IntimiKit logoIntimiKitBack to home

Privacy Policy

How IntimiKit handles personal information, privacy and data protection.

Effective date: 25 May 2026
Last updated: 25 May 2026

INTIMIKIT LTD ("IntimiKit", "we", "our", or "us") is committed to protecting your privacy and handling personal information transparently, lawfully, and securely.

This Privacy Policy explains how we collect, use, store, and protect personal information when you visit the IntimiKit website, join our early access list, interact with our services, or communicate with us.

At the time of publication of this Privacy Policy, IntimiKit is operating a pre-launch informational and early access website only. IntimiKit is not yet providing diagnostic testing, medical services, healthcare treatment, or clinical interpretation through this website.

1. WHO WE ARE

The data controller responsible for your personal information is:

INTIMIKIT LTD
Company Number: 16927573
71–75 Shelton Street
Covent Garden
London
United Kingdom
WC2H 9JQ
Email: privacy@intimikit.eu

For the purposes of the UK General Data Protection Regulation ("UK GDPR"), the EU General Data Protection Regulation ("EU GDPR"), the Data Protection Act 2018, and related privacy laws, INTIMIKIT LTD is the data controller of the personal information described in this Privacy Policy.

As IntimiKit develops, operational activities may be carried out by affiliated entities, subsidiaries, contractors, laboratories, healthcare providers, or operating companies located within the European Union, including Italy. Where this occurs, this Privacy Policy may be updated to reflect those arrangements.

2. SCOPE OF THIS PRIVACY POLICY

This Privacy Policy applies to:

  • Visitors to the IntimiKit website
  • Individuals joining the IntimiKit early access or waitlist programme
  • Individuals communicating with IntimiKit by email or contact form
  • Website users interacting with informational content

This Privacy Policy currently applies to pre-launch informational services only.

It does not currently govern laboratory testing, healthcare services, diagnostic interpretation, or clinical data processing because such services are not yet active.

Where healthcare, diagnostic, laboratory, or portal functionality becomes available in future, a separate or updated privacy notice may apply.

3. PERSONAL INFORMATION WE COLLECT

We aim to collect only limited and proportionate information.

A. Early Access Sign-Up Information

When you join our early access list, we may collect:

  • Email address (required)
  • Country (optional)
  • Age range (optional)
  • Gender (optional)
  • Referral or analytics information (where applicable)
  • Submission timestamp and technical metadata

B. Website Usage Data

When you browse the website, we may automatically collect limited technical information such as:

  • Browser type
  • Device information
  • Operating system
  • Website usage interactions
  • IP address (or partial IP address)
  • Referrer source
  • Session information
  • Analytics data

C. Communications

If you contact us, we may collect:

  • Email address
  • Name (if voluntarily provided)
  • Communication contents
  • Support or enquiry information

4. WHAT WE DO NOT COLLECT

At present, IntimiKit does not intentionally collect:

  • Medical records
  • Diagnostic test results
  • Sexual history
  • STI status
  • Symptoms
  • Healthcare information
  • Full date of birth
  • National identity numbers
  • Payment information
  • Clinical information

We also do not intentionally request special category health data through the early access sign-up process.

Users should avoid submitting medical information through general website contact forms unless explicitly requested.

5. WHY WE COLLECT PERSONAL INFORMATION

We collect information for legitimate and limited purposes.

These purposes include:

A. Managing Early Access

To:

  • Register your interest in IntimiKit
  • Notify you regarding launch updates
  • Inform you about future services, features, or product availability
  • Understand anticipated demand

B. Understanding Audience Demand

We may analyse optional information such as country, age range, and gender in aggregated form to help us:

  • Understand geographic demand
  • Improve launch planning
  • Understand likely demographic interest
  • Prioritise jurisdictions and operational planning

We do not use optional demographic information for profiling in ways that produce legal or similarly significant effects.

C. Communications

To:

  • Respond to enquiries
  • Provide customer support
  • Send updates you requested
  • Address privacy or compliance requests

D. Website Security & Improvement

To:

  • Protect systems from abuse or misuse
  • Improve website performance
  • Analyse traffic trends
  • Detect fraud or technical issues

6. LEGAL BASIS FOR PROCESSING (GDPR / UK GDPR)

Under Article 6 GDPR and UK GDPR, we process personal information under one or more lawful bases.

Consent — Article 6(1)(a)

We rely on consent when:

  • You voluntarily join our early access list
  • You choose to receive updates
  • You voluntarily provide optional demographic information

You may withdraw consent at any time.

Legitimate Interests — Article 6(1)(f)

We may process certain information where necessary for our legitimate interests, including:

  • Operating the website
  • Preventing abuse or fraud
  • Improving services
  • Understanding demand trends
  • Maintaining cybersecurity
  • Responding to enquiries

Where legitimate interests are used, we balance those interests against your privacy rights.

Legal Obligations — Article 6(1)(c)

In some circumstances, we may process information to comply with legal or regulatory obligations.

7. MARKETING COMMUNICATIONS

If you join the early access list, we may contact you regarding:

  • IntimiKit launch information
  • Service availability
  • Product updates
  • Website developments
  • Operational launch regions
  • Future testing availability

We will not send unrelated marketing.

Every marketing communication will contain an unsubscribe mechanism.

You may unsubscribe at any time.

Unsubscribing will not affect processing carried out before withdrawal.

