This policy applies to information we collect when you choose to use this website, and also to personal information which we process further to supplying services to you.
This website is owned by RD Biomed Limited and our registered office is at Daisy Building (2nd Floor), Castle Hill Hospital, Castle Road, Cottingham, Hull HU16 5JQ, United Kingdom.
Who we are
RD Biomed (‘we’ or ‘us’) are a ‘data controller’ for the purposes of the Data Protection Act 1998 and as of 25 May 2018, the General Data Protection Regulation (‘GDPR’) (as applicable the “Legislation”) where we control the purposes for which we process your personal information.
Any questions about our data protection policy or how we handle your personal data should be addressed to Daisy Building (2nd Floor), Castle Hill Hospital, Castle Road, Cottingham, Hull HU16 5JQ. (See Contact information below.)
What information do we collect?
Personal information provided by you
We collect personal information about you (such as your name, address, credit card details and contact details), for example your email address when you register with us or purchase products.
Personal information provided to and by third parties
We shall transfer your personal information to our service provider SightGround who hosts the Website and stores your personal information if you purchase our products.
Personal information about other individuals
If you give us information on behalf of someone else, such as a child for whom you are legally responsible, you confirm that either;
(1) the other person has a contractual relationship with you and knows that you will be transferring their personal data to us for specific purposes and/or
(2) s/he has appointed you to act on his/her behalf and has agreed that you can:
- give consent on his/her behalf to the processing of his/her personal data
- receive on his/her behalf any data protection notices
- give consent to the processing of his/her sensitive personal data (as listed below).
For example, we may monitor how many times you visit the website, which pages you go to, traffic data, location data and the originating domain name of a user’s internet service provider, to improve the user’s experience whilst visiting the website, and better understand how you use it. This information helps us to build a profile of our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.
You can set your browser not to accept cookies and the websites below tell you how to remove cookies from your browser. However, some of our website features may not function as a result.
How will we use the information about you?
We collect information about you so that we can:
- identify you and manage any accounts you hold with us;
- provide the Product requested;
- send a diagnostic letter to you outlining the details of your test results which we encourage you to share with your GP;
- detect and prevent fraud;
- customise our website and its content to your particular preferences;
- notify you of any changes to our website or to our services that may affect you
- improve our services
Our questionnaire and email newsletter
We may use any information submitted to us by you to provide you with further information by email about the products we offer which you have requested.
As part of our services we also supply an email questionnaire which we use to ask you about your experiences, where you can give us user feedback relating to the products. We may also send you medical and health related newsletters which we consider may be of interest to you and which relate to the product supplied by us. You can choose to unsubscribe at any point by clicking on the link at the bottom of the email.
Who your information might be shared with
We may disclose your personal data to:
- other companies within our group
- our agents, associates and service providers
- law enforcement agencies in connection with any investigation to help prevent unlawful activity
Keeping your data secure
Our staff and associates are bound by obligations of confidentiality and trained in the protection of personal data. We comply with the Legislation and use the appropriate technical and organisational measures necessary to safeguard your personal data. We only share your personal data with third parties who also comply with the Legislation.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that is transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘How can you contact us?’ below).
We only send your data outside the EEA where we have in place a legal agreement which complies with the Legislation.
What can I do to keep my information safe?
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We store the personal data that relates to your test results on secure servers:
- for a period of up to 10 years from the date on which you first completed a test in order to allow you to access your test data. However, we shall regularly review this information in conjunction with you and shall delete it if you so request;
- until you ask us to destroy it
in each case unless the law requires us to store the data for a longer period.
What rights do you have?
The GDPR provides the following rights for individuals whose personal data is processed:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object to processing
- Rights in relation to automated decision making and profiling [(We do not carry out automated decision making and profiling)]
Right to access – i.e. to request a copy of your information
You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy of some or all of it, please:
- write to us at RD Biomed Limited, Daisy Building (2nd Floor), Castle Hill Hospital, Castle Road, Cottingham, Hull HU16 5JQ or email firstname.lastname@example.org; and
- let us have proof of your identity (a copy of your driving licence or passport); and
- let us know what information you want.
Right to correct any mistakes in your information
You can require us to correct any mistakes in your information which we hold free of charge. If you would like to do this, please:
- email or write to us (see ‘How can you contact us?’ below)
- let us have enough information to identify you
- let us know the information that is incorrect and what it should be replaced with.
Right to remove your details from our records or restrict how we use your information
You can ask us to stop contacting you for particular purposes or remove your information completely from our records. There may be a legal reason why we need to keep your personal data and in that circumstance we will destroy your personal information as soon as we are legally entitled to do so. If you would like us to stop contacting you with information about our services, please:
- email or write to us (see ‘How can you contact us?’ below). You can also click on the ‘unsubscribe’ button at the bottom of the email and/or newsletter
- let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone).
Right to lodge a complaint with the Supervising Authority
If you have any concerns or complaints about how we use your personal data we hope you will alert us to these directly (see the Contact information below). If you are still unhappy you are entitled to complain to the Information Commissioners Office (ICO) which is the supervising authority in the UK. Their contact details and the procedure can be found at www.ico.gov.uk
How to contact us
If you wish to contact us about any other matter, please send an email to email@example.com or write to us at RD Biomed Limited, Daisy Building (2nd Floor), Castle Hill Hospital, Castle Road, Cottingham, Hull HU16 5JQ.
RD Biomed Limited
[ March ] 2018