Privacy Policy
Revised October 2023
What is “User Data” as used in this privacy policy?
“User Data” means information that you upload, insert or provide to Randox. Some User Data may identify an individual or could be used to identify an individual and which is submitted to and/or collected, in this instance, by Randox Web Sites or Software.
Examples of User Data:
User Data may include, but is not limited to, names, postal address, e-mail address and telephone number, which is known as Personally Identifiable Information or “PII”. PII is subject to strict privacy laws.
If we collect, use and are responsible for certain PII about you in the provision of our services then we do so at all times in compliance with Data Protection Legislation as defined in our Terms and Conditions and End User License Agreement.
If User Data does not contain PII, and it cannot be used to identify a living person, directly or indirectly, it may be considered as Aggregated Data, which is not subject to UK GDPR. Such generic unidentifiable data may be used for scientific statistical analysis for the sole purpose of improving public health and diagnostics. Aggregated Data may be commercialised by Randox.
Randox may generate New Data from your User Data, provided this is not PII or subject to intellectual property provisions under a related services contract, and this is not considered to be User Data. Randox shall own the intellectual property rights of any New Data and shall be entitled to process as on the Aggregated Data basis referred to above.
How does Randox collect information online?
Randox is the controller of User Data obtained via Randox Web Sites and some software platforms, meaning we are the organisation legally responsible for deciding the purpose or the means as to how it is used.
Personally Identifiable Information collected:
We will collect and use the following personal data about you:
- your name, address and contact information;
- your contact history and purchase history;
- any delivery address specified;
- your gender;
- your billing information, transaction and payment card or other payment method information;
- bank account and payment details;
- details of any information, feedback or other matters you give to us by phone, email, post or via social media;
- your account details such as username and login details;
Information about the services we provide to you.
Randox collects User Data in three ways:
- User Data You Submit: Randox collects User Data that you enter into data fields on Randox Web Sites and software. For example, you may submit your name, postal address, e-mail address, and/or other information in order to receive information about various subjects, register for Randox programs, contact Randox customer service, or respond to Randox surveys. To protect privacy, you should not provide Randox with any information that is not specifically requested. Further you must ensure that you are legally entited to submit the User Data to Randox, as per the local data protection laws that apply to you.
- Passive Collection of Unidentifiable Information: Randox Web Sites may collect information about your visits to Randox Web Sites without you actively submitting such information. Unidentifiable information may be collected using various technologies, such as cookies, and web beacons. Cookies are small text files that are transferred to your computer’s hard disk by a website. Web beacons (also referred to as GIF files, pixels or Internet tags) help Randox recognize a unique cookie on your browser. Your Internet browser automatically transmits to Randox Web Sites some of this unidentifiable information, such as the URL of the web site you just visited and the browser version your computer is operating.
Passive information collection technologies can make your use of Randox Web Sites easier by allowing Randox to provide better service, customize Randox Web Sites based on consumer preferences, compile statistics, analyze trends, and otherwise administer and improve Randox Web Sites. Certain features of Randox Web Sites may not work without use of passive information collection technologies. Information collected by these technologies cannot be used to identify you without additional identifiable information and Randox will not connect additional identifiable information with the information collected through the use of such tracking technologies. With respect to limiting or disabling tracking technology please see below “What choices do I have about how Randox collects and uses User Data about me?” - Google Analytics: The Randox website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate your use of the website and compile reports on activity on www.Randox.com. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google
How to reject or delete this cookie: Learn More
Persistent Cookies: This type of cookie is stored on a user’s computer until it expires or until the user deletes it. Persistent cookies are used to collect identifying information about the user, such as user preferences which are remembered for the user’s next visit. This results in faster and more convenient access.
Disabling cookies: If you do not want us to use cookies in your browser, you can remove cookies from your computer’s hard drive, or set your browser to block cookies or to send a warning notice before a cookie is stored on your computer. However, please note that you may not be able to use many of the services on our website or other websites without cookies.
In what circumstances and for what purposes might Randox collect and use User Data?
Under data protection law, we can use your User Data if we have a proper reason e.g.
- where you have given consent;
- to comply with our legal and regulatory obligations;
- for the performance of a contract with you or to take steps at you request before entering into a contract; or
- for our legitimate interests or those of a third party.
- Scientific Research, Statistical analysis and on a Public Interest basis.
