Call Us
Book a Demo

Privacy & Data Protection Policy

Last updated: 15 September 2025

At Polaris Diagnostics Ltd (“Polaris DX”, “we”, “us”, “our”), your privacy is important to us. This policy explains how we collect, use, disclose, and protect your personal data when you visit our website [https://polarisdx.net], contact us, or engage with our services. It also outlines our wider commitment to international data protection compliance across all business operations.

1. Who We Are

Polaris Diagnostics Ltd
262A Fulham Road,
London SW10 9EL
United Kingdom

Email: privacy@polarisdx.net
Phone: +44 7879 433019

2. Scope of this Policy

This policy applies to:

  • Visitors to our website

  • Clients and partners interacting with our services

  • Individuals whose data is processed during medical device R&D, diagnostics, or related projects

We comply with:

  • EU General Data Protection Regulation (GDPR)

  • UK GDPR & Data Protection Act 2018

  • HIPAA, CCPA, and other applicable US laws

  • PIPEDA (Canada)

  • Estonian Personal Data Protection Act

  • Other local laws where services are provided

3. Categories of Personal Data We Collect

  • Identity Data: name, title

  • Contact Data: email, phone, postal address

  • Technical Data: IP address, browser, operating system, referring URLs

  • Usage Data: website navigation and interaction patterns

  • Communication Data: messages submitted via forms, email, or phone

  • Marketing Data: consent preferences and newsletter interactions

  • Health & Special Category Data (in R&D/clinical projects): diagnostic test results, device usage data, biomarkers, clinical trial data

4. How We Collect Personal Data

  • When you visit our website (cookies, analytics)

  • When you complete a form, book a demo, or subscribe to updates

  • When you contact us by email or phone

  • During client engagements, research, or clinical studies

  • At exhibitions or events when you provide your details

5. Purposes of Data Use

We process data to:

  • Operate and maintain our website

  • Respond to inquiries and provide support

  • Deliver R&D and diagnostic services

  • Fulfil contractual and legal obligations

  • Conduct analytics and service improvements

  • Send marketing messages (where consented)

  • Comply with medical device regulations and reporting requirements

6. Legal Bases for Processing

  • Consent (analytics, marketing, newsletters)

  • Contract (responding to service requests, R&D projects)

  • Legal obligation (regulatory compliance, recordkeeping)

  • Legitimate interest (security, basic analytics, quality assurance)

  • Explicit consent (for special categories of data such as health data)

  • Public interest (scientific research, safety monitoring)

7. Cookies & Tracking Technologies

We use cookies for essential site functionality, analytics (e.g. Google Analytics, Matomo), and marketing (e.g. Meta Pixel). Non-essential cookies are only set with your consent, managed via our Cookie Banner.

See our [Cookie Policy] for details.

8. Third-Party Services

We may use:

  • Google Analytics (website usage)

  • Google Fonts (cross-device font rendering)

  • YouTube/Vimeo (embedded videos)

  • Meta Pixel (ads and social tracking)

  • CRM/Email Tools (campaign management)

  • Web hosting providers

  • Real Cookie Banner (consent management)

All third-party processors are contractually bound to equivalent security and privacy standards.

9. Data Sharing & International Transfers

We maintain a strict no data sharing policy, except:

  • Where legally required

  • With explicit consent

  • With technical providers (e.g. hosting, infrastructure) under strict contractual safeguards

International transfers are protected by:

  • EU Standard Contractual Clauses

  • UK IDTA

  • HIPAA Business Associate Agreements

  • Adequacy decisions where available

10. Data Security Measures

  • End-to-end encryption for storage and transmission

  • Multi-factor authentication for system access

  • Regular penetration testing and audits

  • Role-based access controls

  • Staff training and confidentiality agreements

  • Incident response and breach notification protocols

11. Data Retention

  • Contact forms: up to 12 months

  • Cookie consent records: 6 months

  • Newsletter subscriptions: until withdrawn

  • Analytics: anonymised or deleted after 14–26 months

  • Clinical/medical R&D data: typically 10–15 years (per regulation)

12. Your Rights

You may exercise your rights under GDPR/UK GDPR and applicable laws:

  • Access, rectification, erasure

  • Restriction and objection to processing

  • Data portability

  • Withdraw consent at any time

  • File a complaint with a supervisory authority (ICO in the UK, or your local regulator)

Contact: privacy@polarisdx.net

13. Breach Notification

In the event of a data breach, we will:

  • Assess and contain the incident immediately

  • Notify supervisory authorities within 72 hours (where required)

  • Communicate transparently with affected individuals

  • Implement remediation measures

14. Data Protection Officer (DPO)

We have appointed a Data Protection Officer to oversee compliance:

Email: dpo@polarisdiagnostics.com
Address: [Company Registered Address]

15. Updates to this Policy

We review and update this policy regularly to reflect:

  • Regulatory changes

  • Service and technology updates

  • Industry best practices

Material changes will be communicated in advance where required.

16. Commitment Statement

Polaris Diagnostics Ltd is committed to the highest standards of privacy and data protection. We will never sell, trade, or misuse your data, and we apply privacy by design and by default in all our services.

Smart Diagnostic Tech for Health and Wellbeing

Links
Menu
Find Us
Copyright ©PolarisDX 2025 All Rights Reserved.
GDPR Cookie Consent with Real Cookie Banner