Privacy Policy

Last updated: 12 June, 2026

1. Who we are

PathSure Group Ltd. is the controller of personal data processed through our website and services. Company no. [number]. ICO registration: [number]. Contact: [email protected].This policy explains how we handle personal data under the UK GDPR and Data Protection Act 2018.

2. Data we collect

  • You provide: name, job title, organisation, email, phone, address, service details, marketing preferences.

  • Collected automatically: IP address, device and browser data, pages visited, cookies (see Cookie Policy).

  • From service delivery:sender/recipient details, addresses, signatures, proof of delivery, and limited information shown on consignment labels (which may include patient identifiers provided by our healthcare clients).

We do not access the contents of sealed consignments. Where healthcare clients place patient data on paperwork, we act as a processor on their behalf.

3. How we use it

Purpose

  • Responding to enquiries and quotes

  • Providing services and proof of delivery

  • Invoicing, accounting, tax

  • Website improvement and security

  • Marketing to business contacts

  • Regulatory compliance (UN3373 etc.)

  • Defending legal claims

Legal basis

  • Legitimate interests / pre-contract

  • Contract

  • Legal obligation

  • Legitimate interests

  • Legitimate interests (opt-out anytime)

  • Legal obligation

  • Legitimate interests / legal obligation

4. Special category data

We do not collect health data for our own purposes. Where health-related data appears on consignment paperwork, we process it only on the client's instructions.

5. Who we share with

Our staff and drivers (need-to-know), service providers (IT hosting, telematics, accounting, email), insurers and advisers, regulators and law enforcement where legally required, and a successor or acquirer in any corporate transaction. All processors are under written contracts with UK GDPR safeguards.

6. International transfers

Most processing is in the UK or EEA. Any transfers outside the UK use UK adequacy regulations, the International Data Transfer Agreement, or equivalent safeguards.

7. How long we keep data

  • Enquiries: up to 24 months

  • Client and service records: 7 years after the relationship ends

  • Proof of delivery: typically 7 years

  • Marketing: until you unsubscribe or 24 months of inactivity

  • Website logs: up to 26 months

8. Security

We use access controls, encryption in transit, vetted drivers, secure facilities and staff training. No system is 100% secure, but we take our duties seriously.

9. Your rights

You have the right to access, rectify, erase, restrict, object to processing, data portability, and withdraw consent. To exercise these, email [email protected]. We will respond within one month.You can also complain to the Information Commissioner's Office at ico.org.uk or 0303 123 1113.

10. Cookies

See our Cookie Policy.

11. Children

Our services are aimed at healthcare businesses. We do not knowingly collect data from anyone under 16.

12. Changes

We may update this policy. Material changes will be notified via the website.

© PathSure Group Ltd. All Rights Reserved.