Privacy Policy & Data Protection

Privacy Policy

This statement covers the services provided by the York Bioanalytical Solutions website: The Data Controller for this website is York Bioanalytical Solutions. The purpose of this statement is to inform users of the York Bioanalytical Solutions website, which is managed by York Bioanalytical Solutions, about what information is collected about them when they visit this site, how this information is used, if it is disclosed and the ways in which we protect users' privacy.

Confidentiality and security

Any information you provide will be held securely and in accordance with the EU General Data Protection Regulation. Your personal details will not be disclosed to third parties. You can, at any time, change this information or request it to be removed.

Information we collect from visitors

We collect several kinds of information from visitors to York Bioanalytical Solutions website depending on the part of the site being visited: feedback, e-mail enquiries, e-mail addresses, site usage information and, in a few cases, personal details such as your name and postal details if you register to access privileged areas or services

  • Feedback:

If you provide feedback on York Bioanalytical Solutions website, we will only use this information to develop and improve the site.

  • Services sign up:

If you sign up to receive services we will use the information you give us to provide the service(s) you have requested. We may occasionally contact e-mail alert subscribers to help us evaluate and improve the service that we offer.

If you have used an on-line form on York Bioanalytical Solutions website to sign up for any service, you can correct, update or remove any personally identifiable information directly, via our Internet pages.

If you inform us that you wish to cancel a subscription to a service we will remove you from our mailing list and your details will be deleted from our records.

Changes to this privacy policy

If this privacy policy changes in any way, we will place an updated version on this page. Regularly reviewing this page ensures that you are always aware of what information we collect and how we use it

Data Protection

Public Statement

At Unilabs, we CARE BIG. This means that it is part of our culture to protect what our customers care the most about, of course this includes their personal data. We have always treated personal data with the highest level of security within our organisation and by complying with applicable data protection laws.

The implementation of the EU data protection framework – or General Data Protection Regulation (GDPR) – imposes a new set of rules that Unilabs will be compliant with.

Where does Unilabs stand with GDPR?

Wherever personal data is entrusted to any of our companies, we are dedicated to meet with GDPR requirements. This not only applies to the processing of patient data, but also that of our employees, customers, suppliers, business partners and other individuals whom we have work relations within the framework of our activity.

We have screened GDPR requirements, with the support of a top-ranked firm in data protection, and have set up a data protection team, led by a Group Data Protection Officer.

Data processing: GDPR requires that personal data be collected and processed fairly, and for specified, explicit and legitimate purposes. Our processing operations are inventoried in a register, and each of them rely on a clear legal basis. For example, a processing operation can be necessary for the performance of a contract, or for the purpose of legitimate interests pursued by Unilabs. We take particular care when we resort to third parties to process the personal data they are entrusted with and ensure that our data processors are subject to appropriate due diligence and contractual agreements.

Transparency: GDPR requires that personal data should always be controlled during its lifecycle, and appropriate steps taken to ensure it is adequate, relevant, limited, accurate and up-to-date. We are fully transparent on how personal data is processed by our companies. Personal data is mapped to allow collection, storage, usage, modification or deletion of such data according to GDPR requirements and data subjects’ requests.

Data security: At Unilabs, data security is of the utmost importance to us. We implement all appropriate technical and organisational measures to provide the highest level of security and ensure personal data is accessible and protected.

You can also read our dedicated GDPR FAQ document to find out more on how we stand with regards to the new legislation.

What's Next?

At Unilabs, we do our best to provide an incredible customer experience. We will continue to make additional required operational changes following on from the new legislation, and will keep our clients, patients, providers and all regulatory authorities informed throughout this development.

GDPR is a great opportunity to work hand in hand with every healthcare organisation in order to provide better care to individuals, whom entrust us with the protection of their personal data.

If you would like to know more about GDPR’s requirements, read more about the new regulation on the European Commission website:

For more information about our compliance journey mail us at

Information Notices