Data Protection | Unilabs Skip to main content

Data Protection

1 Public Statement

At Unilabs, we CARE BIG. We deeply value what matters most to our customers, including the sensitive data involved in diagnostics, and ensuring the security of your personal data. Our commitment to upholding the highest standards of data protection, in line with regulations like the GDPR, underscores our dedication to earning and preserving your trust. We understand the significance of safeguarding your information, reflecting our core belief in protecting your confidence in our brand. With Unilabs, data protection is not just a priority—it is a fundamental commitment we proudly stand by. 

Where does Unilabs stand with GDPR?

Unilabs is fully committed to GDPR compliance across all its entities. Whether it is patient data, employee records, customer information, supplier details, or any other personal data within our business activities, we prioritise meeting GDPR obligations and core principles of ethics.

Our dedicated team of data protection experts, overseen by the Group Data Protection Officer, ensures that best practices are consistently applied throughout the Unilabs Group with a continuous improvement. You can be confident that your personal data is managed with the highest level of care and strict adherence to GDPR standards.

Data processing: Under GDPR, Unilabs is mandated to collect and process personal data for specific and legitimate purposes only. We maintain a record of all processing activities (ROPA), outlining each processing operation along with its purpose and legal basis. This record is revised on a regular basis to reflect changing work practices. When engaging third parties to process personal data on our behalf, we exercise the utmost caution. We establish contractual data processing agreements to ensure that the rights of subjects are upheld and apply appropriate due diligence to ensure that data processors can meet and act upon their GDPR obligations.

Transparency. GDPR requires that appropriate measures are in place to manage personal data during its lifecycle. Unilabs has controls:

  • To ensure that only a minimum amount of personal data is collected; 
  • To allow personal data to be corrected and kept up-to-date; and 
  • To dispose of personal data when it is no longer needed or relevant.  

Unilabs is fully transparent with regards to how personal data is processed by Group companies. Personal data is mapped to allow collection, storage, usage, modification, or deletion of such data according to GDPR requirements and data subjects’ requests.


Data security: At Unilabs, data security is of the utmost importance to us.  We continuously assess and enhance our security systems, organisational measures, and work-practices to minimise our vulnerability to threats. By implementing the most rigorous security controls, we ensure that personal data is accessible at all times to the business while continuously safeguarding it against malicious actors. 

What's Next?

At Unilabs, delivering an exceptional customer experience is our priority. We are dedicated to make operational changes that follow the GDPR and country-specific health legislation.  Our commitment extends to keeping all of our clients, patients, and providers wherever they reside and all local regulatory authorities informed throughout these developments.

GDPR is a great opportunity to work hand in hand with every healthcare organisation in order to provide better care to individuals, whom entrust us with the protection of their personal data.

For more information about our compliance journey mail us at dpo@unilabs.com.

2 Information notices

The GDPR requires data controllers to provide to data subjects information about their processing and related matters and the rights of the data subjects in a succinct, transparent, clear, and easily accessible form, using plain language.

Unilabs Global Information notice to Healthcare professionals

Unilabs Global Information notice to Job applicants

Unilabs Global Information notice to Journalists

Unilabs Global Information notice to Suppliers

Unilabs Global Information notice to Website Visitors

Unilabs Global Information notice to Employees.

3 Information of your rights

Under the GDPR legislation, any individual, being the data subject, has various rights in relation to disposition with her or his data. Data subjects should be aware that their new rights under the GDPR are not always “absolute”, and restrictions apply that are codified in the text of the act, e.g. the right to erasure might not be applicable if not in the public interest, or if relevant to a case before the courts. 

We provide below the summary of the main relevant information, however, please feel free to reach out to the GDPR legislation body via this URL:  https://commission.europa.eu/law/law-topic/data-protection/data-protection-eu_en

3.1 Access. You have the right to request information on whether we process personal data about you as well as to request access to this personal data. You have the right to know why we collect personal data and how we process it, what kind of personal data we process, which organisations receive the personal data and how the personal data is stored.

3.2 Objection to the processing. You have the right to object to personal data processing which is based on our legitimate interests. However, if we have compelling legitimate grounds which override your interests, rights, and freedoms, we may have a right to continue the processing. Where processing is based on consent, you have the right to withdraw your given consent for Unilabs’ use of your personal data. This will not affect the use of the information about you prior to you withdrawing the consent.

3.3 Objection to processing for direct marketing purposes. You always have the right to object to our processing of your personal data for direct marketing purposes.

3.4 Rectification. You are entitled to request rectification of inaccurate or incomplete personal data, limitation of our processing and completion of incomplete personal data.

3.5 Erasure. You also have the right to request that your personal data is deleted under certain circumstances, for example if the information is no longer necessary.

3.6 Restriction of processing. You have the right to request that the processing of your personal data is restricted. There is a risk that we will be unable to provide you with our services during the time the processing is restricted.

3.7 Data portability. Under some circumstances you have the right to gain access to your personal data in a structured, commonly used, and machine-readable format (data portability) and have the right to transmit that data to another controller. This right is limited to personal data that you have provided us with if it is being processed for the purpose of fulfilling a contract with you or based on your consent.

3.8 If you have any questions relating to our processing of personal data, you are welcome to contact us at dpo@unilabs.com. If you want to make a complaint about the way we process your personal data, you have the right to do so to the Data Protection Authority in your jurisdiction.  
See:  https://www.gdprregister.eu/gdpr/dpa-gdpr/ .

4 Cookies

4.1 Unilabs uses cookies to receive and record information, we may also use other technologies to receive information (“Automatic Data Collection”). This may include personal information from your browser.

4.2 In general terms, cookies are small scripts which are sent to your web browser on your computer, to your mobile phone or other technical devices that you use. Cookies store information on the technical device and act as a memory which means that your technical device is remembered when you revisit the website.

There exist two kinds of cookies, session cookies and persistent cookies. Session cookies only exist until you shut down the web browser on the technical devise. Persistent cookies exist for a longer, specified period.

4.3 The information collected by cookies may include the following:

  • Geolocation
  • Time of visit, pages visited, and time spent on each page of the webpages
  • Referring site details (such as the URI a user came through to arrive at this site)
  • Domain, browser type and language
  • Country and time zone
  • Click behaviour
  • Type of operating system (OS)
  • Flash version, JavaScript support, screen resolution, and screen color processing ability
  • Network location and IP address.
  • Document downloads
  • Clicks on links leading to external websites
  • Errors when users fill out forms
  • Clicks on videos
  • Scroll depth
  • Interactions with site-specific widgets

4.4 Unilabs use cookies to receive information about usage of the website. The information helps us to improve our site and our services. You can usually change the settings of your web browser to turn off all cookies, to refuse new cookies or to have your device warn you when new ones are sent.

4.5 To modify the cookies, use the browser settings. Every web browser is different but you can always use the Help menu on your browser to learn how to change your cookies. The changing of cookies needs to be done on every browser that you use if you want the cookie settings to be the same. If you turn off your cookies you need to be aware of the fact that some of the services on the website may not function properly.

4.6 Information that can be used to identify users of the website will be disclosed to third parties (Google Analytics). Information that cannot be linked to the identity of the user may be disclosed. The amount of the time that the information received from the cookies is stored depends on how often you visit the website.

5 Further questions

Please, contact us at dpo@unilabs.com if you have any further questions concerning this policy. 

Welcome to the Unilabs website

Continue to the main corporate website

Or: Select a Unilabs country website from the list below