8. AUTOMATED DECISION-MAKING

We do not currently use:

  • Automated profiling
  • Automated healthcare decisions
  • Algorithmic medical decisions
  • Decisions producing legal or similarly significant effects

Optional country, age range, or gender data may be analysed in aggregate for operational planning purposes only.

9. HOW LONG WE KEEP YOUR INFORMATION

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required by law.

Early Access Information

Where you join the IntimiKit early access list, we may retain:

  • Email address
  • Country
  • Age range
  • Gender
  • Related metadata

for as long as reasonably necessary to:

  • Manage launch communications
  • Notify users of product or service availability
  • Understand demand trends
  • Plan operational rollout

We periodically review retention needs.

If you unsubscribe from communications or request deletion, we will generally delete or anonymise relevant personal information unless we are legally required to retain it or retention remains necessary for legal, fraud prevention, or evidential purposes.

Communications

Support or enquiry correspondence may be retained for reasonable business, legal, or evidential purposes.

Analytics Data

Analytics and website performance data may be retained in aggregated or pseudonymised form.

10. SHARING YOUR INFORMATION

We do not sell personal information.

We may share information only where reasonably necessary and lawful.

This may include:

A. Service Providers

We may share limited personal information with trusted processors assisting us with:

  • Website hosting
  • Cloud infrastructure
  • Database storage
  • Analytics
  • Email communications
  • Security monitoring
  • Technical support

Examples may include:

  • Website hosting providers
  • Cloud database providers
  • Email service providers
  • Analytics providers

Such providers are contractually required to process personal information only under our instructions and with appropriate security safeguards.

B. Corporate or Operational Restructuring

As IntimiKit develops, certain operations may be performed by affiliated companies, subsidiaries, or operating entities within the European Union, including Italy.

Where lawful and necessary, personal information may be shared with affiliated entities involved in:

  • Service operation
  • Launch management
  • Customer support
  • Regulatory compliance
  • Operational delivery

Where this occurs, safeguards consistent with applicable privacy laws will be applied.

C. Legal Requirements

We may disclose information where required:

  • By law
  • Court order
  • Regulatory authority
  • Law enforcement request
  • To establish, defend, or exercise legal claims
  • To protect users, systems, or rights

11. INTERNATIONAL TRANSFERS

Your information may be processed in:

  • The United Kingdom
  • The European Economic Area (EEA)
  • Other countries where our service providers operate

Where information is transferred outside the UK or EEA, we seek to ensure appropriate safeguards are in place, including:

  • UK adequacy regulations
  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs) where appropriate
  • Equivalent lawful transfer mechanisms

We aim to ensure that personal information receives an adequate level of protection regardless of processing location.

12. SECURITY OF YOUR INFORMATION

We implement reasonable technical and organisational security measures designed to protect personal information.

These may include:

  • Access controls
  • Encryption in transit
  • Secure cloud infrastructure
  • Database access restrictions
  • Server-side protections
  • Monitoring against unauthorised access
  • Role-based access management

For example, early access information is stored within a secured backend environment and is not publicly accessible.

However, no method of electronic transmission or storage can be guaranteed to be completely secure.

Users should exercise reasonable caution when transmitting information online.

13. YOUR PRIVACY RIGHTS

Depending on your location and applicable law, you may have rights including:

Right of Access

You may request access to personal information we hold about you.

Right to Rectification

You may request correction of inaccurate or incomplete information.

Right to Erasure ("Right to be Forgotten")

You may request deletion of personal information in certain circumstances.

Right to Restrict Processing

You may request that we temporarily limit certain processing.

Right to Object

You may object to certain processing based on legitimate interests.

Right to Withdraw Consent

Where processing relies on consent, you may withdraw consent at any time.

Right to Data Portability

Where legally applicable, you may request a portable copy of certain personal information.

Right to Lodge a Complaint

You may lodge complaints with relevant supervisory authorities.

For UK users:

You may contact:

UK Information Commissioner's Office (ICO)

For EU users:

You may contact your local EU data protection authority.

To exercise rights, contact:

privacy@intimikit.eu

We may request reasonable information to verify identity before fulfilling requests.

14. CHILDREN AND AGE REQUIREMENTS

The IntimiKit early access website is intended for adults.

You should be 18 years or older to join the early access list or interact with services intended for adult sexual health.

We do not knowingly target children or intentionally collect information from individuals under 18.

If we become aware that personal information from a minor has been submitted unintentionally, we may delete such information.

15. COOKIES AND ANALYTICS

The website may use limited analytics, technical cookies, or similar technologies to:

  • Improve website performance
  • Understand traffic patterns
  • Improve user experience
  • Maintain security and stability

Further information regarding cookies may be provided through a separate Cookie Notice or consent mechanism where required.

16. THIRD-PARTY LINKS

Our website may contain links to external websites or services.

We are not responsible for the privacy practices, security, or content of third-party websites.

Users should review the privacy policies of third-party services independently.

17. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically to reflect:

  • Legal developments
  • Regulatory requirements
  • Service evolution
  • Operational changes
  • Future healthcare or laboratory functionality

The updated version will be published on the website with an updated effective date.

Where legally required, we may notify users of material changes.

18. CONTACT US

Questions, concerns, or privacy requests may be sent to:

INTIMIKIT LTD
Company Number: 16927573
71–75 Shelton Street
Covent Garden
London
United Kingdom
WC2H 9JQ
Email: privacy@intimikit.eu

If future operational entities or affiliated service providers are introduced, this Privacy Policy may be updated accordingly.

End of Privacy Policy