Immunokey Website Privacy Notice
Last updated: 16 December 2025
This Privacy Notice explains how Immunokey Limited ("Immunokey", "we", "us", or "our") collects, uses, stores, and protects personal data when you visit or interact with our website.
Immunokey is a company incorporated in England and Wales and operates primarily in the United Kingdom. Our website may be accessed by users in the UK, the European Economic Area (EEA), the United States, China, and other jurisdictions.
We are committed to protecting your privacy and complying with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable, the EU GDPR.
1. What personal data do we collect?
We aim to minimise the personal data we collect and do not intentionally collect personal data simply by you browsing our website.
However, like most websites, limited technical data may be collected automatically by our website hosting provider or by third‑party service providers used to operate core website functionality. This may include:
Internet Protocol (IP) address
Browser type and version
Operating system
Date and time of access
We do not use this information to identify individual visitors.
The personal data we intentionally collect is information that you voluntarily provide to us, for example:
Your name
Your email address
Your organisation
Any information you choose to include when contacting us via the website contact form or by email
2. How do we collect your data?
We collect personal data only when you:
Submit an enquiry through the contact form on our website, or
Contact us directly by email
3. How do we use your data?
We use your personal data only for the following purposes:
To respond to your enquiries
To communicate with you about our products, services, or business activities where relevant
To manage our business relationships
We do not sell your personal data and do not share it with third parties for marketing purposes.
4. Legal basis for processing (UK/EU GDPR)
Under the UK GDPR and EU GDPR, we process your personal data on the following legal bases:
Consent – where you choose to contact us and provide your information
Legitimate interests – to respond to enquiries and conduct our business communications
You may withdraw your consent at any time by contacting us using the details below.
5. How do we store and protect your data?
Immunokey stores personal data on secure and protected systems with appropriate technical and organisational security measures in place to prevent unauthorised access, loss, or misuse.
Access to personal data is limited to authorised personnel only.
6. How long do we keep your data?
We retain personal data only for as long as necessary for the purposes for which it was collected, including to respond to enquiries and maintain business records.
In general:
Enquiry-related correspondence is retained for as long as it remains relevant to our business relationship
Personal data will be securely deleted or anonymised when it is no longer required, or when the company ceases operations
7. Marketing communications
We may contact you with information about our products or services if you have requested information or have an existing business relationship with us.
You have the right to opt out of marketing communications at any time by:
Clicking an unsubscribe link (where provided), or
Emailing us at info@immunokey.co.uk
We do not share your personal data with third parties for marketing purposes.
8. International data transfers
As a UK-based company, your personal data is primarily processed in the United Kingdom.
If personal data is accessed from or transferred to locations outside the UK or EEA, we will ensure appropriate safeguards are in place in accordance with applicable data protection laws.
9. Your data protection rights
Under UK GDPR and, where applicable, EU GDPR, you have the following rights:
Right of access – to request a copy of the personal data we hold about you
Right to rectification – to request correction of inaccurate or incomplete data
Right to erasure – to request deletion of your personal data, in certain circumstances
Right to restrict processing – to request limitation of how we use your data
Right to object – to object to processing based on legitimate interests or for marketing
Right to data portability – to request transfer of your data to you or another organisation
You will not normally be charged for exercising your rights. If a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse the request.
We will respond to valid requests within one month.
To exercise your rights, please contact us using the details below.
10. Cookies
Our website is designed to operate without the use of non‑essential cookies.
However, our website hosting provider or third‑party services (such as contact form functionality) may place essential or strictly necessary cookies to ensure the website functions correctly, remains secure, and delivers content reliably.
We do not use cookies for advertising, behavioural tracking, or marketing analytics.
You can manage or disable cookies through your browser settings. Further information about cookies is available at www.allaboutcookies.org.
11. Links to other websites
Our website may contain links to third-party websites. This Privacy Policy applies only to our website. We encourage you to review the privacy policies of any external sites you visit.
12. Additional information for US residents (CCPA / CPRA)
This section applies to visitors who are residents of California or other US states with applicable privacy laws.
Under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), you may have the right to:
Know what personal information we collect and how we use it
Request access to or deletion of your personal information
Opt out of the sale or sharing of personal information (note: we do not sell or share personal information)
Not be discriminated against for exercising your privacy rights
We collect only limited personal information provided voluntarily through contact enquiries and limited technical data necessary to operate the website. We do not use personal information for targeted advertising or profiling.
Requests to exercise your US privacy rights can be made using the contact details below.
13. Information for investors, researchers, and business contacts
If you contact Immunokey as an investor, potential partner, researcher, or other professional contact, we may process your personal data to:
Communicate with you regarding business, scientific, or investment-related matters
Maintain records of our professional interactions
Comply with legal or regulatory obligations
Such processing is based on our legitimate interests in conducting and developing our business, and data is retained only for as long as necessary for these purposes.
14. Regulatory and compliance note (UK ICO perspective)
This Privacy Policy is intended to meet the transparency requirements of the UK GDPR and the Data Protection Act 2018.
Immunokey:
Collects minimal personal data
Avoids unnecessary tracking and profiling
Uses personal data only for clear, limited purposes
Applies appropriate security measures
Respects individual rights and statutory response timelines
If you believe your data protection rights have been infringed, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): www.ico.org.uk
15. Changes to this Privacy Policy
We keep this Privacy Policy under regular review and may update it from time to time. Any changes will be posted on this page with an updated revision date.
16. How to contact us
If you have any questions about this Privacy Policy, the personal data we hold about you, or wish to exercise your data protection rights, please contact us:
Email:info@immunokey.co.uk
Post: Immunokey Limited, 4 Sunny Lea Mews, Victoria Road, Wilmslow, SK9 5HN, United Kingdom
17. Review
This policy will be reviewed annually or following any significant security incident.