A legitimate interest is when we have a business or commercial reason to use your User Data, so long as this is not overridden by your own rights and interests. The table below explains what we use your User Data for and why.
| What we use your User Data for | Our reasons |
|---|---|
| Creating and managing your account with us | To perform our contract with you or to take steps at your request before entering into a contract |
| Conducting checks to identify you and verify your identity or to help prevent and detect fraud against you or us | To comply with our legal and regulatory obligations |
| Enforcing legal rights or defend or undertake legal proceedings | Depending on the circumstances: -to comply with our legal and regulatory obligations -in other cases, for our legitimate interests, e.g. to protect our business, interests and rights |
| Customising our website and its content to your particular preferences based on a record of your selected preferences or on your use of our website | Depending on the circumstances: -your consent as gathered -where we are not required to obtain your consent and do not do so, for our legitimate interests, e.g., to be as efficient as we can so we can deliver the best service to you at the best price |
| Retaining and evaluating information on your recent visits to our website and how you move around different sections of our website for analytics purposes to understand how people use our website so that we can make it more intuitive or to check our website is working as intended | Depending on the circumstances: -your consent as gathered -where we are not required to obtain your consent and do not do so, for our legitimate interests, e.g. to be as efficient as we can so we can deliver the best service to you at the best price |
| Communications with you not related to marketing, including about changes to our terms or policies or changes to the products and/or services or other important notices | Depending on the circumstances: -to comply with our legal and regulatory obligations -in other cases, for our legitimate interests, e.g. to be as efficient as we can so we can deliver the best service to you at the best price |
| Protecting the security of systems and data used to provide the services | To comply with our legal and regulatory obligations We may also use your User Data to ensure the security of systems and data to a standard that goes beyond our legal obligations, and in those cases our reasons are for our legitimate interests, e.g. to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us |
| Statistical analysis to help us understand our customer base | For our legitimate interests, e.g. to be as efficient as we can so we can deliver the best service to you at the best price |
| Updating and enhancing customer records | Depending on the circumstances: -to perform our contract with you or to take steps at your request before entering into a contract -to comply with our legal and regulatory obligations -where neither of the above apply, for our legitimate interests, e.g. making sure that we can keep in touch with our customers about existing orders and new products |
| Disclosures and other activities necessary to comply with legal and regulatory obligations that apply to our business | To comply with our legal and regulatory obligations |
| Marketing our services to existing and former customers | For our legitimate interests, e.g. to promote our business to existing and former customers |
| For any audits carried out on Randox | For our legitimate interests, e.g. maintain our accreditations so we can demonstrate we operate at the highest standards |
| To share your User Data with members of our group and third parties that will or may take control or ownership of some or all of our business (and professional advisors acting on our or their behalf) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency In such cases information will be anonymised where possible and only shared where necessary | Depending on the circumstances: -to comply with our legal and regulatory obligations -in other cases, for our legitimate interests, e.g. to protect, realise or grow the value in our business and assets |
| Using identifying technologies to allow that Randox Web Site to track your personal preferences | Addressing and sending communications to you about opportunities to receive notices regarding Randox’s products or services invitations to surveys or notifying you about special promotions |
Certain User Data we collect is treated as a special category to which additional protections apply under data protection law including:
- data concerning health;
- data concerning sex life;
- genetic data
Where we process such special category User Data, we will ensure we are permitted to do so under data protection laws.
User Data: User Data-Marketing
We may use your User Data to send you updates (by email, text message, telephone or post) about our product and/or services, including exclusive offers, promotions or new products and/or services.
We have a legitimate interest in using your User Data for marketing purposes.
You have the right to opt out of receiving marketing communications at any time by:
- contacting us;
- using the ‘unsubscribe’ link in emails
- updating your marketing preferences.
We may ask you to confirm or update your marketing preferences if you ask us to provide further products and/or services in the future, or if there are changes in the law, regulation, or the structure of our business.
We will always treat your User Data with the utmost respect and never sell or share it with other organisations outside Randox for marketing purposes.-
Does Randox consolidate User Data?
Randox may consolidate the User Data of customers who use Randox Web Sites. In addition, we may consolidate information in a non-identifiable form (aggregate/anonymous data) to help us better design Randox Web Sites and Randox products, to enhance our research activities, and to facilitate other business functions. This may result in commercialisation of aggregate data. For the avoidance of doubt you are not entitled to any compensation in such circumstances. The aggregate data shall be used solely on a statistical basis for the purposes of improving public health.
- What choices do I have about how Randox collects and uses User Data about me?
You may always limit the amount and type of User Data that Randox receives about you by choosing not to enter any User Data into forms or data fields on Randox Web Sites. Some of our online services can only be provided to you if you provide us with appropriate User Data. Other parts of Randox Web Sites may ask whether you wish to opt into our contact lists for offers, promotions and additional services that may be of interest to you.
