Privacy Policy

Welcome to Unlimit Lab Ltd (“Unlimit Lab,” “we,” “us,” or “our”). We are committed to protecting your privacy and handling your personal data in a transparent, lawful, and secure manner.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.unlimitlab.com (the “Site”), use our services, or otherwise interact with us. This policy applies to all of our ventures, platforms, and products operated under the Unlimit Lab umbrella.

By accessing or using our Site and services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of our Site and services immediately.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, the data controller is:

We may collect and process the following categories of personal data:

3.1 Information You Provide Directly

• Identity Data: Full name, job title, company name.
• Contact Data: Email address, telephone number, postal address.
• Account Data: Username, password, account preferences.
• Communication Data: Messages, enquiries, and feedback submitted via our contact forms, email, or other communication channels.
• Professional Data: CV/resume, qualifications, certifications, work experience (where applicable to our care workforce platforms).
• Financial Data: Billing information, payment card details (processed securely through our third-party payment processors — we do not store full card numbers).
• Subscription Data: Newsletter sign-ups, marketing preferences.

3.2 Information Collected Automatically

• Technical Data: IP address, browser type and version, operating system, device type, screen resolution, time zone setting, and platform.
• Usage Data: Pages visited, time spent on pages, click-through data, navigation paths, referring URLs, and exit pages.
• Location Data: Approximate geographic location derived from your IP address.
• Cookie Data: Information collected through cookies, pixels, and similar tracking technologies (see Section 10).

3.3 Information from Third Parties

• Analytics Providers: Data from Google Analytics and similar services.
• Social Media: If you interact with us via social media platforms, we may receive profile information as permitted by your privacy settings.
• Business Partners: Information from referral partners, recruitment agencies, or care organisations where relevant to our platforms.

We use your personal data for the following purposes:

• Service Delivery: To provide, maintain, and improve our platforms, products, and services.
• Account Management: To create, manage, and authenticate your user account.
• Communication: To respond to your enquiries, send service-related notices, and provide customer support.
• Personalisation: To tailor your experience and deliver content relevant to your interests.
• Marketing: To send you promotional materials, newsletters, and information about our services (only with your explicit consent where required).
• Analytics & Improvement: To analyse usage patterns, monitor performance, and improve our Site and services.
• Security: To detect, prevent, and address fraud, security breaches, and other harmful activities.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests.
• Contractual Obligations: To perform our obligations under any contract entered into with you.
• Business Operations: For internal administration, auditing, reporting, and business development.

Under the UK GDPR, we process your personal data on the following lawful bases:

We do not sell, rent, or trade your personal data. We may share your data with the following categories of recipients:

• Service Providers: Trusted third-party companies who perform services on our behalf, including hosting (cloud infrastructure), payment processing, email delivery, analytics, and customer support. These providers are contractually bound to protect your data.
• Group Companies: Other entities within the Unlimit Lab group of companies, including our ventures (e.g., Hello Carer), for operational and service delivery purposes.
• Professional Advisors: Lawyers, accountants, auditors, and insurers where necessary for professional advice.
• Regulatory & Legal: Government authorities, regulators, law enforcement, or courts where required by law, regulation, or legal proceedings.
• Business Transfers: In connection with a merger, acquisition, reorganisation, or sale of assets, your data may be transferred as part of that transaction.
• With Your Consent: Any other parties where you have provided explicit consent.

Your personal data may be transferred to, stored in, and processed in countries outside the United Kingdom. Where we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Transfers to countries deemed to provide an adequate level of data protection by the UK Government.
• Use of UK International Data Transfer Agreements (IDTAs) or UK Addendum to the EU Standard Contractual Clauses (SCCs).
• Binding Corporate Rules where applicable.
• Other lawful transfer mechanisms recognised under UK data protection law.

You may request further details of the safeguards we use by contacting us at privacy@unlimitlab.com.

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. Key retention periods include:

• Account Data: For the duration of your account plus 2 years after account closure.
• Communication Records: Up to 3 years after the last communication.
• Financial Records: 7 years as required by HMRC and Companies Act obligations.
• Marketing Data: Until you withdraw consent or unsubscribe.
• Analytics Data: Typically anonymised within 26 months.

When data is no longer required, it is securely deleted or anonymised.

Under the UK GDPR, you have the following rights regarding your personal data:

To exercise any of these rights, please contact us at privacy@unlimitlab.com. We will respond to your request within one calendar month as required by law. We may ask you to verify your identity before processing your request.

Our Site uses cookies and similar technologies to enhance your experience, analyse usage, and assist with our marketing efforts.

Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the Site to function correctly. These cannot be disabled.
• Performance/Analytics Cookies: Help us understand how visitors interact with our Site by collecting anonymised data (e.g., Google Analytics).
• Functionality Cookies: Allow us to remember your preferences and provide enhanced features.
• Targeting/Advertising Cookies: Used to deliver relevant advertisements and measure the effectiveness of campaigns.

Managing Cookies

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Please note that disabling certain cookies may affect the functionality of our Site.

For more information about cookies, visit www.allaboutcookies.org.

Our Site and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at privacy@unlimitlab.com and we will take steps to delete such data.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/SSL) and at rest.
• Access controls and authentication mechanisms.
• Regular security assessments and penetration testing.
• Secure development practices and code reviews.
• Staff training on data protection and security.
• Incident response and breach notification procedures.

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining robust protections.

Our Site may contain links to third-party websites, services, or applications that are not operated or controlled by us. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you visit. We are not responsible for the content, privacy practices, or security of third-party sites.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

• Update the “Last Updated” date at the top of this page.
• Post the updated policy on our Site.
• Where appropriate, notify you by email or through a prominent notice on our Site.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us:

If you are not satisfied with how we handle your personal data or your data protection rights, you have the right to lodge a complaint with the UK's supervisory authority:

We would, however, appreciate the opportunity to address your concerns before you approach the ICO, so please contact us in the first instance.