Account
Quest Meditech Logo

Privacy Policy

Quest Meditech Ltd

Effective Date: 25th February 2026

Last Updated: 25th February 2026

1. Who We Are

Quest Meditech Ltd (“Quest Meditech”, “we”, “us”, “our”) operates the website https://questmeditech.com and provides a specialist B2B marketplace for medical imaging equipment and related services.

We are a data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Registered Address:

Nutty’s Farm
Childerditch Lane
West Horndon
Brentwood
CM13 3EH
United Kingdom

Email: info@questmeditech.com

If you have any questions about this Privacy Policy, please contact us using the details above.

2. The Personal Data We Collect

We may collect and process the following categories of personal data:

A. Account & Business Information

  • Full name
  • Business name
  • Job title
  • Email address
  • Telephone number
  • Business address
  • Login credentials

B. Identity Verification Data

Where required for compliance and security purposes, we use Stripe Identity (KYC systems) to verify users. This may involve:

  • Identity documentation
  • Business verification details

Identity verification data is processed securely by Stripe on our behalf.

C. Marketplace Activity Data

  • Equipment listings submitted
  • Bids placed
  • Transaction history
  • Communications between users
  • Delivery and logistics information

D. Payment Information

Payments are processed via Stripe. We do not store full payment card details.

We may receive:

  • Payment confirmation details
  • Transaction references
  • Billing contact details

E. Technical & Usage Data

We use Google Analytics and related technologies to collect:

  • IP address
  • Device information
  • Browser type
  • Pages visited
  • Session duration
  • Referral source

F. Communications

  • Emails sent to us
  • Customer support queries
  • Feature feedback
  • Marketing preferences

3. How We Use Your Personal Data

We use personal data for the following purposes:

To Provide and Operate the Marketplace

  • Create and manage user accounts
  • Verify users and businesses
  • Enable listings, auctions, and transactions
  • Facilitate communication between buyers and sellers
  • Process payments

Lawful basis: Contract performance (Article 6(1)(b) UK GDPR)

To Maintain Security and Prevent Fraud

  • Identity verification via Stripe KYC
  • Fraud monitoring
  • Platform abuse detection

Lawful basis: Legitimate interests (Article 6(1)(f)) and legal obligations where applicable

To Improve Our Platform

  • Analyse usage trends
  • Improve functionality and user experience
  • Develop new features

Lawful basis: Legitimate interests

Marketing Communications

We may send marketing emails relating to:

  • New features
  • Platform updates
  • Industry insights
  • Marketplace opportunities

You may opt out at any time via the unsubscribe link in our emails.

Lawful basis: Consent or legitimate interests (depending on context and applicable electronic marketing laws)

To Comply With Legal and Regulatory Obligations

  • Financial record-keeping
  • Regulatory compliance
  • Dispute resolution

Lawful basis: Legal obligation (Article 6(1)(c))

4. How We Share Your Data

We may share personal data with:

Service Providers

  • Stripe (payment processing and identity verification)
  • DigitalOcean (cloud hosting infrastructure)
  • Google Analytics (usage analytics)
  • Email service providers

These providers process personal data under contractual agreements and appropriate safeguards.

Other Marketplace Users

Where necessary to complete transactions (e.g., contact and delivery details between buyer and seller).

Professional Advisers

Legal, compliance, and financial advisers where required.

Regulators or Law Enforcement

Where legally required.

We do not sell personal data.

5. International Transfers

Although Quest Meditech is based in the United Kingdom, we:

  • Allow companies outside the UK to create accounts
  • Facilitate deliveries outside the UK

Some of our service providers (including Stripe, DigitalOcean, and Google) may process data outside the UK.

Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as:

  • UK International Data Transfer Agreements (IDTA)
  • Standard Contractual Clauses
  • Adequacy decisions where applicable

6. Data Retention

We retain personal data only as long as necessary to:

  • Provide services
  • Maintain platform integrity
  • Comply with legal obligations

Typical retention periods:

  • Account data: Duration of account + up to 6 years
  • Transaction and financial records: 6 years (for tax and accounting compliance)
  • Marketing data: Until consent is withdrawn or objection is received
  • Verification data: As required for fraud prevention and compliance

We may retain data longer where required by law or for legal claims.

7. Cookies and Analytics

We use cookies and similar technologies to:

  • Enable essential site functionality
  • Improve performance
  • Analyse traffic via Google Analytics
  • Support marketing activities

You can control cookies through your browser settings and our cookie banner (where implemented).

8. Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • Secure DigitalOcean hosting infrastructure
  • HTTPS encryption
  • Role-based access controls
  • Stripe-secured payment processing
  • Identity verification safeguards

While we take reasonable precautions, no online system is completely secure.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent (where processing is based on consent)

To exercise your rights, contact: privacy@questmeditech.com

We may need to verify your identity before responding.

10. Complaints

If you are dissatisfied with how we handle your data, please contact us first.

You may also lodge a complaint with:

Information Commissioner’s Office (ICO)

https://www.ico.org.uk

Telephone: 0303 123 1113

11. Third-Party Links

Our website may contain links to external websites. We are not responsible for their privacy practices.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised “Last Updated” date.

Privacy Policy | Quest Meditech