Privacy Policy

---

Last updated April 19, 2026

INTRODUCTION

Cellular Diagnostics (we, us, or our) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website (https://www.cell-diag.com), our in-person diagnostic services, and our iOS Security Community via Skool (collectively, the Services).

We are a data controller registered in the United Kingdom. Our registered address is 64 Devonport Road, Stoke Village, Plymouth, Devon, United Kingdom.

For any privacy-related questions, contact us at:

Email: info@cell-diag.com

Phone: +441752 741741

Post: 64 Devonport Road, Stoke Village, Plymouth, Devon, United Kingdom

WHAT DATA WE COLLECT

Information You Provide Directly

Contact details (name, email address, phone number)

Appointment booking information for in-person diagnostics

Account registration details for Skool community access

Device details (make, model, operating system) for diagnostics

Payment information (processed via Square for diagnostics and Stripe for Skool subscriptions; we do not store full card details)

Communications with us (emails, messages, feedback)

Information from Device Diagnostics

During our in-person diagnostic services, we may temporarily access:

Device system logs and configuration files

Installed applications and profiles

Network settings and connections

Performance metrics

We do not access, extract, or retain your personal photos, messages, browsing history, passwords, or account credentials unless specifically required to identify a security threat and only with your explicit consent.

Automatically Collected Information

When you visit our website or Skool community, we may collect:

IP address

Browser type and version

Device and operating system information

Pages visited and time spent

Referral source

We use cookies and similar technologies for website functionality and analytics. See the Cookies and Tracking section for more details.

HOW WE USE YOUR DATA

We use your personal data for the following purposes:

Providing diagnostic services and generating reports (Legal Basis: Contract performance)

Processing payments via Square or Stripe (Legal Basis: Contract performance)

Communicating about appointments, community access, and services (Legal Basis: Contract performance / Legitimate interest)

Improving our Services and website (Legal Basis: Legitimate interest)

Complying with legal obligations (Legal Basis: Legal obligation)

Sending marketing communications, only with your consent (Legal Basis: Consent)

DEVICE DATA HANDLING

Local Analysis Only

All diagnostic analysis is performed locally on our secure equipment during your appointment at our Plymouth location. We do not upload your device contents, personal data, photos, messages, or files to external servers or cloud storage.

Temporary Data Retention

Diagnostic reports and any temporary data extracts are permanently deleted within 48 hours of service completion, unless you request extended secure storage in writing.

Data Security During Diagnostics

Devices are handled in your presence or in secure premises

We use industry-standard tools and procedures

No third parties access your device data

Your Responsibility

You are responsible for backing up your device prior to service. We are not liable for data loss during the diagnostic process.

HOW WE SHARE YOUR DATA

We do not sell, rent, or trade your personal data. We only share data in the following circumstances:

Service Providers

Square: Payment processing for in-person diagnostic services. Square collects and processes payment data in accordance with their own Privacy Policy.

Stripe: Payment processing for Skool community subscriptions. Stripe collects and processes payment data in accordance with their own Privacy Policy.

Skool: Platform hosting for the iOS Security Community. Skool processes account data and community content in accordance with their own Privacy Policy.

Website hosting and analytics providers: For website operation and performance monitoring.

Legal Requirements

We may disclose your data if required to do so by law or in response to valid requests by public authorities (for example, court orders or law enforcement).

Business Transfers

If we are involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction.

DATA RETENTION

We retain your personal data only for as long as necessary:

Contact and booking information: 6 years (UK tax and legal requirements)

Diagnostic reports and extracts: 48 hours unless extended storage requested

Payment records: 6 years (UK tax requirements)

Website analytics: 26 months

Marketing consent records: Until consent is withdrawn

After the retention period expires, we securely delete or anonymise your data.

YOUR DATA PROTECTION RIGHTS

Under UK and EU data protection laws, you have the following rights:

Right to Access: Request a copy of the personal data we hold about you.

Right to Rectification: Request correction of inaccurate or incomplete data.

Right to Erasure (Right to be Forgotten): Request deletion of your personal data where there is no compelling reason for us to continue processing it.

Right to Restrict Processing: Request that we suspend processing of your personal data.

Right to Data Portability: Request transfer of your data to you or another controller.

Right to Object: Object to processing based on legitimate interests or direct marketing.

Right to Withdraw Consent: Withdraw consent at any time where we rely on consent to process your data.

To exercise any of these rights, contact us at info@cell-diag.com. We will respond within one month.

COOKIES AND TRACKING

Our website uses cookies to:

Enable core functionality (booking, contact forms)

Analyse website traffic and usage

Remember your preferences

You can manage cookie preferences through your browser settings.

DATA SECURITY

We implement appropriate technical and organisational measures to protect your personal data, including:

Encryption of data in transit (SSL/TLS)

Secure local storage for diagnostic equipment

Access controls and staff training

Regular security assessments

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

INTERNATIONAL DATA TRANSFERS

We are based in the United Kingdom. Your data is primarily processed within the UK. If we transfer data outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses.

THIRD-PARTY LINKS

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. Please review their privacy policies.

CHILDREN'S PRIVACY

Our Services are not intended for individuals under 18 without parental consent. If we learn we have collected data from a minor without verification of parental consent, we will delete that information.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the Last updated date at the top. We encourage you to review this policy periodically.

COMPLAINTS

If you believe we have not handled your data properly, you have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. Contact the ICO at www.ico.org.uk.