Privacy policy

IMULAB LTD PRIVACY POLICY AND COOKIE POLICY

Last updated: 11th December 2025

1. INTRODUCTION

Welcome to IMULAB LTD’s Privacy Policy. We are committed to protecting your privacy and handling your data transparently, securely, and in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Purpose of This Notice

This notice explains how we collect, use, and protect your personal data, your rights concerning your data, and how you can contact us with any queries or concerns.

Who We Are

IMULAB LTD (β€œIMULAB”, β€œwe”, β€œus”) is the Controller of your personal data. This policy applies to all individuals whose data we process, including website visitors, customers, app users, and partners.

Contact Details

  • Company Name: IMULAB LTD
  • Address: Life Sciences and Innovation Centre, Inverness Campus, Inverness, IV2 5NA
  • Phone: 03450 678 123
  • Email: support@imulab.co
  • Data Protection Officer (DPO): Contactable at support@imulab.co

Changes to This Notice

We may update this policy periodically. Material changes will be communicated via our website, app, or email.

2. THE PERSONAL DATA WE USE

We collect and process personal data from different sources, including data you provide directly and data collected automatically through our website and services.

Types of Personal Data We Collect

  • Account Data: Name, contact details, account activity.
  • Contact Data: Delivery address, email, phone numbers.
  • Financial Data: Payment details, billing address, purchase history.
  • Health Profile Data: General health information provided by you.
  • ID Data: Information for identity verification (e.g., government-issued ID).
  • Test Result Data: Test results, doctor commentary, related analytics.
  • Technical Data: IP address, login data, device information, and usage data.
  • Marketing and Communications Data: Preferences for receiving marketing materials.
  • Aggregated Data: Statistical data derived from your personal data but not identifying individuals.

Special Category Data

We process health-related data (Special Category Data) under the following lawful bases:

  • Explicit Consent (Article 9(2)(a)) – You have given explicit consent.
  • Healthcare Provision (Article 9(2)(h)) – Necessary for medical diagnosis, health, or social care purposes.

Children's Data

Our services are not directed at children under 16 years old, and we do not knowingly collect their data. If we become aware of inadvertent collection, we will delete it promptly.

3. HOW WE COLLECT YOUR PERSONAL DATA

We collect your data through the following methods:

Direct Interactions:

  • Account registration
  • Purchase of products/services
  • Customer support interactions
  • Surveys and feedback

Automated Technologies:

  • Website cookies
  • Analytics tools
  • Server logs

Third Parties:

  • Laboratory partners
  • Healthcare service providers
  • Payment processors

4. HOW WE USE YOUR PERSONAL DATA

We use your data for:

  • Contractual Obligations: Providing requested products and services.
  • Legitimate Interests: Business improvement, analytics, and customer relationship management.
  • Legal Compliance: Meeting regulatory and statutory requirements.
  • Marketing Communications: Sending updates and promotional content (with consent).

Automated Decision-Making and Profiling

We may use automated tools to analyze health data and provide insights. You have the right to object to automated decision-making.

5. LEGAL BASES FOR PROCESSING

We rely on the following lawful bases:

  • Consent: Where you have explicitly consented.
  • Contractual Necessity: To fulfill our agreement with you.
  • Legal Obligations: To comply with laws and regulations.
  • Legitimate Interests: For operational efficiency, product improvement, and fraud prevention.

6. DATA SHARING

We may share your data with:

  • Healthcare providers and laboratory partners
  • IT service providers
  • Payment processors
  • Regulatory authorities

International Transfers

If we transfer your data outside the UK, we will ensure:

  • Adequacy Decisions: The country ensures an adequate level of data protection.
  • Standard Contractual Clauses (SCCs): Implemented for data transfers.

You can request more details on international transfers by contacting our DPO.

7. DATA RETENTION

We retain your personal data only as long as necessary for the purposes outlined:

  • Account Information: Retained as long as your account is active.
  • Financial Records: Retained for 7 years for legal compliance.
  • Health Data: Retained for as long as required by law or regulatory obligations.

When retention is no longer necessary, your data will be securely deleted.

8. DATA SECURITY

We use technical and organizational measures to protect your personal data, including:

  • Encrypted storage and transfers
  • Regular security audits
  • Access controls and authentication systems

In case of a data breach, we will notify the ICO and affected individuals within 72 hours, where required.

9. YOUR RIGHTS

Under UK GDPR, you have the following rights:

  1. Right to Access: Request copies of your data.
  2. Right to Rectification: Correct inaccurate or incomplete data.
  3. Right to Erasure: Request data deletion.
  4. Right to Restrict Processing: Limit how we process your data.
  5. Right to Object: Object to specific processing activities.
  6. Right to Data Portability: Receive your data in a usable format.
  7. Right to Withdraw Consent: Withdraw consent at any time.
  8. Right to Lodge a Complaint: File a complaint with the ICO (www.ico.org.uk).

To exercise these rights, please contact support@imulab.co.

10. COOKIE POLICY

Cookies help us improve your website experience.

What are Cookies?

Small text files placed on your device to collect standard internet log and visitor behaviour information.

Types of Cookies We Use:

  1. Strictly Necessary Cookies: Essential for website functionality.
  2. Analytical Cookies: Track visitor behaviour for improvements.
  3. Marketing Cookies: Track user activity for advertising relevance.

Managing Cookies:

You can manage cookie preferences via your browser settings.

11. CONTACT US

For any privacy-related inquiries:

  • Phone: 03450 678 123
  • Email: support@imulab.co
  • Address: Life Sciences and Innovation Centre, Inverness Campus, Inverness, IV2 5NA

12. UPDATES TO THIS POLICY

We reserve the right to update this policy. The latest version will always be available on our website and app.

By continuing to use our services, you agree to the terms outlined in this notice.