Skip to content
Trusted to do 100,000+ tests and consultations per month.
Trusted to do 100,000+ tests and consultations per month.

Privacy policy

www.onedaytests.com Privacy Policy

Type of website: Ecommerce
Effective date: 18th day of September, 2022

www.onedaytests.com (the "Site") is owned and operated by Sussex Pathology Limited. Sussex Pathology Limited is the data controller and can be contacted at:

hello@onedaytests.com
0127 309 2844
Sussex Pathology Limited, Coachmans Drive, RH11 9AQ

Purpose
The purpose of this privacy policy (this "Privacy Policy") is to inform users of our Site of the following:

  1. The personal data we will collect;
  2. Use of collected data;
  3. Who has access to the data collected;
  4. The rights of Site users; and
  5. The Site's cookie policy.
  6. Use of AI tools in provision of additional services

This Privacy Policy applies in addition to the terms and conditions of our Site.

GDPR
For users in the European Union, we adhere to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation (the "GDPR"). For users in the United Kingdom, we adhere to the GDPR as enshrined in the Data Protection Act 2018.

Consent
By using our Site users agree that they consent to:

  1. The conditions set out in this Privacy Policy.

When the legal basis for us processing your personal data is that you have provided your consent to that processing, you may withdraw your consent at any time. If you withdraw your consent, it will not make processing which we completed before you withdrew your consent unlawful.

You can withdraw your consent by: Contacting the Data Protection Officer.

Consent for AI Tools and Automated Recommendations

Use of the AI Assistant and receipt of automated recommendations requires your separate, explicit consent, which is obtained at the point of accessing these features. This consent is distinct from your general consent to use this Site and is required because these features involve the processing of your health data, which is special category data under UK GDPR.

You may withdraw your consent for AI tool processing at any time by contacting our Data Protection Officer at hello@onedaytests.com. Withdrawal of this consent will mean you are no longer able to access the AI Assistant or receive automated recommendations, but will not affect your access to your test results or any other services, nor will it affect the lawfulness of any processing carried out before withdrawal.

Legal Basis for Processing
We collect and process personal data about users in the UK and EU only when we have a legal basis for doing so under Article 6 of the GDPR.

We rely on the following legal bases to collect and process the personal data of users in the EU and UK:

  1. Users have provided their consent to the processing of their data for one or more specific purposes;
  2. Processing of user personal data is necessary for us or a third pary to pursue a legitimate interest. Our legitimate interest is not overriden by the interests or fundamenal rights and freedoms of users. Our legitimate interest(s) are: Provision of accurate results that require further information, such as age, height and weight.; and
  3. Processing of user personal data is necessary for us to take, at the request of a user, steps before entering a contract or for the performance of a contract to which a user is a party. If a user does not provide the the personal data necessary to perform a contract the consequences are as follows: Results may not be as accurate as otherwise..

Personal Data We Collect
We only collect data that helps us achieve the purpose set out in this Privacy Policy. We will not collect any additional data beyond the data listed below without notifying you first.

Data Collected Automatically
When you visit and use our Site, we may automatically collect and store the following information:

  1. IP address;
  2. Location;
  3. Hardware and software details;
  4. Clicked links;
  5. Content viewed; and
  6. Address.

Data Collected in a Non-Automatic Way
We may also collect the following data when you perform certain functions on our Site:

  1. First and last name;
  2. Age;
  3. Date of birth;
  4. Sex;
  5. Email address;
  6. Phone number;
  7. Address;
  8. Payment information;
  9. Auto fill data; 
  10. Test results and biomarkers of ordered tests, clinical history and ethnicity;
  11. Conversation data and queries submitted to the AI Assistant during result review sessions and any other AI agent assistance.

This data may be collected using the following methods:

  1. Registration, Creating and account, Purchasing a product, Receiving biomarker results from the laboratory software, additional information via online or paper questionnaires as well as via specialist consultations, such as GP service consultations and pharmacy consultations.

How We Use Personal Data
Data collected on our Site will only be used for the purposes specified in this Privacy Policy or indicated on the relevant pages of our Site. We will not use your data beyond what we disclose in this Privacy Policy.

The data we collect automatically is used for the following purposes:

  1. Statistics.

The data we collect when the user performs certain functions may be used for the following purposes:

  1. Display of client's test results on the website;
  2. Communication; and
  3. Processing of personal information for demographics and comparison of results, including results interpretation.
  4. Processing of personal data for clinical diagnostics and results interpretation.

  5. Operation of an AI-powered assistant to allow users to explore, discuss, and better understand their test results and biomarkers; and

     

     

  6. Generation of automated recommendations, including general lifestyle guidance and suggestions for clinical follow-up, based on the results of your tests.

Who We Share Personal Data With
Employees
We may disclose user data to any member of our organisation who reasonably needs access to user data to achieve the purposes set out in this Privacy Policy.

Parner laboratories
We disclose user data to our vetter partner laboratories who reasonably needs access to user data to achieve the purposes set out in this Privacy Policy.

AI Service Providers
To operate the AI Assistant, we transmit relevant test results and session data to a third-party artificial intelligence service provider who acts as a data processor on our behalf.

Where you use our AI Assistant, your test results are anonymised prior to processing. Only non-identifiable data, specifically numerical biomarker results, age band, and gender, is transmitted to our AI service provider. No personal identifiable data is shared with this provider.

