Privacy Policy

Thank you for visiting our website www.medlab.com. This policy describes how we handle your private information submitted via this site or email enquiries to the associated email addresses.

MedLab operates under TESTCARD DIAGNOSTICS LTD,
(Registered Company No 10764577 – 47 Cayley Lane, Brompton by Sawdon, North Yorkshire, YO13 9DL) ("We"), the data controller.

It is important that you read this Policy as it is our way of telling you how we collect, store and use any personal information which you give to us or that we collect from you. "Personal information" is information that identifies (or from which we can identify) who you are as an individual, for example your name or address.

Sometimes we might ask you to read another policy when we collect other personal information about you, to make sure that you understand how we will use it and why we need to collect it. This Policy is the important and should be read with any other policy which we might ask you to read on other occasions.

If you want to ask us any questions about this Policy you can contact us via support@medlab.com.

Why we need to collect your personal information

We promise to respect and look after your personal information in accordance with the relevant data protection law in the UK. We will use your personal information for the following reasons:

  • If we need to for the interests of our business (this is called our “legitimate interests”) or the interests of another organisation we work with. For example, we may need to use your personal information to run and manage our business and the website. We may also use it to make sure that the website is safe for you to use and that it is working properly;
  • To make sure that we comply with any relevant law and regulations.

Before we use your personal information for our legitimate interests, we promise to think about what impact it will have on you. If we decide that your interests are more important than our legitimate interests, we will not use your personal information, unless the law says that we can or if you give us your permission to use it.

Types of personal data we collect and when we collect it

We may collect, use, store and transfer different types of personal information about you such as:

  • Profile and contact information. If you want to send an enquiry or purchase a test kit, we ask you for a name and contact details such as your email address and phone number that we can send our reply to as well as asking you for your address and other optional details related to the purchase.
  • Personal and Health information These details are required in order to provide you with accurate results for your test samples. Age, gender and ethnicity can effect the safe zones for results.
  • Technical Information which is information about the computer you use to visit our website, such as its IP address (this is an address, but for computers!), the browser you use (including the version and plug-ins), the time zone and location setting, operating system and other technology on the device you use to access our website. We collect this information automatically when you browse our website through something called log files and cookies. Please click here to find out more about cookies.
  • Usage Data which is information about how you use our website, for example what pages on our website you visit the most. We collect this information automatically when you browse our website through the use of cookies and other similar technologies. Please click here to find out more about cookies.

Sometimes we might combine your Usage Data with other people’s Usage Data. This is called “Aggregated Data”. Although it does not tell us who you are, it does allow us to find out how many people like to visit our website, which pages people visit the most and where visitors to our site are located. If we need to combine or connect Aggregated Data with your personal information so that it reveals who you are, we promise that we will keep this information safe.

If you do not want to give us your email address and screen name, you can give us a call on 0800 002 9800 instead.

Information we collect from third parties

Sometimes we may be given information about you from other organisations (who we call third parties) but we promise to do our best to make sure that they are legally allowed to give us this information. Information we may receive from third parties includes information about the country you are from, the device used to visit our website (including IP addresses) and what pages you like to look at online.

How we use your information

The law says that we have to tell you what we use your personal information for, why we need to use it, and which part of the law allows us to use it (this is called the legal basis of processing). If you want more information about this, you can ask us by contacting us support@medlab.com. We may use and share your personal information for the following reasons:

  • To send replies to enquiries

Please remember that you can always choose to stop receiving enquiry replies at any time by contacting us via support@medlab.com.

  • To process accurate results for test kit samples
  • To protect the website and our business

We may use your personal information to help us monitor and improve the website, which includes troubleshooting, statistical and data analysis, testing, system maintenance and support. We also use your information as part of our mission to keep our website and business safe and secure. We need to do this to run our business and protect the network and the IT system we use to operate our website. We may also need to use your information to help us if we decide to change the way our business is structured or operates.

We promise that we will only use your personal information for the reasons for which we collected it, but we may need to use it for another lawful reason which is similar to the reason we collected it for in the first place, we will only do this where we believe the law allows us to do so, and never if we feel it would adversely affect your privacy to do so. If it turns out that we need to use your personal information for a very different reason, we will contact you and explain why the law allows us to use it for these different reasons.