You may also be provided with preference questions or preference boxes allowing you to indicate that you do not want Randox Web Sites to use tracking technologies, such as cookies, to “remember” your User Data, such as user IDs or mailing addresses, on return visits. However, Randox Web Sites that use tracking technologies to collect unidentifiable information do not generally provide you with the ability to opt out of the tracking technologies. Some Internet browsers allow you to limit or disable the use of tracking technologies that collect unidentifiable information.
-Who will have access to User Data about me?
User Data can be accessed by a restricted number of Randox employees, by certain companies with which Randox may conduct joint programs, and by third parties with whom Randox contracts to carry out business activities for Randox. We train our employees about the importance of privacy and how to handle and manage customer data appropriately and securely. Also, it is Randox’s practice to seek your consent where required by applicable law if you are registering for a program which is conducted in conjunction with another company that may require access to your User Data. In addition, Randox’s practice is to require its contractors to keep your User Data confidential and to use your User Data only to perform functions for Randox.
Does Randox share User Data with third parties?
We routinely share User Data with:
- third parties we use to help deliver our products and/or services to you, e.g. payment service providers, warehouses and delivery companies;
- other third parties we use to help us run our business, e.g. marketing agencies or website hosts and website analytics providers;
- our banks;
- to the buyer subject to your consent in the event Randox sells one of its product lines or divisions, when required by applicable law so that the buyer can continue to provide you with information and services.
Except as otherwise stated in this Section, Randox will not transfer your personal information to third parties unless you have been provided with an opportunity to opt into this disclosure. Randox may disclose your personal information without your opt-in to third party service providers which assist us with our business activities with specific regard to our contracted service. It is Randox’s practice to require such third party service providers to keep your personal information confidential and to use your personal information only to perform functions for Randox and in accordance with Randox’s instructions. Randox further reserves the right to disclose your personal information to respond to authorized information requests from government authorities or when otherwise required by law. - Research Partners on a de-identified Aggregated Data basis, solely for the purpose of improving and creating diagnostic products with a view to improving public health.
- Regulatory bodies, on a de-identified Aggregated Data basis, solely for the purpose of improving and creating diagnostic products with a view to improving public health.
We only allow those organisations to handle your User Data if we are satisfied, they take appropriate measures to protect your User Data. We also impose contractual obligations on them to ensure they can only use your User Data to provide services to us and to you.
We or the third parties mentioned above occasionally also share User Data with:
- our and their external auditors, e.g. in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations;
- our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
- law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations;
- other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible. The recipient of any of your User Data will be bound by confidentiality obligations;
How does Randox secure User Data?
We week to limit access to your User Data to those who have a genuine need to access it. Our systems are ISO 27001 certified which means that we follow top industry standards for information security. We also have procedures in place to deal with any suspected data security breach where we are legally required to do so.
It is Randox’s practice to secure each Randox Web Site that collects User Data; however, the confidentiality of User Data transmitted over the Internet cannot be guaranteed. We urge you to exercise caution when transmitting User Data over the Internet. Randox cannot guarantee that unauthorized third parties will not gain access to your User Data; therefore, when submitting User Data to Randox Web Sites, you must weigh both the benefits and the risks. In addition, Randox Web Sites covered by this Privacy Policy will display a warning whenever you link to a web site that is not controlled by Randox; you should check the privacy policies of such third-party web sites before submitting User Data. If you want detailed information from Get Safe Online on how to protect your User Data and other information and your computers and devices against fraud, identity theft, viruses and many other online problems please visit www.getsafeonline.org. Get safe online is supported by HM Government and leading businesses.
Transferring your User Data out of the country of origin, or where it was originally provided.
The EEA, UK and other countries outside the EEA and the UK have differing data protection laws, some of which may provide lower levels of protection of privacy.
It is sometimes necessary for us to transfer your User Data to countries outside of where it was provided. In those cases we will comply with applicable data protection legislation designed to ensure the privacy of User Data.
Under data protection laws, we can only transfer your User Data to a country outside of where it was originally provided:
- If the subject government of country of origin has decided the particular country ensures an adequate level of protection of User Data (known as an ‘adequacy regulation’) further to Article 45 of the UK GDPR
- in the case of transfers subject to EEA data protection laws, the European Commission has decided that the particular country ensures an adequate level of protection of User Data (known as an ‘adequacy decision’) further to Article 45 of the EU GDPR;
- there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you, or;
- a specific exception applies under relevant data protection law.
- You have consented to the transfer, and that country is considered to satisfy the appropriate requirements.
