Terms of Service

Last Updated: 30 March 2026 • Version 3.0 (NHS Integration)

1. Agreement to Terms

By accessing or using RxSure© ("the Platform"), you agree to be bound by these Terms of Service ("Terms"). If you disagree with any part of these Terms, you may not access the Platform.

These Terms constitute a legally binding agreement between you and RxSure© regarding your use of our pharmacy compliance and private services platform.

2. Description of Service

RxSure© provides a digital platform for UK pharmacies to:

  • Manage appointment bookings for private clinical services
  • Conduct guided clinical consultations
  • Generate compliant documentation (prescriptions, certificates, GP notifications)
  • Track compliance requirements (training, DBS, insurance)
  • Maintain audit trails for GPhC inspections
  • Process patient payments (via your own payment accounts)

3. NHS Integrated Services

RxSure integrates with NHS England digital services to enable pharmacy organisations to deliver NHS clinical services. When using NHS-integrated features, the following additional terms apply:

  • a) NHS Data Access: Access to NHS patient data (via the Personal Demographics Service, MESH, and other NHS APIs) is provided through authenticated sessions using NHS Care Identity Service 2 (CIS2). Users must authenticate with valid NHS credentials to access NHS data.
  • b) Permitted Use: NHS patient data accessed through the platform must only be used for the delivery of direct patient care in connection with NHS pharmacy services. Use of NHS data for marketing, research (without appropriate approvals), or any purpose other than direct patient care is strictly prohibited.
  • c) NHS Data Handling: Patient data retrieved from NHS services must be handled in accordance with NHS data sharing agreements, the NHS Code of Practice on Confidential Information, and the Caldicott Principles. You must not share, export, or transfer NHS patient data outside of the platform except through approved NHS pathways (e.g., MESH messaging to GP practices).
  • d) CIS2 Authentication: Healthcare professionals accessing NHS-integrated features must authenticate using NHS CIS2. You are responsible for ensuring that only appropriately registered healthcare professionals (e.g., GPhC-registered pharmacists) use NHS-authenticated features within your organisation.
  • e) Service Availability: NHS-integrated features depend on the availability of NHS England services (PDS, CIS2, MESH). We do not guarantee the availability of NHS services as they are operated by NHS England. In the event of NHS service unavailability, non-NHS features of the platform will continue to operate normally.
  • f) Compliance Obligations: Pharmacy organisations using NHS-integrated features must maintain current DSPT (Data Security and Protection Toolkit) compliance and comply with all NHS information governance requirements applicable to their use of NHS data.

4. Eligibility

To use the Platform, you must:

  • Be a registered pharmacy or healthcare professional in the United Kingdom
  • Hold valid GPhC registration (or equivalent professional registration)
  • Have the legal authority to bind your organisation to these Terms
  • Be at least 18 years of age

4. Account Registration

4.1 Account Creation

You must provide accurate and complete information when creating an account. You are responsible for maintaining the confidentiality of your account credentials.

4.2 Account Security

You must:

  • Keep your login credentials secure and confidential
  • Notify us immediately of any unauthorised access
  • Not share your account with unauthorised users
  • Log out after each session on shared devices

5. Subscription and Payment

5.1 Pricing

  • Pharmacy Website: £1,800 one-time (excl. VAT)
  • Private Prescribing: £199/month (excl. VAT) with 1 month free trial
  • Enterprise: Custom pricing
  • University & Education: £50/student/year

5.2 Payment Terms

  • Subscriptions are billed monthly or annually in advance
  • All prices are in GBP and exclude VAT where applicable
  • Payment is due upon invoice
  • We accept major credit/debit cards and bank transfers

5.3 Cancellation

  • You may cancel your subscription at any time
  • Cancellation takes effect at the end of the current billing period
  • No refunds for partial billing periods
  • Data export is available for 30 days after cancellation

6. Use of the Platform

6.1 Permitted Use

You may use the Platform only for lawful purposes related to your pharmacy or healthcare practice, in accordance with all applicable laws and regulations.

6.2 Prohibited Activities

You must not:

  • Use the Platform for any illegal purpose
  • Violate any applicable healthcare regulations
  • Transmit viruses, malware, or harmful code
  • Attempt to gain unauthorised access to systems
  • Interfere with the Platform's operation
  • Scrape, copy, or harvest data without permission
  • Sublicense or resell access to the Platform
  • Misrepresent your identity or professional status

7.3 NHS Data Restrictions

When accessing NHS patient data through the platform, you must not:

  • Access patient records without a legitimate clinical relationship with the patient
  • Share NHS patient data with unauthorised third parties
  • Use NHS patient data for purposes other than direct patient care
  • Attempt to access NHS services using another person's CIS2 credentials
  • Store NHS patient data outside of the RxSure platform
  • Export bulk patient data from NHS services
  • Use NHS data for commercial purposes unrelated to NHS service delivery

8. Clinical Responsibility

Important: RxSure© is a platform tool only. All clinical decisions, prescribing, and patient care remain the sole responsibility of the registered healthcare professional using the Platform.

