DATA SHARING POLICY

Managed Self Ltd t/a “Klarity”

Version : 4

Effective date: 1-Sep-2025

Managed Self Ltd (“we”, “us”, “our”, “Klarity”) is a company registered in England and Wales with company number 10696687. Our registered office is Alum House, 5 Alum Chine Road, Westbourne, Bournemouth, BH4 8DT, United Kingdom.

We are committed to protecting your privacy and ensuring fair and transparent processing of your information. This Policy explains how we collect, use, share and protect your information in connection with Klarity’s screening programmes and related services.

1. Information we collect

We collect information through our online questionnaire and related services, including:

Personal health information (e.g., medical history, symptoms, genetic information)
Demographic information (e.g., age, gender, ethnicity)
Lifestyle information (e.g., diet, exercise habits, smoking status)
Device-related data (e.g., IP address, device type)

2. Purposes of processing

We use your information for the following purposes:

Cancer screening: to assess your eligibility and facilitate screening procedures
Risk prediction models: to analyse your information using proprietary AI models to assess risk for different types of cancer
Personalised recommendations: to provide tailored screening recommendations
Service delivery: to arrange screening services, including at-home sample collection kits and clinic appointments.

3. Third-party suppliers

To deliver comprehensive cancer screening services, we work with trusted partners. These include:

The Mole Clinic: for skin cancer checks at clinic appointments.
Scan.com: for mammograms and other radiological tests.
Bloodsandbeyond: for mobile phlebotomy services where full blood draws are required.
The Doctors Laboratory: for analysis of blood samples.

These suppliers are contractually bound to confidentiality, to process information only as required to deliver services, and to comply with applicable data protection law.

4. Use of AI

We use advanced AI technologies to enhance our services. We do not input personally identifiable information into AI systems. AI-generated content may form part of our service and is intended to support, not replace, professional advice. By using Klarity services, you acknowledge and accept this use of AI.

5. How we share information

We may share your information only as follows:

With authorised healthcare professionals: to review your results and provide guidance
With third-party service providers: such as our phlebotomy and laboratory partners
In aggregated, anonymous form: with organisations funding screening programmes, to provide metrics (e.g. number of participants, completed screenings, general trends). These reports never identify individual participants.
International transfers: if information is transferred outside the UK or EU, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement or Standard Contractual Clauses.

We do not sell or share your information for marketing or promotional purposes.

6. Security

We implement strict security measures to protect your information against unauthorised access, disclosure, alteration or destruction, including:

Encryption during transmission and storage
Access controls limiting access to authorised personnel only
Secure storage in line with industry standards and GDPR
Data lifecycle management to ensure secure disposal when no longer needed.

7. Retention

We retain information only for as long as necessary to fulfil the purposes described in this Policy, or to meet legal, regulatory or contractual obligations. When determining retention periods, we consider:

our contractual obligations to you
applicable legal requirements
our legitimate interests (such as maintaining records and improving services)
the need to resolve potential disputes.

Once the retention period has expired, information is securely deleted or anonymised.

8. Your rights

You have the following rights under data protection law:

Right to access to your information
Right to rectification of inaccurate or incomplete data
Right to erasure in certain circumstances
Right to restrict processing in certain circumstances
Right to data portability to obtain and reuse your data
Right to object to certain types of processing
Right to withdraw consent at any time (without affecting processing carried out lawfully before withdrawal).

You can exercise your rights by contacting us at info@getklarity.io. We will respond within one month. You also have the right to complain to the Information Commissioner’s Office (ICO).

9. Data breach notification

If a data breach may pose a risk to your rights and freedoms, we will notify you and the ICO without undue delay, and within 72 hours where feasible, in line with GDPR requirements.

10. Changes to this Policy

We may update this Policy from time to time to reflect changes in our processing practices or legal requirements. We will publish the updated Policy on our website and notify you of material changes.

11. Contact

If you have questions, concerns or wish to exercise your data rights, contact us:

Klarity / Managed Self Ltd

Alum House, 5 Alum Chine Road

Westbourne, Bournemouth

BH4 8DT

United Kingdom

Email :info@getklarity.io

If you are not satisfied with our response, you can complain to the UK Information Commissioner’s Office:

Information Commissioner’s Office

Wycliffe House, Water Lane

Wilmslow, Cheshire

SK9 5AF

Website :ico.org.uk/concerns/

Email :casework@ico.org.uk