Privacy policy

1. Who We Are Vitalova (“we”, “us”, or “our”) is a UK-based provider of private blood testing services. We are committed to protecting your privacy and handling your personal data responsibly in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website (www.vitalova.co.uk) and our services.

2. What Personal Data We Collect We collect and process the following types of personal data:

  • Identity and Contact Data: Name, date of birth, address, email address, phone number.
  • Health Data (Special Category Data): Blood test results, medical history information you provide, and any other health-related information necessary to provide our service.
  • Order and Payment Data: Order details, payment information (processed securely by our payment provider).
  • Technical Data: IP address, browser type, device information, and website usage data (via cookies and analytics tools).
  • Communication Data: Records of your communications with us (emails, support tickets, etc.).

3. How We Use Your Personal Data We use your personal data for the following purposes:

  • To provide and deliver our blood testing services (including processing and delivering your results).
  • To communicate with you about your order, results, and service updates.
  • To improve our website and services.
  • To comply with legal and regulatory obligations.
  • To prevent fraud and ensure the security of our services.

4. Legal Basis for Processing We process your personal data under the following legal bases:

  • Contract: To fulfil our contract with you when you place an order.
  • Consent: Where you have given clear consent (e.g. for marketing communications).
  • Legal Obligation: Where we are required to process data to comply with UK law.
  • Legitimate Interests: For improving our services and website functionality.

For health data (special category data), we only process it where it is necessary for the provision of our service and with your explicit consent, or where it is required for reasons of substantial public interest or medical purposes.

5. How We Share Your Data We may share your personal data with the following third parties:

  • Accredited Laboratories – to process your blood samples and generate results.
  • Phlebotomy Partners – to arrange your blood draw (clinic or mobile).
  • Payment Processors – to securely process payments.
  • Service Providers – such as email platforms, hosting providers, and analytics tools (all bound by data processing agreements).
  • Legal Authorities – if required by law or to protect our rights.

We do not sell your personal data to third parties.

6. Data Retention We keep your personal data only for as long as necessary:

  • Order and results data: For a minimum of 6 years (in line with UK legal requirements).
  • Health data: Retained securely for as long as required to provide ongoing monitoring services or as required by law.
  • Marketing data: Until you unsubscribe or withdraw consent.

7. Your Data Protection Rights Under UK GDPR, you have the following rights:

  • Right to access your personal data
  • Right to rectification (correct inaccurate data)
  • Right to erasure (“right to be forgotten”)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time

To exercise any of these rights, please contact us at: support@vitalova.co.uk

8. Data Security We take the security of your personal data very seriously. We use appropriate technical and organisational measures to protect your data against unauthorised access, loss, or damage. This includes secure servers, encryption, and restricted access controls.

9. Cookies and Website Tracking Our website uses cookies to improve your experience and for analytics purposes. You can manage your cookie preferences through our cookie banner or your browser settings. For more information, please see our Cookie Policy.

10. International Transfers Some of our service providers may be located outside the UK. Where we transfer your data internationally, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses or UK Adequacy Decisions).

11. Changes to This Privacy Policy We may update this Privacy Policy from time to time. The latest version will always be available on our website. We encourage you to review this page periodically.

12. Contact Us If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:

Email: support@vitalova.co.uk