  • The Platform provides workflow guidance based on clinical protocols
  • Questionnaires are based on SmPC and clinical guidelines but are tools, not clinical advice
  • You must exercise independent clinical judgement
  • You are responsible for ensuring appropriate patient care
  • You must maintain appropriate professional indemnity insurance

8. Data Protection

8.1 Your Responsibilities

As a data controller for patient information, you are responsible for:

  • Obtaining valid consent from patients
  • Ensuring lawful basis for processing
  • Responding to patient data subject requests
  • Maintaining appropriate data security practices

8.2 Our Responsibilities

As a data processor, we will:

  • Process data only on your instructions
  • Implement appropriate security measures
  • Assist with data subject requests
  • Notify you of any data breaches

Please refer to our Privacy Policy for full details.

8.3 Data Processing Agreement

A Data Processing Agreement (DPA) is available and required for all pharmacies and prescribers processing patient data through the Platform. The DPA sets out:

  • The scope and purpose of data processing
  • Obligations of both controller (pharmacy) and processor (RxSure)
  • Sub-processor arrangements and approvals
  • Data subject rights handling procedures
  • Data breach notification obligations
  • Data return and deletion on termination

To request a copy of the DPA, contact contact@rxsure.co.uk.

8.4 Data Breach Notification

In the event of a personal data breach affecting your data:

  • We will notify you (as data controller) without undue delay and no later than 72 hours after becoming aware of the breach
  • Notification will include: nature of the breach, categories and approximate number of records affected, likely consequences, and measures taken
  • We will cooperate with you to fulfil your obligations to the ICO and affected individuals

Full details of our breach notification process are set out in our Privacy Policy.

9. Service Level Commitment

9.1 Availability

We target 99.9% uptime for the Platform, measured monthly, excluding scheduled maintenance windows. Scheduled maintenance will be carried out during off-peak hours (typically between 02:00 and 06:00 GMT) with at least 48 hours' notice for planned downtime.

9.2 Support Response Times

  • Critical issues (Platform unavailable, data loss risk): Response within 4 hours during business hours
  • High priority (major feature unavailable): Response within 8 hours during business hours
  • Standard issues (general queries, minor bugs): Response within 2 business days

9.3 Data Backup & Recovery

  • Automated daily backups of all platform data
  • Backups retained for a minimum of 30 days
  • Recovery point objective (RPO): 24 hours
  • Recovery time objective (RTO): 4 hours for critical services

10. Intellectual Property

9.1 Our Property

The Platform, including all software, content, trademarks, and materials, is owned by RxSure© and protected by intellectual property laws.

9.2 Your Content

You retain ownership of your data and content. You grant us a limited licence to process your data solely for providing the Platform services.

9.3 Restrictions

You may not:

  • Copy, modify, or create derivative works
  • Reverse engineer or decompile the Platform
  • Remove any proprietary notices
  • Use our trademarks without permission

11. Service Availability

10.1 Uptime

We aim for 99.9% uptime but do not guarantee uninterrupted access. We may perform scheduled maintenance with advance notice.

10.2 Modifications

We may modify, update, or discontinue features of the Platform. We will provide reasonable notice of material changes.

12. Limitation of Liability

To the maximum extent permitted by law:

  • We are not liable for any indirect, incidental, or consequential damages
  • Our total liability is limited to fees paid in the 12 months prior to the claim
  • We are not liable for clinical outcomes or patient care decisions
  • We are not liable for third-party services (payment processors, etc.)

Nothing in these Terms excludes liability for death, personal injury, or fraud.

NHS Service Limitations

We are not liable for any loss or damage arising from:

  • Unavailability or interruption of NHS England services (PDS, CIS2, MESH, ODS)
  • Inaccuracies in data provided by NHS services
  • Changes to NHS service specifications, APIs, or access requirements
  • Suspension or revocation of NHS API access by NHS England

Our liability for NHS-integrated features is limited to the extent that such features depend on third-party NHS services outside our control.

14. Indemnification

You agree to indemnify and hold harmless RxSure©, its officers, directors, and employees from any claims arising from:

  • Your use of the Platform
  • Your clinical decisions and patient care
  • Your breach of these Terms
  • Your violation of any laws or regulations
  • Your infringement of third-party rights

14. Termination

13.1 By You

You may terminate your account at any time by contacting us or through your account settings.

13.2 By Us

We may suspend or terminate your access if you:

  • Breach these Terms
  • Fail to pay fees when due
  • Engage in prohibited activities
  • No longer meet eligibility requirements

13.3 Effect of Termination

Upon termination:

  • Your access to the Platform will cease
  • You may request data export within 30 days
  • We may retain data as required by law
  • Provisions that should survive will remain in effect

15. Dispute Resolution

14.1 Informal Resolution

Before initiating formal proceedings, you agree to contact us to attempt informal resolution.

14.2 Governing Law

These Terms are governed by the laws of England and Wales.

14.3 Jurisdiction

The courts of England and Wales have exclusive jurisdiction over any disputes.

16. Changes to Terms

We may update these Terms periodically. We will notify you of material changes by:

  • Email notification
  • In-app notification
  • Posting on our website

Continued use after changes constitutes acceptance of the new Terms.

17. General Provisions

  • Entire Agreement: These Terms constitute the entire agreement between us
  • Severability: If any provision is unenforceable, the remainder stays in effect
  • Waiver: Failure to enforce a provision does not waive the right to do so
  • Assignment: You may not assign these Terms without our consent
  • Force Majeure: Neither party is liable for delays due to circumstances beyond reasonable control

18. Contact Information

For questions about these Terms:

Email: contact@rxsure.co.uk
Phone: +441613830950
Address: 934 Stockport Rd, Manchester M19 3AB, UK

Start Free Trial