- Sufficient contractual provision is in place to ensure compliance with Schremes II and associated Standard Contractual Clauses
Where we transfer your User Data outside the country of origin we do so on the basis of an adequacy regulation e.g. legally-approved standard data protection clauses recognised or issued further to Article 46(2) of the UK GDPR. In the event we cannot or choose not to continue to rely on this mechanism at any time we will not transfer your User Data outside the Country of origin unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law and reflected in an update to this policy.
Where we transfer your User Data outside the EEA we do so on the basis of an adequacy decision e.g. legally-approved standard data protection clauses issued further to Article 46(2) of the EU GDPR. In the event we cannot or choose not to continue to rely on this mechanism at any time we will not transfer your User Data outside the EEA unless we can do so on the basis of an alternative mechanism or exception provided by applicable data protection law and reflected in an update to this policy.
Any changes to the destinations to which we send User Data or in the transfer mechanisms we rely on to transfer User Data internationally will be notified to you in accordance with the section on ‘How will I know whether Randox has updated its privacy policy’ below.
What type of cookies do Randox use?
The following types of cookies may be used when you visit this site:
Advertising Cookies
Advertising cookies are placed on your computer by advertisers and ad servers to display advertisements that are most likely to be of interest to you. These cookies allow advertisers and ad servers to gather information about your visits to the Site and other websites, alternate the ads sent to a specific computer, and track how often an ad has been viewed and by whom. These cookies are linked to a computer and do not gather any User Data about you.
Analytics Cookies
Analytics cookies monitor how users reached the Site, and how they interact with and move around once on the Site. These cookies let us know what features on the Site are working the best and what features on the Site can be improved.
Our Cookies
Our cookies are “first-party cookies” and can be either permanent or temporary. These are necessary cookies, without which the Site will not work properly or be able to provide certain features and functionalities. Some of these may be manually disabled in your browser but may affect the functionality of the Site.
Personalisation Cookies
Personalization cookies are used to recognize repeat visitors to the Site. We use these cookies to record your browsing history, the pages you have visited, and your settings and preferences each time you visit the Site.
Site Management Cookies
Site management cookies are used to maintain your identity or session on the Site so that you are not logged off unexpectedly, and any information you enter is retained from page to page. These cookies cannot be turned off individually, but you can disable all cookies in your browser.
Third-Party Cookies
Third-party cookies may be place on your computer when you visit the Site by companies that run certain services we offer. These cookies allow the third parties to gather and track certain information about you. These cookies can be manually disabled in your browser.
Performance and Functionality Cookies
These cookies are used to enhance the performance and functionality of our websites but are non-essential to their use. However, without these cookies, certain functionality (like videos) may become unavailable.
| Name: | PHPSESSID |
| Purpose: | Cookie generated by applications based on the PHP language. This is a general-purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages. |
| Provider: | www.randox.com |
| Service: | PHP.net View Service Privacy Policy |
| Country: | United Kingdom |
| Type: | server_cookie |
| Expires in: | session |
Analytics and customisation cookies
These cookies collect information that is used either in aggregate form to help us understand how our websites are being used or how effective our marketing campaigns are, or to help us customize our websites for you.
| Name: | _gat# |
| Purpose: | Enables Google Analytics regulate the rate of requesting. It is a HTTP cookie type that lasts for a session. |
| Provider: | .randox.com |
| Service: | Google Analytics View Service Privacy Policy |
| Country: | United Kingdom |
| Type: | http_cookie |
| Expires in: | 1 minute |
| Name: | _ga |
| Purpose: | It records a particular ID used to come up with data about website usage by the user. It is a HTTP cookie that expires after 2 years. |
| Provider: | .randox.com |
| Service: | Google Analytics View Service Privacy Policy |
| Country: | United Kingdom |
| Type: | http_cookie |
| Expires in: | 1 year 11 months 29 days |
| Name: | _gid |
| Purpose: | Keeps an entry of unique ID which is then used to come up with statistical data on website usage by visitors. It is a HTTP cookie type and expires after a browsing session. |
| Provider: | .randox.com |
| Service: | Google Analytics View Service Privacy Policy |
| Country: | United Kingdom |
| Type: | http_cookie |
| Expires in: | 1 day |
Media cookies
These are cookies that have not yet been categorized. We are in the process of classifying these cookies with the help of their providers.
| Name: | flowplayerTestStorage |
| Purpose: | This cookie is used to store information on the Flowplayer-status of the visitor, which determines if the visitor can access media content on the website |
| Provider: | www.randox.com |
| Service: | __________ |
| Country: | United Kingdom |
| Type: | html_local_storage |
| Expires in: | persistent |
-What control do I have over cookies?
