Legal

Privacy policy.

Effective date: April 5, 2026  ·  Last updated: April 5, 2026

TrueTest Labs ("we," "us," or "our") operates the website truetestlabs.com and provides drug, alcohol, DNA, and DOT-regulated testing services. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

1. Information we collect

Information you provide directly

When you submit an order form, contact form, or consortium enrollment form on our website, we may collect:

  • Contact information: name, email address, phone number, mailing address
  • Business information: company name, USDOT number, CDL license number
  • Donor information: name, date of birth, phone number, email address
  • Test details: type of test ordered, reason for test, specimen type
  • Protected Health Information (PHI): test results, medical review officer reports, and chain-of-custody documentation (handled in accordance with HIPAA — see our HIPAA Notice)
  • Electronic signature data: typed name, title, timestamp, and browser information for consortium enrollment agreements

Information collected automatically

When you visit our website, we may automatically collect:

  • Browser type and version
  • Pages visited and time spent
  • Referring website
  • Device type and screen resolution
  • IP address (used for fraud prevention and geographic routing, not stored long-term)

2. How we use your information

  • Process test orders: coordinate specimen collection, deliver results, and maintain chain-of-custody documentation
  • Communicate with you: confirm orders, provide test results, respond to inquiries
  • DOT compliance: manage random testing pools, submit Clearinghouse reports, and maintain employer compliance records as required by federal regulation (49 CFR Part 40)
  • Improve our services: analyze website usage to improve user experience
  • Legal obligations: comply with court orders, subpoenas, and regulatory requirements

3. How we share your information

We do not sell, rent, or trade your personal information. We may share information with:

  • SAMHSA-certified laboratories: for specimen analysis and result reporting
  • Medical Review Officers (MROs): for result verification as required by DOT regulations
  • Designated Employer Representatives (DERs): for DOT-regulated test results as authorized by the employer
  • Courts and attorneys: when test results are ordered by a court or requested by an authorized attorney of record
  • FMCSA Drug & Alcohol Clearinghouse: for DOT-mandated reporting
  • Service providers: email delivery (Resend), form processing (Cloudflare Workers), and communication tools (Slack) — all bound by confidentiality obligations

4. Data security

We implement reasonable administrative, technical, and physical safeguards to protect your information, including:

  • HTTPS encryption on all website pages
  • Server-side form processing (no sensitive data stored in browser)
  • Access controls limiting who can view test results and personal information
  • Secure chain-of-custody procedures for all specimens

No method of transmission or storage is 100% secure. If you believe your information has been compromised, contact us immediately at 847-258-3966.

5. Data retention

  • Test results and chain-of-custody records: retained for a minimum of 5 years as required by federal regulation and industry standards
  • DOT records: retained per 49 CFR Part 40 requirements (typically 5 years for positive results, 1 year for negative results)
  • Contact form submissions: retained for up to 2 years, then deleted
  • Website analytics: aggregated data retained indefinitely; individual records deleted after 12 months

6. Your rights

Depending on your jurisdiction, you may have the right to:

  • Request a copy of the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your information (subject to legal retention requirements)
  • Opt out of marketing communications

To exercise any of these rights, contact us at the information below.

7. Cookies and tracking

Our website does not use third-party tracking cookies. We do not use Google Analytics or Facebook Pixel. If we add analytics in the future, we will use a privacy-focused service that does not require cookie consent banners.

8. Children's privacy

Our website is not directed to children under 13. We do not knowingly collect personal information from children under 13. Minors who are donors for court-ordered testing are managed through their parent or legal guardian.

9. Changes to this policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Material changes will be communicated via email to active clients when practicable.

10. Contact us

If you have questions about this Privacy Policy or our data practices: