Privacy Policy
Last updated: 27 February 2026
This privacy policy explains how CompareMeds (“we”, “us”, “our”) collects, uses, and protects your personal data when you use ukmedcheck.co.uk (the “Site”). We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Data we collect
1.1 Data you provide
If you sign up for our email newsletter or use our contact form, we collect your email address and any information you voluntarily provide. We do not collect health or medical data.
1.2 Data collected automatically
When you visit the Site, we may automatically collect:
- IP address (anonymised before storage)
- Browser type and version
- Pages visited and time spent on each page
- Referring website
- Device type (mobile, desktop, tablet)
This data is collected via Google Analytics 4 with IP anonymisation enabled. It is used in aggregate form only to improve the Site.
2. Cookies
We use cookies to:
- Remember your preferences (e.g. cookie consent)
- Measure site traffic via Google Analytics 4 (analytics cookies)
- Track affiliate referrals for commission purposes (see our Disclosure policy)
You can control cookies via your browser settings. Disabling analytics cookies will not affect your ability to use the Site. We do not use advertising cookies for retargeting.
3. How we use your data
We use personal data to:
- Provide and improve the Site
- Send the email newsletter you signed up for (with your consent)
- Respond to accuracy reports and enquiries
- Comply with legal obligations
We do not sell your personal data to third parties. We do not use your data for automated decision-making or profiling.
4. Legal basis for processing
| Processing activity | Legal basis |
|---|---|
| Analytics (aggregate, anonymised) | Legitimate interests |
| Email newsletter | Consent (opt-in) |
| Enquiry responses | Legitimate interests / Contract |
| Affiliate tracking | Legitimate interests |
| Legal compliance | Legal obligation |
5. Data retention
Analytics data is retained for 14 months in Google Analytics, after which it is automatically deleted. Email addresses for our newsletter are retained until you unsubscribe. Enquiry records are retained for up to 12 months.
6. Your rights under UK GDPR
You have the right to:
- Access the personal data we hold about you
- Rectify inaccurate personal data
- Erase your personal data (“right to be forgotten”)
- Restrict processing of your data
- Object to processing based on legitimate interests
- Withdraw consent at any time where processing is based on consent
- Complain to the Information Commissioner's Office (ICO) at ico.org.uk
To exercise any of these rights, contact us at privacy@ukmedcheck.co.uk. We will respond within 30 days.
7. Third-party services
We use the following third-party services that may process your data:
- Google Analytics 4 — website analytics (data processed in the EU/UK)
- Vercel — website hosting (data processed in the EU/UK)
- Supabase — database infrastructure (EU region)
All third-party providers are required to process data in accordance with UK GDPR and to implement appropriate technical and organisational security measures.
8. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These include encryption in transit (TLS/HTTPS), access controls, and regular security reviews.
9. Changes to this policy
We may update this privacy policy from time to time. We will notify newsletter subscribers of material changes. The “last updated” date at the top of this page reflects when the policy was last revised.
10. Contact
For privacy-related enquiries, contact us at privacy@ukmedcheck.co.uk.