privacy policy

Introduction

This Privacy Policy (together with our terms and conditions and any other documents referred to in it) describes the type of information that we collect from you ("you/your") through the use of our services ("Services"), or the use of our website stjohnslabs.com ("Website"), how that information may be used or disclosed by us and the safeguards we use to protect it.

Our Website and Services may contain links to third-party websites that are not covered by this Privacy Policy. We therefore ask you to review the privacy statements of other websites and applications to understand their information practices.

We have drafted this Privacy Policy to be as clear and concise as possible. Please read it carefully to understand our policies regarding your information and how we will treat it. By using or accessing our Website or the Services, you agree to the collection, use, and disclosure of information in accordance with this Privacy Policy. This Privacy Policy may change from time to time, and your continued use of the Website or the Services is deemed to be acceptance of such changes, so please check periodically for updates.

This Privacy Policy was last updated in July 2019 to add new provisions regarding GDPR. Please check back regularly to keep informed of updates. Your acceptance of our Privacy Policy is deemed to occur upon your first use of our Website. If you do not accept and agree with this Privacy Policy, you must stop using our Website immediately.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us first. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

If you have any comments on this Privacy Policy, please email them to info@stjohnslabs.com.

Who We Are

  • Our Website address: stjohnslabs.com
  • Our company name: St John’s Laboratory Ltd
  • Our registered address: Knowledge Dock Business Centre, Docklands Campus, University Way, London E16 2RD
  • Our nominated representative: Tom Brennan (info@stjohnslabs.com)

What We May Collect

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store, and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data: Includes first name, last name, username, and similar identifiers.
  • Contact Data: Includes billing address, invoicing address, email address, and telephone numbers.
  • Financial Data: Includes bank account and payment card details.
  • Transaction Data: Includes details about payments and purchases made through our Services.
  • Technical Data: Includes IP address, login data, browser type and version, time zone setting, and location.
  • Profile Data: Includes username, password, preferences, feedback, and survey responses.
  • Usage Data: Includes information about how you use our Website and Services.
  • Marketing and Communications Data: Includes marketing preferences and communication preferences.
  • Interaction Data: Any information provided to discussion forums on the Website.
  • Cookies Data: We use cookies to enhance your experience. Please refer to the "Do we use cookies?" section below.
  • Third Parties and Information from Other Sources: We may receive data from our business partners, suppliers, advertising networks, analytics providers, and search information providers.
  • Analytics: We use third-party analytics services (such as Google Analytics) to evaluate your use of the Website and gather performance metrics.

We also collect, use, and share aggregated data such as statistical or demographic data for various purposes. Aggregated Data may be derived from your personal data but is not considered personal data as it does not directly or indirectly reveal your identity.

Legal Basis for Processing

Under GDPR, we will ensure that your personal data is processed lawfully, fairly, and transparently. We will only process your personal data if at least one of the following applies:

  • You have given consent to the processing for one or more specific purposes.
  • Processing is necessary for the performance of a contract or to take steps at your request before entering into a contract.
  • Processing is necessary for compliance with a legal obligation to which we are subject.
  • Processing is necessary to protect your vital interests or those of another person.
  • Processing is necessary for the performance of a task carried out in the public interest.
  • Processing is necessary for the purposes of our legitimate interests or those of a third party, except where such interests are overridden by your fundamental rights and freedoms.

If we receive personal information from another data subject during our Services, we expect you to have ensured that the contents of this Privacy Policy are brought to their attention and that their consent has been obtained.

In some instances, we may combine your information with other data we hold, such as your geographic location or browsing history.

How we may collect and use your data

4.1 Data Collection Methods

We (or third-party data processors, agents, and sub-contractors acting on our behalf) may collect, store, and use your personal information through various methods, including:

  • Presenting Website content
  • Using our Services
  • Creating an account on our Website
  • Subscribing to our Services or publications
  • Requesting marketing communications
  • Entering a competition, promotion, or survey
  • Providing feedback

4.2 Usage of Collected Data

  • Personalizing your Website experience
  • Administering contests, promotions, and surveys
  • Sending periodic emails if opted-in
  • Providing requested information and services
  • Fulfilling contracts
  • Providing Services and updating on charges

4.8 Legal Basis for Data Processing

  • Performing contracts with you
  • Legitimate interests unless overridden by your rights
  • Legal or regulatory compliance

Cookies

We use cookies to enhance your experience and for analytics. Types of cookies include session, persistent, first-party, and third-party cookies.

5.6 Third-Party Cookies

  • Google Analytics
  • Hubspot
  • Hotjar
  • Hellobar

Where we store your data and security

We may transfer your data outside the EEA but ensure compliance with GDPR regulations and security measures.

Disclosing your information

  • To potential buyers in case of business sale
  • To other businesses in our group
  • For legal obligations
  • For fraud prevention

Your Rights

  • Request access, deletion, or correction of data
  • Data portability
  • Right to object to processing
  • Right to opt-out of marketing

Links to Other Sites

We are not responsible for the privacy practices of other websites linked from our site.

Changes

Changes to this Privacy Policy will be posted on this page.

Automated Decision-Making and Profiling

We use automated decision-making and profiling in compliance with GDPR.

Terms and Conditions

Visit our Terms and Conditions section for further details.

Your Consent

By using our Website, you consent to our Privacy Policy.

Dispute Resolution

Disputes related to this Privacy Policy will be resolved under English law in English courts.

!