Please remember that sometimes we can use your personal data without your permission if the law says that we have to, or that we are able to.

When will we share your personal information?

Sometimes we ask third parties to do a job for us and in order for them to do this job, they may ask us for your personal information. We do all that we can to ensure that third parties treat your personal information with respect and that they only use it how we tell them to and in accordance with the law.

These are the third parties we share your personal information with:-

  • IT Support Providers, whose job it is to help us make sure that our computer systems are working properly, to help us if something goes wrong and that all personal information we collect is stored and backed up safely and securely.
  • Another business, if we choose to sell or transfer, all or part of our business to another business, or wish to be a part of another business. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this Policy.
  • Other organisations, if the law says that we have to, or if we have to in order to protect our business and users of our website.
  • People who help our business, such as our lawyers, bankers, auditors and insurers.

We promise that we shall not share your personal data with any third parties for marketing purposes.

Third Party Websites

Our website may include links to other websites, plug-ins and apps which we do not own or control. If you click on those links, activate the plug-ins or apps, (for example if you click on link to share our content to your Facebook, Twitter, OK, VK or Google Plus account, or choose to post a comment through your WordPress, Facebook, Google Plus or Twitter account) you may allow third parties to collect or share information about you. Because we do not control these other websites, we are not responsible for their privacy notices or how they will handle your personal information. When you leave our website, we strongly suggest that you read the privacy notice of every website that you visit.

Where will we store your personal data?

All personal information that you provide to us or that we collect is stored on our secure servers. We promise that we will do our best to ensure that your personal information is treated securely.

We have appropriate security measures in place (such as encrypted passwords) to protect your personal information from being accidentally lost, used or accessed by someone who does not have permission to access it. We only give access to your personal information to people who need to access it in order to carry out their job such as our website admins. They will only use your personal information in the way we tell them to and they promise to keep it secret.

We have procedures to deal with any suspected breaches of personal information and if the law requires us to, we will tell you (and any regulator) if there has been a breach.

Although we will do everything we can to protect your personal information, you must understand that anything you submit to us through the internet is at your own risk. Once we have received your personal information, we shall use our safeguards and security features to try to protect it and prevent any unauthorised access to it to the best of our ability.

How long will we keep hold of your personal information

We will only keep your personal information for as long as necessary to achieve the reasons for which we told you that we needed it for in the first place. If we hold data about you, and you think we no longer need to you can ask us to review our decision.

We think about lots of things when we figure out how long we need to hold on to your personal information, such as why we need it (and whether we really need it), how much information we hold, what the information is (and whether it is sensitive) and any potential risk of harm to you if it is accessed by someone without permission.

In some circumstances we may anonymise your personal data (so that it can no longer identify you) for research or statistical purposes. If we do this, we may use this information for as long as we like without needing to let you know.

Your rights

Under certain circumstances, the law gives you the following rights:

  1. to request that we provide you with a copy of the personal information that we hold about you (“Access Request”);
  2. to request that we correct any personal information that we hold about you which is wrong (“Right to Rectification”);
  3. to request that we delete any personal information that we hold about you (“Right to be Forgotten”);
  4. to restrict how we use your personal information (“Restriction of Processing”);
  5. to get a copy of all personal information that we hold about you in an accessible format and have this information sent to another organisation (“Data Portability”);
  6. to object to our processing your personal information in certain ways (“Right to Object”); and
  7. to withdraw your consent at any time to our processing of your personal information (where this was the basis on which we were processing it)

You are able to exercise these rights yourself as long as we believe that you understand what the rights are as well as what happens when you ask us to exercise them. If under 18 years old you may also ask your parents or an adult responsible for you to exercise these rights for you.

For further information about these rights and how you can exercise them, please email us at support@medlab.com.

If for any reason you are unhappy and do not like the way we have treated your personal information, please contact us and we will be happy to help you. If you are still unhappy after speaking to us, you can always make a complaint to the Information Commissioner’s Office.