As updated May 2018.
The information we need to hold includes:
• Date of birth
• Home Address
• Email Address
• Medical information
• Personal Medical Questionnaire answers
• Blood and Urine results
• Research and Development testing data – Statistical analysis of medical/testing data
• Other information relevant to client surveys and/or offers
Randox Health will use the information that you provide to generate a personalised health report, thus providing the service for which you have enrolled in. Additional information, including contact details, is required in setting up appointments, renewals and in case any concern is highlighted and we need to make contact with you urgently. We will retain your personal information no longer than necessary, in line with GDPR. We will not collect any personal data from you that we do not need.
Personal data relating to the well-being service is held on paper and controlled computer systems. As the “data controller”, Randox Health and its affiliates must process this information fairly and lawfully.
During the running of the well-being service, we also hold and process particularly sensitive information about you. This is known as “sensitive personal data” and specifically this information includes present health including medical testing carried out through our service, past medical history and where applicable family history.
Randox Health is not allowed to share personal data about you with other organisations or people, unless permitted by law, or you have provided consent or a third party is required to fulfil your order (in such circumstances, the third party is bound by similar data protection requirements).
We do share personal data with the following:-
• Randox Clinical Laboratory Services, our partnered supplier in providing the medical tests included in our service.
• Private medical General practitioners for medical consultations.
• Broomwell our ECG interpretation partner, where applicable.
We may share information with:-
• Randox Laboratories for Research and Development analysis of testing to make improvements or introduce new tests however information with be anonymised (Personal Identifiable information removed).
In cases where data is requested to be sent outside the EEA, appropriate safeguards are put into place to ensure security and protection.
We must keep all personal data safe and hold it for no longer than is necessary. To meet the requirements in the service being provided to our clients we would hold personal identifiable information for a minimum of 11 years. However, given the nature of our service, information gathered during the client’s time within our service, such as the medical questionnaire, medical results will be retained longer for research and development purposes. These purposes are for the improvement of medical tests available, for development of new novel biomarkers for Randox Health’s portfolio and to make available to clients.
We review the personal data held on a regular basis.
• You have the right to see personal identifiable data that is held about you and a right to have a copy provided to you. However, for information to be shared to someone on your behalf thorough consent must be provided by you.
• If at any point your personal data changes it is up to you to update us.
• You can require limit or restrict the processing of your personal data in certain circumstances, for example, whilst a complaint about it accuracy is being resolved.
• You can object to your personal data being processed, although Randox Health can override this objection in specific circumstances where legal obligations object to this.
• Where you have given us consent to process your personal data, you can withdraw that consent before the provision of your programme. However, if the service has been provided, payment for this service still needs to be made.
• You can request that your personal data to be forgotten, this will mean your data will be removed from our marketing mailing lists and patient information system.
• Health data is moved to further secured locations with limited access for retention for legal purposes only.
• Anonymised (all personal identifiable information removed) data may be retained for Research and Development purpose, as mentioned.
You should be aware that taking some of the above steps will impact on the ability of Randox Health to complete the service you have agreed, generation of medical data or medical/scientific consultation.
All information pertaining to you, for example Personal Health Plan and/or consultations, if requested, will generally be provided free of charge, although Randox Health can charge a reasonable fee in certain circumstances.
Randox Health Checks Limited Z2690073
Randox Health Checks (NI): ZA056454
Randox Health London: ZA129858
Please contact DPO@Randoxhealth.com for the first instance, if you wish to:
• Withdraw your consent
• See your personal data or to exercise any of the rights mentioned previously
• Make a compliant about how we have handled your personal data
If you are not satisfied with our response to any query you raise with us, or you believe we are processing your personal data in a way which is inconsistent with the law, you can complain to the ICO office helpline: 0303 123 1113