Privacy & Cookies Policy


This privacy policy sets out the way Check4Cancer Ltd process your personal information. It deals with how we collect information, what we do with it, how we protect it and what controls or rights you have.

We are committed to protecting the privacy of anyone who interacts with us and will treat all information you give us with care.

We promise to:

  • Tell you why we collect personal information, how we do this and what we use it for.
  • Only collect the information we need to deliver the service to you.
  • Keep the personal information up to date and ensure it is safe and secure.

Please read this Privacy Policy carefully to understand how we process your personal data. By providing your personal data to us or by using our services or this website you are accepting or consenting to the practices in this Privacy Policy.

We may change this policy from time to time. The date this policy was last updated is shown at the end of this document.

As a data controller, we fully comply with the Data Protection Act 2018, the Privacy and Electronic Communications Regulations 2003 and the UK General Data Protection Regulations (UKGDPR). We will also comply with all applicable clinical confidentiality guidelines.

In respect of any services we supply to individuals in any of the EU Countries we will when applicable also comply with the EU General Data Protection Regulations (EUGDPR) in respect of the processing of the personal data of the individuals situated in those EU Countries.

We are recorded on the ICO Data Protection Register under registration number Z1201347.


In this policy references to Check4Cancer or are to Check4Cancer Ltd, a company registered in England and Wales, registered number 8866941 whose registered address is Lower Court 3-4, Copley Hill Business Park, Cambridge Road, Cambridge, CB22 3GN.


The data controller is Check4Cancer Ltd.


We collect personal information about you to enable us to provide the services or fulfil a role with us. This may include:

  • Name and address, marital status, family history and details of any lasting powers of attorney.
  • Email address and telephone numbers.
  • The country you live in, your gender, date of birth, national insurance number, NHS number, passport number and where relevant the language you speak.
  • Details of your employment.
  • The name and contact details of your next of kin. It is your responsibility to ensure that if you provide us with any information about another person that they are aware of the terms of this privacy policy.
  • From your parent or guardian if you are under 16. This may include details of any educational establishment you attend.
  • Recordings of telephone calls or video calls we receive or make.
  • Your photograph and photographs for care and treatment
  • Details of services and treatments you may have received from us.
  • Reports or notes on your health or any treatment and care you have received or need.
  • Details of your GP or consultants you are referred to.
  • Patient feedback and treatment outcome information you provide.
  • Information about complaints and incidents.
  • When you visit our website, we collect information about your IP address and pages you visit. This does not tell us who you are or your address unless you choose to provide that information.
  • Your payment information (e.g. credit card details) provided when you make a payment to us.
  • Your employer or insurance provider if applicable for billing purposes.
  • Information from customer surveys, promotions or competitions that you take part in.
  • The result of any credit or anti-fraud checks we have made on you.

We will also collect Special category data – sometimes called sensitive personal information. This includes:

  • Information about your race, ethnic origin and religion.
  • Information about your physical or mental health, genetic data or biometric data.
  • Information about your sex life or sexual orientation.
  • Information about risk and safeguarding.
  • Information about criminal offences.

            We collect the personal information in the following ways:

  • When you enquire about one of our services or treatments.
  • When you provide information by filling in a form on registration or information provided at any other time.
  • When you correspond with us by email, phone or other ways.
  • During the course of the provision of services to you.
  • When you contact us by email, telephone, social media or in any other way.
  • When you visit our website.
  • When you fill in a form or survey for us.
  • Information from emergency services, local authorities and other public organisations.

[Information from third parties including business partners, service providers, technical sub-contractors, payment and delivery services or advertisers when you have given permission to share it with us.

  • From publicly available services to keep your information up to date for example the NHS national database.
  • When you participate in discussion forums or other social media on our site or sites managed by us.
  • When you take part in a social event.
  • When you enter a competition, promotion or survey.