Most browsers are set to accept cookies by default. However, you can remove or reject cookies in your browser’s settings. Please be aware that such action could affect the availability and functionality of the Site. For more information on how to control cookies, check your browser or device’s settings for how you can control or reject cookies, or visit the following links:
- Apple Safari
- Google Chrome
- Microsoft Edge
- Microsoft Internet Explorer
- Mozilla Firefox
- Opera
- Android (Chrome)
- Blackberry
- Iphone or Ipad (Chrome)
- Iphone or Ipad (Safari)
In addition, you may opt-out of some third-party cookies through the Network Advertising Initiative’s Opt-Out Tool.
What other tracking technologies are there?
In addition to cookies, we may use web beacons, pixel tags, and other tracking technologies on the Site to help customize the Site and improve your experience. A “web beacon” or “pixel tag” is tiny object or image embedded in a web page or email. They are used to track the number of users who have visited pages and viewed emails and acquire other statistical data. They collect only a limited set of data, such as a cookie number, time and date of page or email view, and a description of the page or email on which they reside. Web beacons and pixel tags cannot be declined. However, you can limit their use by controlling the cookies that interact with them.
What are your rights?
Randox is subject to global data protection laws. Generally, GDPR is considered to be a gold standard of Data Protection. Under GDPR, you generally have the following rights, which you can usually exercise free of charge:
- the right to be informed of the type of PII held relating to you, and how it is processed;
- the right to require us to correct any mistakes in your User Data (Correction);
- the right to require us to delete your User Data—in certain situations (Erasure);
- the right to require us to restrict use of your User Data in certain circumstances e.g. if you contest the accuracy of the data (Restriction of use);
- the right to receive the User Data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations (Data portability);
- the right to object at any time to your User Data being used for direct marketing (including profiling) or in certain other situations to our continued use of your User Data, e.g. where we use your User Data for our legitimate interests unless there are compelling legitimate grounds for the processing to continue or the processing is required for the establishment, exercise or defence of legal claims (To object to use);
- if you have provided us with a consent to use your User Data you have a right to withdraw that consent easily at any time. Withdrawing a consent will not affect the lawfulness of our use of your User Data in reliance on that consent before it was withdrawn (The right to withdraw consents).
How do I contact and/or make complaints?
With your support Randox will keep User Data accurate and up-to-date. You may request to remove, amend or correct your User Data. Please notify us of your wishes to do so, using the following steps:
Please contact DPO@randox.com (or send any post to Randox Laboratories Limited, 55 Diamond Road, Crumlin, County Antrim, BT29 4QY for the attention of the Data Protection Officer) in for the first instance, if you wish to:
- withdraw your consent;
- ask any questions about this privacy policy or the information that we hold about you; see your User Data or to exercise any of the rights mentioned previously;
- make a compliant about how we have handled your User Data.
We will do our best to respond to all requests in a timely manner.
If you are not satisfied with our response to any query you raise with us, or you believe we are processing your User Data in a way which is inconsistent with the law, you can complain to the ICO office helpline: 0303 123 1113
How long will Randox store User Data?
In general, Randox will only store your User Data for as long as it is needed to fulfil the purposes for which it was collected, subject to applicable data retention periods imposed upon Randox by applicable law.
Randox will not use your Personally Identifiable Information for anything other than that which you have consented to. We may use what is known as aggregated data, which has been de-identified for statistical analysis purposes, and such statistics may result in commercialisation. You are not entitled to any recompense in such circumstances, but rest assured, any such anonymised statistical use, shall be for the sole purpose of improving public health.
How do I contact and/or make complaints?
With your support Randox will keep User Data accurate and up-to-date. You may request to remove, amend or correct your User Data. Please notify us of your wishes to do so, using the following steps:
Please contact DPO@randox.com (or send any post to Randox Laboratories Limited, 55 Diamond Road, Crumlin, County Antrim, BT29 4QY for the attention of the Data Protection Officer) in for the first instance, if you wish to:
- withdraw your consent;
- ask any questions about this privacy policy or the information that we hold about you; see your User Data or to exercise any of the rights mentioned previously;
- make a compliant about how we have handled your User Data.
We will do our best to respond to all requests in a timely manner.
If you are not satisfied with our response to any query you raise with us, or you believe we are processing your User Data in a way which is inconsistent with the law, you can complain to the ICO office helpline: 0303 123 1113
How will I know whether Randox has updated its privacy policy?
If Randox changes its privacy practices, an updated version of this Privacy Policy will reflect those changes and we will notify you of such changes by updating the effective date at the top of this Privacy Policy. Without prejudice to your rights under applicable law, Randox reserves the right to amend this Privacy Policy from time to time to reflect technological advancements, legal and regulatory changes and good business practices. Randox may email you with notification of any material changes.
Revised October 2023