Privacy Policy – PharmaAudit
Last updated: 04/06/26
Overview
PharmaAudit is a pharmacy audit and stock-management app designed to help pharmacy teams manage stock checks, expiry dates, waste records, record near misses, recall actions, and audit reports.
PharmaAudit can be used locally on a device. If Cloud Sync Beta is enabled, selected pharmacy data is securely synchronised between signed-in devices using a pharmacy workspace.
Data stored on device
PharmaAudit stores information entered by the user on the device, including:
- stock items, quantities, locations, expiry dates, and waste records;
- medicine names, barcodes, GTIN/2D barcode information, batch numbers, and serial numbers where scanned;
- staff names or initials entered into the app;
- near miss records and monthly near miss review information;
- expiry cycle checks and location check records;
- recall records, recall status, notes, and actions taken;
- pharmacy settings and report information.
Cloud Sync Beta
If a user signs in and enables Cloud Sync Beta, pharmacy workspace data may be transmitted to and stored using our cloud database provider so that it can be synchronised between signed-in devices.
Cloud Sync Beta may include:
- stock records and stock history;
- medicine product and barcode mappings;
- pharmacy locations;
- staff records;
- near miss records;
- expiry cycle settings and checks;
- recall records, recall status, notes, and actions;
- pharmacy workspace settings, such as pharmacy name, country, recall country, and price tracking preferences.
Cloud Sync Beta is optional. If Cloud Sync Beta is not used, app data remains stored locally on the device, except where the user manually exports or shares data.
Account information
If Cloud Sync Beta is used, PharmaAudit may process account information such as:
- email address;
- authentication/session information;
- pharmacy workspace name;
- workspace membership information.
This information is used to provide sign-in, password reset, workspace access, and device synchronisation.
Staff and audit information
PharmaAudit may store staff names or initials entered by the user to support audit records, including near miss logs, stock checks, expiry checks, waste records, and recall actions.
Users are responsible for ensuring that staff information entered into the app is appropriate for their organisation and that staff are informed about how the app is used.
Camera Permission
PharmaAudit uses the device camera solely for barcode and 2D barcode scanning.
No images or videos are recorded, stored, or transmitted by PharmaAudit when using the scanner.
Reports and exports
PharmaAudit can generate PDF and CSV reports. Reports are generated from the data stored in the app or synced workspace.
Exported files are created and controlled by the user. If a user shares or stores exported files outside the app, they are responsible for handling those files securely.
Backups
Users can create manual backup files. Backup files are created and managed by the user.
If a user stores, shares, emails, or uploads a backup file outside the app, they are responsible for keeping that file secure.
Cloud Sync Beta is not a replacement for the user’s own organisational data governance and backup responsibilities.
Third-party service providers
Where Cloud Sync Beta is used, PharmaAudit uses Supabase to provide authentication, database hosting, and synchronisation services.
Supabase may process data on our behalf to provide these services. We do not sell user data.
Purpose of processing
We process data to:
- provide the app’s stock, expiry, waste, recall, near miss, and reporting features;
- enable Cloud Sync Beta between signed-in devices;
- manage user accounts, sign-in, password reset, and pharmacy workspaces;
- provide support where a user contacts us.
Data retention
Data stored locally remains on the user’s device until the user deletes it, clears app data, restores a backup, or uninstalls the app.
Cloud Sync Beta data is retained while the pharmacy workspace/account remains active, unless deleted by the user or removed as part of account/workspace deletion or support processes.
Exported backup/report files are controlled by the user and retained wherever the user chooses to store them.
User control
Users can:
- add, edit, export, and delete data within the app;
- sign out of Cloud Sync Beta;
- delete local app data by clearing app storage or uninstalling the app;
- request support regarding cloud account or workspace data.
Data sharing
We do not sell user data.
We do not share pharmacy data with advertisers.
Data may be processed by service providers used to operate the app, such as cloud authentication and database providers, only for the purpose of providing the app service.
International transfers
Cloud service providers may process data in data centres outside the user’s country depending on service configuration and provider infrastructure. Where required, appropriate safeguards should be used by the service provider.
Security
PharmaAudit uses account-based access for Cloud Sync Beta. Users should keep their login details secure and only share access with authorised staff.
No system can guarantee absolute security. Users should ensure that their devices are protected with appropriate security controls, such as passcodes, device encryption, and controlled staff access.
Support contact
If you contact support, your email address and any information you provide will be used to respond to your query.
Support email: support@pharmaaudit.co.uk
Your rights
Depending on your location and applicable law, you may have rights in relation to personal data, including rights to access, correct, delete, restrict, or object to certain processing.
To exercise rights or ask questions about data handling, please contact us.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time, especially as Cloud Sync Beta and other app features develop.
The latest version will be made available within the app or on the PharmaAudit website.