Privacy Policy
How we protect and respect your personal data
St John's Pharmacy Privacy Policy
Last updated: 30 May 2026
St John's Pharmacy ("we", "us" or "our") is committed to protecting your privacy. This Privacy Policy explains what personal data we collect when you visit our website or contact us, how we use it, and the rights you have under the General Data Protection Regulation (EU) 2016/679 (the "GDPR") and Malta's Data Protection Act.
1. Who we are
St John's Pharmacy is the data controller responsible for your personal data. You can reach us at:
- Address: 85, Independence Street, Xewkija, Gozo, XWK1028, Malta
- Phone: +356 21563052
- Email: info@stjohnpharma4u.com
2. The information we collect
Information you provide to us
When you use our contact form, or contact us by phone, email or social media, we may collect:
- Your full name;
- Your contact number;
- Your email address;
- The contents of your message or enquiry.
If your enquiry relates to a medical appointment, a prescription or a health matter, you may choose to share health-related information with us. Please only share what is necessary, and be aware that detailed clinical care is handled directly by the relevant pharmacist or specialist.
Information collected automatically
When you visit our website, limited technical information may be processed by our hosting provider and the third-party services embedded in our pages (for example, your IP address, browser type and pages visited). We also store a small preference on your device to remember your cookie choice (see section 4).
3. How we use your information and our legal bases
We use your personal data only where we have a lawful basis to do so under the GDPR:
- To respond to your enquiries and provide the information or services you request — based on your consent and/or our legitimate interest in answering you and on taking steps at your request before entering into a transaction.
- To operate, secure and improve our website — based on our legitimate interest in running a safe and functional website.
- To remember your cookie preferences — based on your consent.
- To comply with legal and regulatory obligations that apply to a licensed pharmacy — based on compliance with a legal obligation.
Where we rely on consent, you can withdraw it at any time (see section 8). Where health-related data is involved, we process it only with your explicit consent or as otherwise permitted for the provision of healthcare.
4. Cookies and similar technologies
When you first visit our website you are shown a cookie banner. The only preference we store directly is your cookie choice (a value named cookieConsent), kept in your browser's local storage and/or as a cookie so we do not ask you again on every visit.
Some features we embed from third parties may set their own cookies or process technical data (such as your IP address) when they load. These are controlled by the providers listed in section 5:
- Google Maps and the Facebook Messenger chat are blocked until you accept cookies. If you decline, they are not loaded and set no cookies. If you accept, they load and may set their own cookies.
- Google Fonts is used on all pages to display our typography. It does not set cookies, but your IP address is shared with Google in order to deliver the fonts.
You can change or clear your preference at any time using our cookie preferences page, or by clearing cookies and site data in your browser settings.
5. Third-party services
Our website uses the following third-party services, each of which has its own privacy policy:
- Google Maps & Google Fonts (Google Ireland Ltd) — to display our location and load fonts. See Google's Privacy Policy.
- Facebook / Messenger chat & social links (Meta Platforms Ireland Ltd) — to let you message us and to link to our social pages. See Meta's Privacy Policy.
- Instagram (Meta Platforms Ireland Ltd) — for our social media presence. See Instagram's Privacy Policy.
We do not control how these providers process data through their own services. Some of them may transfer data outside the European Economic Area (EEA); where they do, they are required to use appropriate safeguards such as the European Commission's Standard Contractual Clauses.
6. Sharing your information
We do not sell your personal data. We only share it where necessary:
- with the pharmacist, doctor or specialist relevant to your enquiry or appointment;
- with trusted service providers who help us operate our website or communications, under appropriate confidentiality and data-protection terms;
- where we are required to do so by law, regulation or a valid request from a competent authority.
7. How long we keep your data
We keep personal data only for as long as necessary for the purposes described in this policy, to maintain our business records, or to meet legal and regulatory obligations that apply to a pharmacy. When data is no longer needed, we securely delete or anonymise it.
8. Your rights
Under the GDPR, you have the right to:
- access the personal data we hold about you;
- request correction of inaccurate or incomplete data;
- request erasure of your data ("right to be forgotten");
- restrict or object to our processing of your data;
- request the transfer of your data (data portability);
- withdraw consent at any time, where processing is based on consent.
To exercise any of these rights, please contact us using the details in section 1. We will respond within the timeframes required by law.
9. Data security
We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss or misuse. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.
10. Children's privacy
Our website is not directed at children, and we do not knowingly collect personal data from children without the consent of a parent or guardian. If you believe a child has provided us with personal data, please contact us so we can remove it.
11. Complaints
If you have a concern about how we handle your personal data, please contact us first so we can try to resolve it. You also have the right to lodge a complaint with Malta's supervisory authority:
- Information and Data Protection Commissioner (IDPC)
- Website: idpc.org.mt
12. Changes to this policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised "Last updated" date. We encourage you to review it periodically.
13. Contact us
If you have any questions about this Privacy Policy or how we handle your data, please contact us at info@stjohnpharma4u.com or call +356 21563052.