Verifypeps

Privacy Policy

This policy explains how we collect, use, and protect personal data when you use our website, Lab Portal, and testing services.

Last updated: May 2026

Who we are

Verifypeps is a trading name operated by Neicko Marsh, a sole trader established in the United Kingdom.

66 Paul St, London EC2A 4NA, United Kingdom

hello@verifypeps.com

Research-use-only policy · Laboratory partner disclosure

For UK GDPR purposes, the data controller is Neicko Marsh trading as Verifypeps.

What data we collect

Depending on how you use our services, we may process:

  • Contact details (name, email, organisation) submitted via forms or the Lab Portal
  • Account and authentication data for portal access
  • Sample submission metadata (batch references, order identifiers, method selections)
  • Certificate registry data you choose to make lookup-accessible
  • Communications with our team (email and support messages)
  • Technical logs required to operate the website securely (IP address, browser type, timestamps)

We do not intentionally collect special category data or health data.

How we use your data and lawful bases

  • Service delivery — to accept samples, perform testing coordination, issue certificates, and respond to enquiries (contract / legitimate interests).
  • Account administration — to manage Lab Portal access and security (contract / legitimate interests).
  • Legal and regulatory compliance — to meet record-keeping and consumer information obligations where applicable (legal obligation / legitimate interests).
  • Marketing communications — only where you opt in (consent). You may withdraw consent at any time.

Cookies and similar technologies

We use essential cookies and local storage required for authentication, session management, and security. We do not use non-essential analytics or advertising cookies in the current site version.

If this changes, we will update this policy and, where required under PECR, obtain consent before placing non-essential cookies.

Sharing and processors

We may share data with:

  • Hosting and infrastructure providers
  • Authentication and database services (Supabase)
  • Qualified partner laboratories performing agreed analytical methods, including EU facilities for selected HPLC methods
  • Professional advisers where legally required

Processors are engaged under appropriate data protection terms. Partner laboratories receive only the information required to perform the agreed test scope.

International transfers

Some processors may process data outside the UK. Where this occurs, we use appropriate safeguards such as UK IDTA-style contractual protections or equivalent mechanisms permitted under UK GDPR.

Retention

  • Account data: retained while your account is active and for a reasonable period thereafter
  • Certificate and testing records: retained as required for service continuity, audit, and legal obligations
  • Enquiry and marketing data: retained according to purpose and consent status

Your rights

Under UK GDPR you may have rights to access, rectify, erase, restrict, or object to processing, and to data portability where applicable. You may also lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise your rights, contact hello@verifypeps.com.

Related policies

See also our Terms of Service, Research Use Only policy, and Laboratory partner disclosure.