top of page
oxford Punting1.jpg

The Lab Group – Privacy Policy

​​Last updated: 4 April 2026

  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

​

1. Introduction

The Lab Group Limited (“The Lab Group”, “we”, “our”, “us”) is a company registered in England and Wales (Company No. 14128879).

We operate a suite of technology platforms (the “Platforms”), including:

  • thelabgroup.com

  • qrlab.com

  • nfclab.com

  • menulab.com

  • booked.in

  • checked.in

  • payd.in

  • hoobert.ai

This Privacy Policy explains how we collect, use, disclose, and protect personal information.

2. Scope of This Policy

This policy applies to:

  • users of our Platforms (e.g. businesses/merchants)

  • individuals interacting with our Platforms (e.g. customers/end users)

It does not apply to third-party websites or services.

3. Our Role (Important)

Depending on how you use our Platforms, we act as either:

3.1 Data Controller

When we collect data directly (e.g. account creation, support, analytics)

3.2 Data Processor

When we process data on behalf of our customers (e.g. bookings, payments, guest data)

👉 In these cases, the customer (merchant) is the data controller, and we act on their behalf.

4. Information We Collect

4.1 Information You Provide

We may collect:

  • name

  • email address

  • phone number

  • billing or business details

  • account credentials

  • communications with us

4.2 Information Collected Automatically

  • IP address

  • device type and operating system

  • browser type

  • usage data and interactions

  • session and log data

4.3 Transaction and Payment Data

When using platforms like payd.in:

  • transaction metadata

  • payment status

  • limited billing information

👉 We do not store full card details.

4.4 Data Processed on Behalf of Customers

When merchants use our Platforms, we may process:

  • booking and reservation data

  • customer contact details

  • order and transaction information

  • guest interaction data

  • communications and messages

👉 This data is controlled by the merchant.

4.5 AI Interaction Data

When using hoobert.ai:

  • prompts and inputs

  • generated responses

  • interaction history

This may be used to:

  • provide responses

  • improve system performance

  • ensure safety and reliability

5. How We Use Information

We use personal data to:

  • provide and operate our Platforms

  • process transactions and bookings

  • authenticate users

  • provide customer support

  • improve performance and features

  • prevent fraud and ensure security

  • comply with legal obligations

  • communicate with users

6. Legal Bases (GDPR)

We process data under:

  • Contract – to provide our services

  • Legitimate interests – improving services, fraud prevention

  • Legal obligations – compliance requirements

  • Consent – where required (e.g. marketing)

7. Sharing of Information

We may share data with:

7.1 Service Providers

  • hosting providers (e.g. AWS)

  • payment processors (e.g. Stripe)

  • analytics and infrastructure providers

7.2 Business Customers (Merchants)

If you interact with a business using our Platforms, your data is shared with that business.

7.3 Legal and Regulatory Authorities

Where required by law or to protect our rights.

7.4 Business Transfers

In the event of a sale, merger, or acquisition.

8. International Transfers

Data may be processed outside the UK or EEA.

We ensure appropriate safeguards, such as:

  • standard contractual clauses

  • equivalent legal protections

9. Data Retention

We retain personal data only as long as necessary:

  • for active accounts

  • to comply with legal obligations

  • for fraud prevention and audit

We may anonymise data where appropriate.

10. Security

We use commercially reasonable safeguards to protect data.

However, no system is completely secure.

Users are responsible for maintaining account security.

11. Your Rights

Under GDPR, you may:

  • access your data

  • correct inaccuracies

  • request deletion

  • restrict processing

  • object to processing

  • request data portability

To exercise these rights, contact: hello@thelabgroup.com

12. Marketing and Communications

You may opt out of marketing communications at any time.

13. Cookies

We use cookies to:

  • operate our services

  • understand usage

  • improve user experience

You can control cookies via your browser settings.

14. Children’s Privacy

Our services are not intended for children under 13.

15. Third-Party Links

We are not responsible for third-party websites or their privacy practices.

16. Changes to This Policy

We may update this policy periodically.

Where required, we will notify users.

17. Contact Us

For any privacy-related questions:

hello@thelabgroup.com

Contact

If you have any queries on our privacy policy, feel free to reach out.

hello@theoaks.uk

+44- 75 11 22 33 75

bottom of page