Who we are
RD Biomed (‘we’ or ‘us’) are a ‘data controller’ for the purposes of the General Data Protection Regulation (‘GDPR’) (as applicable the “Legislation”) where we control the purposes for which we process your personal information. Any questions about our data protection policy or how we handle your personal data should be addressed to Daisy Building (2nd Floor), Castle Hill Hospital, Castle Road, Cottingham, Hull HU16 5JQ. (See Contact information below.)
What information do we collect?
Personal information provided by you
We collect personal information about you (such as your name, address, and contact details), for example your email address when you contact us via our web form.
Personal information provided to and by third parties
We shall transfer your personal information to our service provider SiteGround who hosts the Website and stores your personal information if you purchase our products.
Personal information about other individuals
If you give us information on behalf of someone else, such as a child for whom you are legally responsible, you confirm that either; (1) the other person has a contractual relationship with you and knows that you will be transferring their personal data to us for specific purposes and/or (2) s/he has appointed you to act on his/her behalf and has agreed that you can:
- give consent on his/her behalf to the processing of his/her personal data
- receive on his/her behalf any data protection notices
- give consent to the processing of his/her sensitive personal data (as listed below).
How will we use the information about you?
We collect information about you so that we can:
- identify you and manage any accounts you hold with us;
- customise our website and its content to your particular preferences;
- notify you of any changes to our website or to our services that may affect you
- improve our services
Who your information might be shared with
We may disclose your personal data to:
- other companies within our group
- our agents, associates and service providers
- law enforcement agencies in connection with any investigation to help prevent unlawful activity
Keeping your data secure
Our staff and associates are bound by obligations of confidentiality and trained in the protection of personal data. We comply with the Legislation and use the appropriate technical and organisational measures necessary to safeguard your personal data. We only share your personal data with third parties who also comply with the Legislation. While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that is transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘How can you contact us?’ below). We only send your data outside the EEA where we have in place a legal agreement which complies with the Legislation.
What can I do to keep my information safe?
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses. Retention Periods We store the personal data that relates to your test results on secure servers:
- for a period of up to 10 years from the date on which you first completed a test in order to allow you to access your test data. However, we shall regularly review this information in conjunction with you and shall delete it if you so request;
- until you ask us to destroy it
in each case unless the law requires us to store the data for a longer period.
What rights do you have?
The GDPR provides the following rights for individuals whose personal data is processed:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object to processing
- Rights in relation to automated decision making and profiling [(We do not carry out automated decision making and profiling)]
Right to access – i.e. to request a copy of your information
You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy of some or all of it, please:
- write to us at RD Biomed Limited, Daisy Building (2nd Floor), Castle Hill Hospital, Castle Road, Cottingham, Hull HU16 5JQ or email firstname.lastname@example.org; and
- let us have proof of your identity (a copy of your driving licence or passport); and
- let us know what information you want.
Right to correct any mistakes in your information
You can require us to correct any mistakes in your information which we hold free of charge. If you would like to do this, please:
- email or write to us (see ‘How can you contact us?’ below)
- let us have enough information to identify you
- let us know the information that is incorrect and what it should be replaced with.
Right to remove your details from our records or restrict how we use your information
You can ask us to stop contacting you for particular purposes or remove your information completely from our records. There may be a legal reason why we need to keep your personal data and in that circumstance we will destroy your personal information as soon as we are legally entitled to do so. If you would like us to stop contacting you with information about our services, please:
- email or write to us (see ‘How can you contact us?’ below). You can also click on the ‘unsubscribe’ button at the bottom of the email and/or newsletter
- let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone).
Right to lodge a complaint with the Supervising Authority
If you have any concerns or complaints about how we use your personal data we hope you will alert us to these directly (see the Contact information below). If you are still unhappy you are entitled to complain to the Information Commissioners Office (ICO) which is the supervising authority in the UK. Their contact details and the procedure can be found at www.ico.gov.uk
How to contact us