Data Controller

This Privacy Policy explains how Aclepsa MedGuide, owned and operated by Laura Ledas, processes personal data in the United Kingdom.

Controller: Laura Ledas (Aclepsa MedGuide)

Address: 2 Drury Way, London NW10 0TH, United Kingdom

Email: [email protected]

Effective date: 14 October 2025

Scope and Applicability

This Privacy Policy applies to personal data collected through our website and services, including informational content, drug profiles, side-effect and interaction resources, pill identification features, symptom overviews, and related tools and communications. It does not apply to third-party websites, services, or content that we do not control.

Definitions

“UK GDPR” means the retained EU law version of the General Data Protection Regulation as it applies in the UK, read together with the Data Protection Act 2018. “Personal data” means information relating to an identified or identifiable individual. “Special category data” includes data concerning health.

Categories of Personal Data We Collect

Information you provide directly

  • Contact details: name, email address, and any information you include in enquiries or feedback.
  • Account or preference data (if applicable): saved settings, alerts, or content preferences.
  • Health-related data you choose to share: symptoms, conditions, medications, side effects, dosage information, and other inputs entered into tools (e.g., interaction checks, symptom overviews).
  • Uploads: pill images or other files submitted to use identification features.

Information collected automatically

  • Usage and device data: IP address, device identifiers, browser type, operating system, pages viewed, time and date of visits, referral URLs, and approximate location derived from IP.
  • Cookies and similar technologies: identifiers used for functionality, preferences, analytics, and, where applicable, advertising measurement.

Information from third parties

  • Service providers and partners: aggregated analytics or anti-abuse signals.
  • Public sources: information available in public registers or open sources for fraud prevention and service integrity.

Special Category Data (Health Information)

Where you choose to enter health-related information (e.g., symptoms, conditions, medication history) into our tools, we process that data to provide the requested functionality and content. We rely on your explicit consent to process special category data. You may withdraw your consent at any time by contacting us or by deleting your entries where such features are available, but this will not affect the lawfulness of processing before withdrawal.

Lawful Bases for Processing

  • Consent: for optional features, marketing communications, cookies requiring consent, and any processing of special category data.
  • Contract: to provide and maintain requested services or features you use.
  • Legitimate interests: to secure our services, prevent abuse, understand usage to improve content and tools, and to communicate service-related updates (balanced against your rights and expectations).
  • Legal obligation: to comply with laws, regulatory requests, and enforceable government orders.

Purposes of Processing

  • To provide, operate, and improve our informational content, pill identifier, symptom overviews, drug interaction checks, and related tools.
  • To respond to enquiries, provide support, and communicate important service notices.
  • To personalize content or remember preferences where you choose to enable such features.
  • To perform analytics that help us understand engagement and quality of our resources.
  • To maintain security, prevent fraud and misuse, and ensure service integrity.
  • To comply with legal obligations and exercise or defend legal claims.

Cookies and Similar Technologies

We use cookies, web beacons, and similar technologies to enable core site functionality, remember preferences, measure audience engagement, and improve our services. Where required by the Privacy and Electronic Communications Regulations (PECR), we obtain your consent before setting non-essential cookies. You may manage cookie preferences via your browser settings and, where available, our on-site controls. Blocking certain cookies may affect site functionality.

Disclosures and Recipients

We do not sell personal data. We disclose personal data only as necessary for the purposes described above and subject to appropriate safeguards.

  • Service providers (processors): hosting, cloud infrastructure, analytics, security and anti-abuse, error monitoring, content delivery, email and support tools, and image processing for pill identification.
  • Professional advisers: legal, compliance, and accounting advisers under confidentiality obligations.
  • Legal and regulatory: where required to comply with laws, enforce our rights, or protect users and the public from harm.
  • Business transfers: in connection with a restructuring, merger, or transfer of our services, subject to continuity of protections.

International Data Transfers

If personal data is transferred outside the United Kingdom, we use a lawful transfer mechanism, such as UK adequacy regulations, the International Data Transfer Agreement (IDTA), or the UK Addendum to the EU Standard Contractual Clauses, and implement supplementary measures where appropriate.

Data Retention

  • Account and service data: retained for the duration of your use and for a reasonable period thereafter to maintain records, resolve disputes, and meet legal obligations.
  • Enquiries and support correspondence: typically up to 24 months after resolution.
  • Health-related inputs: retained only as needed to provide the requested feature; we aim to delete or anonymize within 24 months unless you delete earlier or ongoing use requires retention.
  • Technical logs and security records: typically up to 12 months, unless needed longer for security or legal reasons.
  • Marketing preferences: retained until you opt out or request deletion.

We may retain data longer where required by law or to establish, exercise, or defend legal claims. When retention is no longer necessary, we delete or anonymize data.

Security

We implement technical and organizational measures designed to protect personal data, including access controls, encryption in transit (and at rest where applicable), least-privilege access, vulnerability management, and staff confidentiality obligations. No system is perfectly secure; we maintain incident response procedures to address potential events.

Your Rights Under UK Data Protection Law

  • Access: request confirmation and a copy of your personal data.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure: request deletion of your personal data in certain circumstances.
  • Restriction: request restriction of processing in certain circumstances.
  • Portability: receive your data in a structured, commonly used format and request transmission to another controller where technically feasible.
  • Objection: object to processing based on legitimate interests and to direct marketing at any time.
  • Withdraw consent: withdraw consent where processing relies on consent, without affecting prior processing.
  • Complain: lodge a complaint with the UK Information Commissioner’s Office (ICO).

Exercising Your Rights

To exercise your rights, please contact us using the details below. We may ask for information necessary to verify your identity and to locate the data. We will respond within the timeframes required by UK law. Where we act as a processor on behalf of another controller, we will direct your request to that controller, where appropriate.

Marketing Communications

We may send you service-related communications necessary to provide our services. We send marketing communications only with your consent or as otherwise permitted by law. You may opt out at any time by using the unsubscribe instructions in the message or by contacting us.

Children’s Privacy

Our services are intended for individuals aged 13 and over. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided personal data, please contact us so we can take appropriate action.

Automated Decision-Making and Profiling

We do not conduct automated decision-making that produces legal or similarly significant effects on individuals. We may use limited profiling (e.g., analytics-based audience insights) to improve content and services, without significant effects on individuals.

Third-Party Websites and Services

Our content may reference third-party resources. We are not responsible for the privacy practices or content of third parties. You should review their privacy policies when leaving our website or interacting with third-party services.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. Material changes will be communicated through our website or by direct notice where appropriate. The “Effective date” above indicates the latest revision.

Contact

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:

Laura Ledas (Aclepsa MedGuide)
2 Drury Way, London NW10 0TH, United Kingdom
Email: [email protected]

© 2025. All rights reserved.