UK GDPR Compliance
This page explains how TRICARE Prescription Explorer complies with the UK General Data Protection Regulation (UK GDPR), which governs the processing of personal data in the United Kingdom. While our website is informational and does not require user registration or store personal data in a database, we remain committed to transparency and respect for your rights under UK GDPR.
Scope and Applicability
The UK GDPR applies to any processing of personal data relating to individuals in the UK. Although TRICARE Prescription Explorer does not collect personal information through forms, accounts, or registrations, we may automatically collect limited data such as IP addresses, browser type, and usage patterns via analytical tools like cookies and server logs. This data is processed solely for website functionality, performance monitoring, and improving user experience.
Your Rights Under UK GDPR
Under the UK GDPR, you have the following rights in relation to your personal data:
- Right of access – You may request confirmation of whether we process any personal data about you and obtain a copy of that data.
- Right to rectification – If any personal data we hold about you is inaccurate or incomplete, you may request correction.
- Right to erasure – You may request deletion of your personal data, where applicable.
- Right to restrict processing – You may request that we limit how we use your data under certain conditions.
- Right to data portability – Where processing is based on consent or contract, you may request your data in a structured, commonly used format.
- Right to object – You may object to our processing of your data based on legitimate interests, including profiling.
How We Comply
TRICARE Prescription Explorer complies with UK GDPR by:
- Minimising data collection to only what is necessary for website operation.
- Using anonymised or pseudonymised data where possible in analytics.
- Providing clear cookie consent mechanisms.
- Not sharing personal data with third parties for commercial purposes.
- Maintaining internal records of data processing activities.
Data We Process
Any personal data we process is limited to:
- IP addresses (temporarily logged for security and performance)
- Browser and device information (for compatibility and analytics)
- Cookie identifiers (for session management and preference retention)
No names, email addresses, phone numbers, or other directly identifiable information is collected, stored, or processed.
Legal Basis for Processing
Our processing of personal data is based on the following lawful grounds under UK GDPR:
- Legitimate interests – To ensure the website functions securely and efficiently.
- Consent – For non-essential cookies, we obtain explicit user consent via our cookie banner.
How to Exercise Your Rights
To exercise any of your rights under UK GDPR, please contact us by email at [email protected]. Include your full name and a clear description of your request. We will respond without undue delay and within one month of receipt.
Response Timeframes
We are required by UK GDPR to respond to your requests within one calendar month. In complex cases, we may extend this period by two further months, and we will notify you if this is necessary.
No Discrimination Policy
We will not deny you access to our website, charge you fees, or provide you with a different level of service because you have exercised your rights under UK GDPR.
Updates and Changes
We may update this compliance page periodically to reflect changes in law or our practices. The most recent version will always be posted here with an updated effective date. You are encouraged to review this page regularly.
Contact Information
If you have questions about this UK GDPR compliance page or wish to exercise your rights, please contact:
Madeline Sterling
96 Bulwer Street, Perth WA 6000, Australia
Email: [email protected]
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk if you believe your data protection rights have been infringed.