Other Disclosures
We will not sell or share your data with other third parties, except in the following cases:

  1. If the law requires it;
  2. If it is required for any legal proceeding;
  3. To prove or protect our legal rights; and
  4. To buyers or potential buyers of this company in the event that we seek to sell the company.

If you follow hyperlinks from our Site to another Site, please note that we are not responsible for and have no control over their privacy policies and practices.

How Long We Store Personal Data

User data will be stored until the purpose for which it was collected has been achieved and in compliance with legal healthcare data storage requirements. For general health records and test results, we retain data for a minimum of 8 years from the date of the test in line with NHS Records Management Code of Practice guidance, or until you request deletion where no legal obligation to retain applies.

Conversation and session data generated through your use of the AI Assistant is retained for a period of 12 months from the date of the session, after which it is permanently deleted or irreversibly anonymised. Anonymised and aggregated data derived from AI sessions may be retained indefinitely for service improvement purposes and cannot be linked back to you.

How We Protect Your Personal Data
In order to protect your security, we use the strongest available browser encryption and store all of our data on servers in secure facilities. All data is only accessible to our employees. Our employees are bound by strict confidentiality agreements and a breach of this agreement would result in the employee's termination.

While we take all reasonable precautions to ensure that user data is secure and that users are protected, there always remains the risk of harm. The Internet as a whole can be insecure at times and therefore we are unable to guarantee the security of user data beyond what is reasonably practical.

Automated Processing and Recommendations
We use automated systems to analyse your test results and generate personalised recommendations. These recommendations may include general lifestyle suggestions and guidance to seek clinical follow-up with a qualified healthcare professional. This processing involves comparing your results against established clinical reference ranges and relevant health indicators.

We do not make any solely automated decisions that produce legal effects or similarly significant effects concerning you. Automated recommendations are informational only and do not constitute a clinical diagnosis or binding decision of any kind. You retain full control over any action you take in response to such recommendations, and we encourage you to discuss them with a qualified healthcare professional.

You have the right to opt out of automated recommendation processing entirely without affecting your access to your test results. To opt out, please contact us at hello@onedaytests.com.

The logic applied in our automated recommendation system involves: comparison of individual biomarker values against validated clinical reference ranges; identification of results falling outside normal parameters; and mapping of out-of-range results to relevant lifestyle or clinical follow-up guidance.

Your Rights as a User
Under the GDPR, you have the following rights:

  1. Right to be informed;
  2. Right of access;
  3. Right to rectification;
  4. Right to erasure;
  5. Right to restrict processing;
  6. Right to data portability; and
  7. Right to object.

Children
The minimum age to use our website is 18 years of age. We do not collect or use personal data from children under 16 years of age unless explicitly approved to do so by the parent/guardian and such data has been passed onto us, together with clinician referral form for any tests asked of us. If we learn that we have collected personal data from a child under 16 years of age, i.e. the data has been entered circumventing the normal registration process, the personal data will be deleted as soon as possible. If a child under 16 years of age has provided us with personal data their parent or guardian may contact our data protection officer.

The AI Assistant and automated recommendation tools are not available to users under the age of 18. Users must not attempt to access these features on behalf of or in relation to a minor.

How to Access, Modify, Delete, or Challenge the Data Collected
If you would like to know if we have collected your personal data, how we have used your personal data, if we have disclosed your personal data and to who we disclosed your personal data, if you would like your data to be deleted or modified in any way, or if you would like to exercise any of your other rights under the GDPR, please contact our data protection officer here:

DPO
hello@onedaytests.com

Do Not Track Notice
Do Not Track ("DNT") is a privacy preference that you can set in certain web browsers. We do not track the users of our Site over time and across third party websites and therefore do not respond to browser-initiated DNT signals.

Cookie Policy
A cookie is a small file, stored on a user's hard drive by a website. Its purpose is to collect data relating to the user's browsing habits. You can choose to be notified each time a cookie is transmitted. You can also choose to disable cookies entirely in your internet browser, but this may decrease the quality of your user experience.

We use the following types of cookies on our Site:

  1. Functional cookies
    Functional cookies are used to remember the selections you make on our Site so that your selections are saved for your next visits;
  2. Analytical cookies
    Analytical cookies allow us to improve the design and functionality of our Site by collecting data on how you access our Site, for example data on the content you access, how long you stay on our Site, etc; and
  3. Third-Party Cookies
    Third-party cookies are created by a website other than ours. We may use third-party cookies to achieve the following purposes:
    1. Mailing list subscription offering.

Modifications
This Privacy Policy may be amended from time to time in order to maintain compliance with the law and to reflect any changes to our data collection process. When we amend this Privacy Policy we will update the "Effective Date" at the top of this Privacy Policy. We recommend that our users periodically review our Privacy Policy to ensure that they are notified of any updates. If necessary, we may notify users by email of changes to this Privacy Policy.

Complaints
If you have any complaints about how we process your personal data, please contact us through the contact methods listed in the Contact Information section so that we can, where possible, resolve the issue. If you feel we have not addressed your concern in a satisfactory manner you may contact a supervisory authority. You also have the right to directly make a complaint to a supervisory authority. You can lodge a complaint with a supervisory authority by contacting the Information Commissioner's Office in the UK.

Contact Information
If you have any questions, concerns or complaints, you can contact our data protection officer, DPO, at:

hello@onedaytests.com