical questionnaires, undergo consultations with prescribers, or otherwise communicate health information to us. Special category data receives additional protection under data protection law, and we explain the legal bases on which we process it in Section 3 below.

2.3 Information We Collect Automatically

When you visit our Website, we automatically collect technical information including your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform. We also collect information about your visit, including pages visited, clickstream data, page response times, download errors, and page interaction information. Much of this data is collected through cookies and similar technologies – please see Section 5 (Cookies) for further details.

2.4 Information We Receive from Third Parties

We may receive information about you from third parties, including our partner prescribers, fulfilment pharmacies, payment processors, and identity verification providers. Where we receive personal data about you from a third-party source, we will provide you with information about the source and the data received, where we are required to do so by law.

3. How We Use Your Information and Our Legal Bases

The table below sets out the purposes for which we process your personal data, the categories of data involved, and the legal basis we rely on in each case.

3.1 Processing of Personal Data

3.2 Processing of Special Category Data (Health Data)

Because our services involve healthcare, we process health-related special category data. We rely on the following legal bases under Article 9(2) of the UK GDPR:

• Explicit consent (Art. 9(2)(a) UK GDPR): Where you provide your health information to us via our medical questionnaires and consultations, you give your explicit consent for us to process that data to facilitate the provision of healthcare services. You may withdraw your consent at any time by contacting us, though this may affect our ability to provide services to you.
• Health or social care purposes (Art. 9(2)(h) UK GDPR): The processing of your health data is necessary for the provision of healthcare, including the assessment of your suitability for treatment by independent prescribers and the dispensing of medication by our partner pharmacy. This processing is carried out by or under the responsibility of a health professional subject to professional obligations of confidentiality.

4. Access to NHS Records and Your GP

To support safe and effective prescribing, our independent prescribers may need to access your medical history. By using our services, you may be asked to provide your explicit consent for the following:

4.1 Summary Care Record (SCR)

The NHS Summary Care Record is an electronic record of your key health information (including medications, allergies, and adverse reactions) created from your GP medical records. With your explicit consent, our independent prescribers may access your Summary Care Record to:

verify information you have provided during the consultation (such as current medications and known allergies);

identify potential contraindications, drug interactions, or safety concerns before issuing a prescription; and

support safe and clinically appropriate prescribing decisions, particularly for higher-risk medicines or where there is clinical uncertainty.

Access to your SCR will only be sought where clinically necessary and with your explicit consent. You are not obliged to consent, but if you do not, the prescriber may not be able to proceed with prescribing where they determine that SCR access is necessary to make a safe clinical decision.

4.2 Contacting Your GP

With your consent, our independent prescribers may contact your registered GP or other healthcare providers in order to:

obtain or verify relevant aspects of your medical history where this is clinically necessary;

notify your GP of any treatment or prescription issued to you through our service, to support continuity of care; and

make an onward referral where the prescriber considers this appropriate for your safety or wellbeing.

We will ask for your consent before making such contact. If you decline consent, the prescriber will take this into account in their clinical decision-making and may decline to prescribe where they consider that safe prescribing requires access to your medical history or GP communication.

4.3 Legal Basis

The processing of your personal data (including health data) for the purposes of accessing your SCR and contacting your GP is based on:

Your explicit consent (Art. 9(2)(a) UK GDPR): We will obtain your specific, informed consent before accessing your SCR or contacting your GP.

Health or social care purposes (Art. 9(2)(h) UK GDPR): Such processing is necessary for the provision of healthcare and is carried out by or under the responsibility of a healthcare professional subject to obligations of professional confidentiality.

You may withdraw your consent at any time by contacting us. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal, and may affect our ability to continue providing services to you.

5. Cookies

Our Website uses cookies and similar technologies to distinguish you from other users, to provide you with a good experience, and to improve our Website. Detailed information about the cookies we use, their purposes, durations, and how to manage your cookie preferences is set out in our separate Cookie Notice [INSERT LINK TO COOKIE NOTICE].

We recommend that you review the Cookie Notice for full details. In summary, we use the following categories of cookies:

Strictly necessary cookies: Required for the operation of our Website (e.g. login, shopping cart).

Analytical/performance cookies: Allow us to measure and improve the performance of our Website.

Functionality cookies: Enable personalisation and remember your preferences.

Targeting cookies: Record your visits and browsing to deliver more relevant advertising.

You can manage your cookie preferences at any time by clicking the cookie settings link on our Website, or through your browser settings. Blocking all cookies may affect the functionality of our Website.

In addition to cookies, we use other similar tracking technologies on our Website, including web beacons (small transparent image files embedded in web pages or emails that allow us to track page views or email opens) and local storage (a browser feature that stores data locally on your device for similar purposes to cookies). These technologies are subject to the same consent requirements as cookies, where applicable.

Please note that some cookies on our Website store personal data about authenticated users, including name, email address, gender, and marketing preferences. This data is processed in accordance with Section 3 of this Privacy Notice and is protected by our cookie consent mechanism. Functionality cookies that store personal data are only placed on your device with your consent.