We may collect personal data about you from other sources and these can include:

  • From your next of kin or other family member.
  • Provided by doctors, other clinicians and health care professional, hospitals, clinics and other health care providers.
  • Your employer when they provide information.
  • Translators and interpreters.
  • Any health professional or organisation who provides information for the continuity of your care.
  • Information from a Local Authority or the Police.
  • Fraud and credit reference agencies and on DBS checks.

We use the personal information to provide the health to individual patients and services with others and to meet our contractual commitments to you. This may include:

  • Processing – this will include using the information to fulfil any request made by you or someone on your behalf to receive one of our health or care services or receive an email newsletter.
  • Contract – if we have a contract with you, we will process your personal information to fulfil that contract,
  • Consent – generally we will only ask for your consent to process your personal information if there is no other legal ground to process. Where we need your consent, we will ensure you are as fully informed as possible and use that consent solely for the reason you have given it to us. You will be able to change your mind at any time by contacting us at the address in paragraph 13. Any direct marketing email or text to you will have a link to let you do so.
  • Public interest Task – we will process your personal information when carrying out the performance of a task in the public interest which includes the provision of direct health care or social care. This also includes processing personal information for medical research, trials and to train and educate health care professionals.
  • Necessary for the purpose of preventative or occupational medicine – to assess whether you are able to work, the provision to you of health or social care, a medical diagnosis, or the management of health and social care systems.
  • Necessary to defend legal claims or a court action.
  • Vital interests – where it is necessary to protect your vital interests or those of another person.
  • Employment – when necessary to fulfil our duties under employment law.
  • Public interest – this is usually in line with any applicable laws such as protecting against dishonesty, malpractice or other seriously improper behaviour.
  • Information you have made public.
  • Marketing – in addition to processing we will use your personal information to provide you with information about services you have requested or would reasonably expect to receive from us. You will be able to change your mind at any time and we will keep your preferences up to date. Any email or text to you about marketing will have a link to let you unsubscribe.
  • Profiling – we may make use of profiling and screening methods to provide a better service to patients. Profiling helps us target resources more effectively through gaining an insight into the background of patients and helping us build relationships that are appropriate to their needs.
  • Statistical Information - provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information).

Check4Cancer also processes your data when it is in our legitimate interest to do this and when these interests do not override your rights. These legitimate interests include: -

  • Providing you with information on services, feedback.
  • Keeping our records up to date.
  • For statistical research and analysis and to enable us to monitor and improve services.
  • To monitor how we are meeting our clinical and non-clinical performance in the case of health care providers.
  • Sharing your personal information with people or organisations in order to comply with any legal or regulatory obligations or to enable us to run our organisation.
  • To fulfil laws that apply to us and the third parties we work with.
  • To take part in or be the subject of any merger, sale or purchase of all or part of our business.
  • Managing our relationships with you and third parties who assist us to provide the services to you.

Your information will only be accessible to our staff and only where it is appropriate in respect of the role they are carrying out. We will never sell your information or let other organisations use it for their own purposes.

We will only share your personal information:

