Our contact details
Name: Mark Martin
Address: Set Points Health, The Glasshouse, Alderley Park, SK10 4TG
The type of personal information we collect
We currently collect and process some the following information:
Personal identifiers, contact detailss and characteristics (for example, name mobile number, email, home or work address, website user stats, website cookies)
General Practitioner or responsible clinician details
Personal Medical history
Medical test results
Habits (for example exercise and nutrition)
Place of work and professional details
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
To help us interpret your metabolic health data
We also receive personal information indirectly, from the following sources in the following scenarios:
Your health club or personal trainer if you have one through a partner health organisation
With your permission from your GP or responsible clinician
Referral from a friend or colleague
How we collect information
We collect data about you at different touch points, these include verbal and written communication. Typically, we will request information through secure email communications, WhatsApp, online forms, mobile and telephone communications.
Why we collect information
We prefer to collect communication directly from you but on occasion we may need to collect information about you from your personal trainer or responsible clinician. For example, when we haven’t received a response from you after we have tried to make contact. Or if we can’t contact you and need further personal information to provide you with tailored feedback.
How we use your information
We collect adequate personal information to interpret your results and communicate them to you.
How we share your information
We use the information that you have given us in order to provide tailored advice on lifestyle, exercise and nutrition.
To interpret your metabolic health results delivered to us by the laboratory after completing one of our tests
We may share this information with, for example, your personal trainer and those we deem directly responsible for your health and wellbeing. We will typically request explicit consent before we share your data and inform you who we will be sharing your data with and for what purpose. This will give you an additional opportunity to approve or decline the sharing of your data.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
(a) Your consent. You are able to remove your consent at any time. You can do this by contacting firstname.lastname@example.org
(b) We have a contractual obligation.
(c) We have a legal obligation.
(d) We have a vital interest.
(e) We need it to perform a public task.
(f) We have a legitimate interest.
How we store your personal information
Your information is securely stored on password protected and encrypted servers in the cloud. We use two-point authentication where possible.
We keep personal information for the duration you use our services and as stipulated by law we are required to keep your medical records for 10 years. Depending on the type of information we hold we will then dispose your information by deleting or shredding all your files and with respect to biological samples this will include incineration.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at email@example.com if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at firstname.lastname@example.org
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk