Test To You Data Privacy Policy

Test to You is a trading name of Lovelace Events Ltd who are registered with the Information Commissioner’s Office.

In relation to the General Data Protection Regulation (GDPR) (EU) 2016/679

How does Test To You manage data protection?

Test To You (Test To You/we/us/our) is committed to protecting your privacy. Transparency is very important to us. Our privacy policy clearly outlines what data we gather, how we use it, and the rights that you have to manage and access your data. Our policy is written in line with the General Data Protection Regulations.

Collection of your personal information

Test To You collects data including, but not limited to your email address, name, address, telephone number. This is solely to enable us to manage your COVID-19 test and provide results (including a travel certificate). We hold this limited data under the GDPR lawful basis of “legitimate interest”. We are committed to ensuring that this is transparent, fair, necessary and limited. In order to fulfil these important requirements, we carry out ongoing legitimate interest assessment.

Our uses of your personal data include:

  • Collecting information as part of the check out process on testtoyou.co.uk
  • Providing you with email updates regarding shipping of your test kit and provision of instructions. Providing emails with links to test results.
  • Providing 3rd parties with your details if the user has a Positive test outcome. In this scenario, the information would be shared with 20/30 Labs Ltd and Public Health England.
  • Arranging any special requests that you may have made during your order.
  • Provide relevant health and safety information.

External parties

We will never share personal information with external parties not involved in the processing of your test. Processors are vetted to ensure that they comply with GDPR and data protection requirements. Attendee information is not shared outside this group.

Right to correct or access

Individuals included in our database have the right to correct or access their information at any time. To do so, clients should contact the Registration Team

Right to Erasure

Individuals have the right to object to their information being used for the purposes listed above and can request that they are removed from our database at any time, unless there is a legal reason for us to keep information on record. Requesting to erase your information will result in your account being deleted.

Records

We will keep written records of all of our processing activities relating to client data as required under the GDPR regulations. All personal data will be kept securely in accordance with our information security policy. We will retain personal data for the purposes listed above for up to two years following your order.

The Right to Lodge a Complaint

Individuals can contact customercare@testtoyou.co.uk in the event that:

  • they are concerned or suspect that personal data processing without a lawful basis is taking place; • a data breach has occurred;
  • personal information has been accessed without the proper authorisation;
  • personal information has not kept or deleted securely;
  • personal information has been removed from our premises without appropriate security measures being in place;
  • a breach of this policy has occurred; or there has been a breach of any of the data protection principles set out in the Data Protection Act 2018 (DPA 2018).

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.