  • If consent is necessary, we will have taken your consent to us doing so and will provide information for the specific reason your consent was given. You will have the opportunity to withhold consent when you complete the form on which we collect the data or you can do so by contacting us at the address in paragraph 13 at any time.
  • Doctors, clinicians, hospitals, clinics, diagnostic and treatment centres and other health care providers to provide our services and continuity of health care. This also includes processing personal information to enable organsiations to carry out research and medical trials and processing personal information to train and educate health care professionals.
  • Your GP – where clinically necessary we may share your information with your GP. You can ask us not to do so and we will respect this unless legally required to provide the information. You should be aware it may be detrimental to your health if your GP does not have your full medical history.
  • First responders, ambulance service, safeguarding, undertakers, coroner and care homes.
  • Where it is necessary to protect your vital interest (i.e. your life or health)
  • Other organisations you belong to confirm your entitlement to our services.
  • Organisations or people who by law or regulations we must share your personal information with. This can be national data bases, screening registers government authorities and NHS organisations.
  • The police or other law enforcement agencies to assist them perform their duties if we must do this by law or under a court order.
  • Where we use other organisations to provide services on our behalf for processing, mailing, delivering, answering patients questions about services, sending mail and emails, data analysis, assessment and profiling or processing credit/debit card payments.
  • To organisations who you have requested us to supply information so that they can provide services or products you have requested.
  • For employees of corporate clients or customers of insurance providers, Check4Cancer will only provide information that a test has been performed for the purpose of invoicing and statistical management information relating to the effectiveness of the testing. We do not share the results of medical screening without your consent unless there is lawful basis requiring us to do so.
  • For invoicing purposes and logistic of onsite clinics, it may be necessary to provide your name as evidence that a) a test has been conducted or b) providing attendee and non-attendee reports for onsite clinics.
  • We may send and receive information about you with the National Disease Registration Service (NDRS) at Public Health England (PHE) for the purposes of knowledge sharing and improving services to patients. PHE will provide Check4Cancer with cancer diagnosis data restricted to those cancers that we have clinical services for, as well as cancer staging and treatment data. This data is essential to allow Check4Cancer to perform a comprehensive and effective audit of all clients and patients who use our cancer screening and diagnostic services, and the pseudonymised data may be used for internal clinical reports that may be presented or published and compared to reference datasets or publications. You can find out more about the NDRS at PHE, and how they will process your data, here:
  • To any organisation requesting a reference when you have applied for a position with the organisation or to join the organisation in some capacity.
  • Organisations providing IT systems, IT support and hosting in relation to IT systems on which information is stored.
  • When using auditors, professional advisors, insurers, suppliers and subcontractors.
  • With our subsidiaries and with our affiliate companies.
  • When we are legally required to, or because of a lawful request by a governmental or law enforcement authority.
  • If we merge with another organisation, form a new entity, sell our business or purchase a business.

Where a third-party data processor is used, we ensure they operate under a contract which includes confidentiality and security of personal data and their obligations under the Data Protection legislation.


The security of your personal information is very important to us. We protect all personal data we hold and ensure we have appropriate organisational and technical measures in place to prevent unauthorised access or unlawful processing of personal data and to prevent data being lost, destroyed or damaged.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

All the personal data is processed in the UK however for IT hosting and maintenance your information may be situated outside the European Economic Area (EEA).

You might find links to third party websites on our website. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.


You have the following rights:

  • Transparency over how we use your personal information (right to be informed).
  • To request a copy of the personal information we hold about you, which will be provided to you within one month (right of access).
  • An update or amendment of the personal information we hold about you (right of rectification).
  • To ask us to stop using personal information (right to restrict processing).
  • Ask us to remove your personal information from our records (right to be forgotten).
  • Request us to remove your personal information for marketing purposes (right to object).
  • To obtain and reuse your personal data for your own purposes (right to portability).
  • Not to be subject to a decision based on automated processing.

You can contact to us about any of these rights at the address in paragraph 13. To protect your privacy, we may ask you to prove your identity before we agree to respond to any request. There is no charge for a request, and we will respond to the request within one month.

If you are not satisfied with the way in which we deal with your request, you can contact the Information Commissioners Office on 0303 123 1113 or at their website


Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and

allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

 We use the following cookies: 

  • Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
  • Analytical/performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

We hold your information only for as long as necessary for each purpose we use it. We use the following guidelines: -

  • Any time limits set by law or recommended by regulators professional bodies or associations.
  • Time limits for making a claim.
  • For as long as we have a reasonable need for managing our relationship with you or running our organisation.
  1. How to contact us.

If you have any questions about this privacy policy or your rights regarding processing your personal information, or wish to make a complaint please contact This email address is being protected from spambots. You need JavaScript enabled to view it..

Or, by post to our address Lower Court 3-4, Copley Hill Business Park, Cambridge Road, Cambridge, CB22 3GN. 

This policy was last updated on 29th October 2021.