Press "Enter" to skip to content

£7M deal, zero privacy basics: Puro, IPS Pharma, and the NPA

By Kieron JH on August 31, 2025 9:34 pm
Public Interest Data Rights

£7M deal, zero privacy basics: Puro, IPS Pharma, and the NPA

By Kieron JH • Last updated 31 Aug 2025

In July, IPS Pharma announced a £7M plus import agreement with New Zealand producer Puro. Big money, big promises. Then you look for the privacy paperwork that should be table stakes in 2025. What turns up is a pattern. Puro has no published privacy policy. IPS still shows 2018. The NPA footer links for legal policies do not work. For a sector that touches medical data, this is not a small thing.

Patients are told the industry is built on quality, compliance, and transparency. The websites tell another story.

What we checked

  • Puro website for a published privacy policy or privacy notice.
  • IPS Pharma website for a current privacy policy and last updated date.
  • National Pharmacy Association website footer links for Privacy, Cookies, and Terms.

Puro — privacy policy missing

Puro is New Zealand’s largest certified organic medical cannabis producer, now tied to a £7M plus UK import deal. Yet as of publication, their website carries no visible privacy policy or privacy notice. That means no stated purpose for processing, no rights information, and no data contact. For a company entering the UK and EU patient supply chain, this is a compliance failure.

Puro site showing no privacy policy link
Puro site capture. No privacy notice link presented.

IPS Pharma — privacy policy shows 2018

IPS Pharma’s published privacy policy still shows “Last updated: May 2018”. Seven years is a long time in data protection. Laws, regulator guidance, and internal practices have evolved. Keeping a 2018 banner in 2025 suggests the notice has not been refreshed to reflect current processing or the clarity required for patients.

IPS Pharma privacy policy showing May 2018
IPS Pharma privacy policy capture. “Last updated: May 2018.”

NPA — footer legal links fail

The National Pharmacy Association website footer has links for Privacy, Cookie Policy, and Terms. Each loops users back to the homepage instead of a legal page. For a body positioning itself as a compliance leader and insurer to IPS, broken links on legal policies are a major transparency issue.

NPA footer legal links redirect back to homepage
NPA site capture. Footer links to privacy policies fail, redirecting to homepage.

Why this matters

  • Healthcare related companies handle sensitive data. Privacy notices are not decoration, they are legal requirements.
  • Patients need to know what is collected, why, for how long, and how to exercise their rights.
  • Supply chains share data across borders. Clarity is essential for accountability and for safe patient access.

Independence note. The Reasonable Adjustment is independent. No payments are accepted that restrict lawful public interest reporting. Confidentiality will only be agreed for personal data or narrowly defined technical information that is not material to accountability. This article does not publish special category personal data. Site captures and logs are retained for evidence and accountability. Contact: [email protected].

Published in Accountability, Articles, Cyber, Data, Food For Thought and IPS Pharma

More from AccountabilityMore posts in Accountability »
More from ArticlesMore posts in Articles »
More from CyberMore posts in Cyber »
More from DataMore posts in Data »
More from Food For ThoughtMore posts in Food For Thought »
More from IPS PharmaMore posts in IPS Pharma »

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *