Privacy Policy

Data Controller

The data controller responsible for processing personal data under the General Data Protection Regulation (GDPR) is:

[Full Legal Name]
[Full Address]
[Country]
Email: [Email Address]

Categories of Personal Data

We may process the following categories of personal data:

  • Name
  • Billing and shipping address
  • Email address
  • Order details
  • Payment information (processed via payment providers)
  • Technical data (IP address, browser information)
  • Laboratory-related data, including biological sample information and biomarker results

Purpose and Legal Basis of Processing

Personal data is processed for the following purposes:

  • Processing and fulfilling orders
  • Shipping laboratory test kits
  • Conducting laboratory analyses
  • Providing reports and related services
  • Complying with legal obligations

Legal bases under GDPR include:

  • Article 6(1)(b) GDPR – performance of a contract
  • Article 6(1)(c) GDPR – compliance with legal obligations
  • Article 6(1)(f) GDPR – legitimate interests (e.g., website security)
  • Article 9(2)(a) GDPR – explicit consent for processing health-related data

Health-related data is processed solely for the purpose of providing laboratory analysis and reporting services.

Payment Processing

Payments are processed via third-party providers including:

  • Stripe
  • Klarna
  • PayPal (where selected)

Payment providers process payment data independently under their own privacy policies.

We do not store full credit card details on our servers.

Laboratory Processing & Health Data

Biological samples and related biomarker data may constitute special categories of personal data under Article 9 GDPR.

Laboratory analysis is conducted either directly or via authorized partner laboratories within the European Union.

Such laboratories process data exclusively for the purpose of conducting the requested analysis and are contractually bound to confidentiality and data protection obligations.

Data Sharing

We share personal data only where necessary for:

  • Payment processing
  • Laboratory analysis
  • Shipping and logistics
  • Legal compliance

Data is not sold to third parties.

Data Retention

Personal data is retained only as long as necessary to:

  • Fulfill contractual obligations
  • Comply with legal retention requirements
  • Resolve disputes

Laboratory data may be retained for documentation and regulatory purposes in accordance with applicable law.

Cookies and Technical Data

This website may use essential cookies required for website functionality and secure checkout.

No analytics or marketing tracking tools are currently used.

Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or alteration.

Payment data is processed via encrypted connections (SSL/TLS).

Your Rights under GDPR

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion (where legally permissible)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time

You also have the right to lodge a complaint with a supervisory authority within the European Union.

Changes to This Policy

We reserve the right to update this Privacy Policy to reflect legal, technical, or operational changes.

The version published on this website is the current version.

Shopping Cart
Scroll to Top