Privacy policy

Privacy Policy

Last updated: June 7, 2023

At Allergy Testing, we are committed to protecting and respecting your privacy. We understand the importance of safeguarding your personal information and ensure that it is never collected or stored unnecessarily, nor sold to third parties.

We have implemented various security measures to maintain the safety of any personal information we receive. Our processes adhere to the requirements of the UK data protection legislation, implementing appropriate technical and organizational measures to protect the rights of data subjects.

Controllers: As the main decision-makers, Allergy Testing exercises overall control over the purposes and means of processing personal data.

Joint Controllers: In cases where two or more controllers jointly determine the purposes and means of processing the same personal data, they are considered joint controllers. Both parties are responsible for complying with GDPR obligations, transparency obligations, and individuals' rights. Both Allergy Testing and the joint controllers agree to collect, store, and process personal data in accordance with this policy, and it is the responsibility of both parties to inform their data subjects.

Processor: Allergy Testing acts as a processor when processing personal data provided by you, and as a controller when processing personal data collected from your employer or benefits provider on your behalf, where applicable.

Your Consent and Agreement: By providing your personal information to Allergy Testing, you consent to its collection and use, along with any other information provided, in accordance with this Privacy Policy.

Why We Need to Use Your Personal Information: We collect and store your personal information for the following purposes:

  • Providing the services you expect from us.
  • Responding to your requests or inquiries.
  • Sending you information about services, products, events, and more that may be of interest to you.
  • Sharing other relevant information such as upcoming events or newsletters.
  • Creating, publishing, and improving content.
  • Conducting analytical research on our prospective client base.
  • Complying with legal obligations.
  • Compiling and publishing statistics and data on testing services, products, and results on an anonymized basis.
  • Investigating incidents and complaints.
  • Cooperating with investigations carried out by authorities.

Data We Collect: Website and cookie data: Certain parts of our website use cookies to track your visit and facilitate navigation. Cookies contain information you have personally supplied, such as your user ID and the pages visited. Please note that third-party content providers may also use cookies over which we have no control.

Personal information we collect:

  • Full name
  • Date of birth
  • Address details
  • Health details
  • Data gathered from testing
  • Contact information
  • Information regarding your business (for sole traders/sub-contractors)
  • Financial information (e.g., bank details, credit history, etc.)
  • Employment history (for recruitment and selection purposes)
  • Job title and salary information (for employees)
  • Emergency contact details
  • Personal identification information and documentation

Lawful Basis for Processing Personal Data: The lawful bases we rely on for processing your personal information include consent, performance of a contract, legitimate interests pursued by the controller or joint controllers, compliance with legal obligations, vital interests, and tasks carried out in the public interest.

Legitimate Interests: We process personal data based on legitimate interests for various purposes, including live chat communication, email marketing, non-conformity reporting, complaints system, Dot Mailer communication, call recording, notes and action records.

Marketing Communications: We will only send marketing communications to you if you have provided consent or if we have a legitimate reason to do so. You can opt out at any time by contacting us.

Processing of Data for Testing Purposes: For our testing services, we process your data as agreed upon through client details forms or electronic confirmations. We employ specific testing methods for food intolerances and do not undertake DNA or genetic testing.

Data Retention: We retain your personal information in accordance with applicable data protection laws. We never retain your information longer than necessary.

Sharing Data with Third Parties: We may share your data with third parties to facilitate the delivery of services and in compliance with company policy, UK legislation, and GDPR regulations. We ensure that any such companies handle your data in full compliance with GDPR.

Rights to Access and Control Your Personal Data: You have the right to access, amend, or delete your personal data at any time. You can also object to or restrict the use of your data and request a copy of your personal data.

Additional Changes to Our Privacy Policy: We reserve the right to change or amend our privacy statement and policy at any time.