Privacy Policy

This policy explains how we, TestCard.com (which is a trading name of TestCard Ltd (company no. 10764577), use your personal data which you provide to us including when you use our website, www.testcard.com. We take our responsibilities for managing your personal data seriously and we have tried in this document to explain how we collect your personal information and what we do with it.

When we say your “personal data” or "personal information" we mean any information that identifies you as a person. You can read more information about how we process your personal information by clicking on the various sections below.

Collecting your personal data – our relationship with you
What we do with your personal information
Sharing your personal information with third parties
Cookies – what are they and how do we use them?
Access to your personal data – your rights and contacting us
Retention of Data
Our Security Standards
Other Websites
Updates

Collecting your personal data – our relationship with you

You may provide us with personal data in one of the following ways:

  1. contacting us by telephone where you may provide your contact details such as your name, telephone number and email address. You will also be asked to consent to our using your information; or
  2. contacting us through our website by using one of the options on our website which requires you to provide us with your personal information; or
  3. when you log on to our website your personal data may be obtained by the cookies that we use.

Examples of the personal data we collect include your name, your email address, contact details. The collection of this personal data is essential to enable us to perform our contract with you and to provide Test Kits and results to you.

One of our team may, in the course of assisting you with a query or when we provide services to you, ask for your consent to use your details for further purposes such as marketing and other promotional activities. When we do this you will be clearly advised and your specific consent will be required before we can use your information for such activities.

We may also gather personal information about you from third parties such as the country you are from, the device you used to visit our website (including IP addresses) and what pages you like to look at online. We do our best to ensure that the businesses that provide us with this information do so lawfully and have obtained your consent to do this.

What we do with your personal information

  • Providing our services to you: - we use your personal information to open your account with us, to send you testcards and to contact you about the services that we are providing to you. Reminders and updates will be sent to you using the contact information that you provide to us and via the account that you have opened with us. Without your personal contact information it is impossible for us to provide our services to you.
  • Improving our services: - we may analyse your personal information in order to improve our business, our website and customer services. 
  • Improving our results: - Personal demographic and medical conditions information provided by you may be used to improve the results reported by the TestCard App. Previous (historical) results may also be used in this manner.
  • Marketing: - we may use your personal information to contact you about promotions and other news and information about our business.  

Sharing your personal information with third parties

In order to provide our services and operate our website, we use various third parties which are carefully selected by us.  These parties include companies which provide business functions such as email, marketing assistance, accounting, payment processing, data management, website support and business advice. All of these third parties have in place policies and procedures to ensure adherence to the General Data Protection Regulation (‘GDPR”). In some circumstances, your data may be transferred to or stored at a location outside the European Economic Union (“EEA”) and processed by individuals acting for one of these third parties. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and the GDPR. Where it is necessary to process data outside the EEA, we will ensure that the relevant third party processing the data has either provided the required contractual undertakings as specified by the EU or is a signatory of the EU-US Privacy Shield Framework. 

All of your payment information is collected, processed and stored by our chosen payment processor, Stripe. We do not hold your payment details. You can find more information about how Stripe manage your data here

There are certain scenarios where we may have to share your personal information with other parties and examples of these scenarios are set out below:

  • For legal reasons, we may be required to share your data with law enforcement agencies, governments, etc. This may be as part of an investigation, or it may be to prevent fraud prevention.
  • Where your data may be required to protect against harm to the rights of property or person as permitted by law.
  • Where your data may be required to prevent or protect against serious physical harm to an individual.
  • If we are involved in an acquisition, a merger, sale of assets, or liquidation. If this circumstance arose, appropriate undertakings would be obtained from the third party.

Cookies - what are they and how do we use them?

Personal information may also be collected automatically using cookies. Cookies are small files that are automatically saved to your device as a result of the websites you visit.  Cookies track, save and store information. Cookies may enable us or a third party to recognise you and make your next visit easier, and our services more useful to you, by giving you tailored options based on the information that has been stored from your last visit. Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the web site.

You can read more information relating to cookies use and how you can manage these on our Cookie Policy.

Access to your personal data – your rights and contacting us

Access to the personal data we hold on you:You have the right to ask us for a copy of the personal information we hold on you, a “subject access request”. There is no fee for this. However, requesting subsequent copies of such information within an unreasonably short period may be chargeable.

Right to rectify or erase your personal data: You also have the right to have any inaccuracies corrected or removed and in certain circumstances you may ask us to erase your personal data. If you would like us to erase the personal data we hold about you, please get in touch specifying why you would like us to do so.

Right to withdraw consent: If you have given us consent to use your personal details you may withdraw this consent at any time by emailing us – support@testcard.com.

Right to limit processing your data: You may also instruct us to cease processing your data if no longer relevant, or if there are no other legal or contractual obligations for us to do so.

If you have any enquiries and/or wish to exercise any of your rights in this privacy policy please contact us by emailing us – support@testcard.com .

You also have the right to make a complaint about our data processing activities to the Information Commissioner’s Office.  Further details can be found at https://ico.org.uk.

Retention of Data

We hold your personal data only for as long as is necessary for the specified purpose. Once you have closed your account with us we will delete all of the personal information that we hold on you apart from your name and email address which we will hold on our marketing database if you agreed to receive news and other marketing from us. You may unsubscribe to any of our marketing emails at anytime which will in turn delete all your personal information. We will also keep invoicing and other accounting records which are necessary to satisfy HMRC. Results generated from the testcards will be retained in an anonymised state for the purposes of improving our analytical algorithms, epidemiology, and will remain in the ownership of TestCard Ltd.

Data produced in the support of a Clinical Trial will be retained for a minimum of 10 years post completion of the trial.

Our Security Standards

We use standard SSL encryption throughout our business. Data on the website is only accessed through encrypted SSL. All orders placed with us for a Test Kit are given an encrypted reference number during the order process in order to enhance the security of our ordering process.

All personal information that you provide to us or that we collect is stored on our secure servers which are located within the EU. We promise that we will do our best to ensure that your personal information is treated securely.

We have appropriate security measures in place (such as encrypted passwords) to protect your personal information from being accidentally lost, used or accessed by someone who does not have permission to access it. We only give access to your personal information to people who need to access it in order to carry out their job such as our website admins. They will only use your personal information in the way we tell them to and they undertake to keep it secret.

We have procedures to deal with any suspected breaches of personal information and if the law requires us to, we will tell you (and any regulator) if there has been a breach.

Other Websites

Our website may include links to other websites, plug-ins and apps which we do not own or control. If you click on those links, activate the plug-ins or apps, (for example if you click on link to share our content to your Facebook, Twitter, OK, VK or Google Plus account, or choose to post a comment through your WordPress, Facebook, Google Plus or Twitter account) you may allow third parties to collect or share information about you. Because we do not control these other websites, we are not responsible for their privacy notices or how they will handle your personal information. When you leave our website, we strongly suggest that you read the privacy notice of every website that you visit.

Updates

This Privacy Policy is reviewed by us on a regular basis and may be updated from time to time. Please ensure that you are familiar with these changes. 

(Last updated November 2019)