The Private STI Clinic
This statement sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to ascertain how we process your personal data (data or information). For the purpose of the Data Protection Acts 1988 and 2003 as amended (the Acts) and General Data Protection Regulation 2018 (the Regulation), the data controller is Us, our registered office is at 4 Ivor’s Street, Fleur-de-Lys, NP12 3RF.
Any word defined in the Conditions of Use shall have the same meaning in this Privacy Statement.
We may collect and process the following data about you through this Site:
- Information:– information including personal data (your name, contact information and any information we receive from you through our Site) that you volunteer to provide through http://www.theprivatesticlinic.co.uk/ (our Site) when you decide to contact us including when you phone our Helpline. Personal data includes visitor’s name, gender and address and such information which we collected when you contact or use one or more Products and the Services. We may also ask you for information when you report a problem with our Site or as provided below.
- If you contact us: if you contact us by email or text message, we may keep a record of that correspondence.
- Surveys: We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of your visits to our Site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access. Most of your personal data shall be processed on legal basis that the processing is necessary for provision of our services to you and for the purposes of our legitimate interests (such as direct marketing, due diligence, etc.). Due to the nature of the services we provide it is necessary that we process (in a very limited scope) data concerning your health and medical history. Those data shall be provided exclusively based on your explicit consent and shall not be provided to any third parties (if not specified otherwise in the consent). We will ask for the consent when necessary. You can withdraw the consent at any time. Please acknowledge that without this consent we shall not be able to provide most of our services to you. We will not knowingly collect personal data from Site users that under 18 years of age. We are relying on your undertaking in the Site conditions of Use, that you are over 18 years of age. You should not use the Site or its Services including purchase Products if you are not 18 years of age or older.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
Where we store your personal data
The information that we collect from you may be transferred to and stored with the Accredited Laboratory (as defined in the Conditions of Use) and any supplier of data processing and data hosting services to us at, a destination within the European Economic Area (“EEA”). It may also be processed by staff operating inside the EEA who work for any of them. Such staff maybe engaged in, among other things, the fulfilment of your order, the and the provision of data processing and data hosting services to us. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this privacy statement by imposing on any such supplier obligations of security and confidentiality.
All information you provide to us in purchasing a Product or Services are stored on our secure servers or else on secure servers used by our service provider. Any payment transactions effected by us, will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. You must not share a password with anyone.
Unfortunately, the transmission of information via the internet is not secure and if you request that we communicate with you using a secure means of communication, we can arrange to do this. Once we have received your information, we will impose obligations of confidentiality and security on any service provider to us who processes the information.
We maintain reasonable physical, electronic, standard security practices, including encryption, passwords and physical security measures, and managerial procedures to protect the security and confidentiality of your personal data. Only a limited number of our internal staff are authorised to access, delete or modify your data. We will make reasonable efforts to ensure that your privacy interests are protected.
Uses made of the information
We use information held about you in the following ways:
- to ensure that content from our Site is presented in the most effective manner for you and for your computer.
- to provide our Site, the Services and Products or improve either of them.
- to communicate with you.
- to provide you with information, Products or Services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- to carry out our obligations arising from any orders entered into between you and us.
- to notify you about changes to our Services and Products.
- to notify you about changes to our Services and Products.
- analyse information provided by you and others to help us administer, support and improve our business.
Disclosure of your information
To send you information about our services, we may need to disclose the information within our company to the Medical Practitioner and clinical care team at The Private STI Clinic and our IT service providers. Your request for information will result in your contact details being accessed by and processed by our clinical care team and our IT service providers.
The clinical care team shall have access exclusively to your name and email address.
We may disclose your personal information to third parties:
- In order for any supplier to perform any obligation they have undertaken to us.
- If we or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
Your data may be provided to following recipients: Clinical care teams at HealthFirst Consulting, MailChimp and Trustpilot.
If you send offensive or objectionable content or otherwise engage in any disruptive behaviour on the Site, that that we can use whatever information that is available to us about you to stop such behaviour and pursue our legitimate interest to prevent such behaviour on our Site. This may involve informing relevant third parties such as law enforcement agencies about the content and your behaviour.
Additionally, we may disclose your information if i) we are under a duty to disclose or share your information in order to comply with any legal obligation or ii) in order to enforce or apply this privacy Statement and our Cookies Policy or iii) to protect our rights, property or safety of our customers or others iv) to prevent detect or otherwise address fraud, security or technical issues. Your IP address may be supplied to regulatory authorities in connection with fraud or other formal investigations.
We may disclose and transfer your information to our clinical care team for the purpose of providing you with advice relating to your enquiry.
We may disclose and transfer your information to an IT services provider under an agreement which requires that they process your information as we require and under our direction and under obligations of confidentiality and security.
We may pass aggregate information on the usage of our Site to third parties, but this will not include information that can be used to identify you. Unless required to do so by law, we will not include information that can be used to identify you. Unless required to do so by law, we will not otherwise share sell or distribute any of the information you provide to use without your consent.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise the right at any time for us to cease processing your information and if such request is received after Order Confirmation, then you agree that we may be unable to complete the Order and in such event you will not be entitled to any refund.
Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You have the right to be given a copy of your personal data we process which you may have supplied to us via the Site or which we may have obtained in another way. You may exercise this right in “privacy settings” section in your user account.
You also have the right to have inaccurate personal data corrected or incomplete personal data completed without undue delay. If you discover that we hold inaccurate personal data about you, you have a right to instruct us to correct that information. Such an instruction must be in writing and will not take more than 340 days to process.
In certain circumstances you may also request that personal data which you have supplied via the Site be deleted. We will delete your personal data without undue delay if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, or if the data were processed based on your consent, or if we do not have a legitimate reason for retaining the personal data. We are not entitled to charge for dealing with such a request and we must comply within 430 days of the receipt of such a request. You may exercise this right by a request in writing sent to our address as specified above with a copy of your passport and copy of utility bill to verify your address included. To exercise this right you would generally be expected to identify some contravention of data protection law in the manner in which the Site processes the personal data concerned.
You also have the right to receive your personal data which you provided to us in a structured machine-readable format and the right to transmit those data to another controller without any hindrance from us as long as we the processing of your data by automated means. The data shall be provided in xml file format. Where technically feasible, you also have the right to have the personal data transmitted directly from us to another controller based on your request. You may exercise this right by a request in writing sent to our address as specified above with a copy of your passport and copy of utility bill to verify your address included.
You also have the right to object free of charge and at any time, to the processing of personal data on the grounds relating to your particular situation. If you decide to execute this right, we shall cease to process your personal data for direct marketing purposes without undue delay and shall look into your individual case. If we find that in your individual case, your interest, rights and freedoms override our legitimate grounds for processing your personal data, the data shall not longer be processed. You may exercise this right by a request in writing sent to our address as specified above with a copy of your passport and copy of utility bill to verify your address included.
Changes to our privacy statement
Any changes we may make to our privacy statement in the future will be posted on this page and, where appropriate, notified to you by e-mail.
Questions, comments and requests regarding this privacy statement are welcomed and should be addressed to our Data Protection Officer (DPO) at firstname.lastname@example.org.