BiometrIQ BV, with its registered office at Gouden-Rivierlaan 62, 8500 Kortrijk, Belgium, acknowledges the importance of securely processing personal data. Personal data are all information concerning an identified or identifiable natural person.
BiometrIQ delivers services through its online shop that revolve around biomarker analysis (within the broadest sense of the terms DNA analysis, microbiome analysis and blood analysis and also data from wearables, ingestibles, embeddables, etc) in a health and wellness context, and also offers online consultations with a dietician selected by the customer.
BiometrIQ is hereinafter referred to as the “Vendor”
All information concerning the personal data that the Vendor processes and how the Vendor properly deals with it is set out below.
The Vendor reserves the right to amend this privacy policy at any time. When amended, the date at the top of the document next to “Last updated on” shall likewise be amended. The applicable version is always available on the Vendor’s website.
This privacy policy provides details on what personal data we collect when you make use of our services, the purposes for which that data is collected and the legal grounds for doing so. Furthermore, the third parties with which your personal data can be shared, the duration we store your personal data, how we shall secure your personal data and what your rights are with respect to your personal data are also all set out in this privacy policy.
This privacy policy was drawn up with due regard for the General Data Protection Regulation (“GDPR”).
The privacy policy is applicable to all personal data that the Vendor collects from you and processes. By using our service you agree that this privacy policy is applicable to the personal data we collect and process.
BiometrIQ reserves the right to collect, use, store and transfer a range of your personal data, in accordance with this privacy policy.
Identification and contact details: your surname, given name, address, email address and landline or mobile phone number;
Financial information: your bank account number, BIC code and the name of the accountholder;
Login details associated with the user account: your username, email address, password and the times you log in;
Technical information: internet protocol (IP) adress, browser name and version, time zone settings and location, browser plugin types and versions, operating system and platform and other technology on the devices you use to access this website;
Genetic and other biomarker data: the results of a genetic analysis of your DNA sample or other biomarkers, information concerning your genotype and genome, information concerning other biomarkers, such as your microbiome, blood values, etc. These genetic and other biomarker data make up a special category within the GDPR, which means that we will always request your explicit consent before processing your genetic and other biomarker data, in accordance with this privacy policy.
Self-reported information: phenotypic data provided during the registration process or on the basis of a questionnaire, tracker data provided through applications or wearables, etc. The self-reported phenotypic data make up a special category within the GDPR, which means we will always request your explicit consent before processing this data, in accordance with this privacy policy.
Lifestyle, nutrition and other health-related information collected by affiliated specialist actors, such as dieticians. Your explicit consent is required, as stated above, in order to process this data.
The Vendor never deliberately collects the personal data of minors without the consent of a parent or guardian. In the event that a minor’s personal data are processed, the Vendor shall delete that data from its files as quickly as possible after becoming aware of this fact, unless legal grounds exist for processing or storing that personal data.
Links to other websites can be placed on the Vendor’s website. These websites are not managed by the Vendor and can be subject to their own privacy policy. The Vendor recommends that you read those privacy policies and does not assume liability for websites belonging to third parties.
You are not obliged to provide your data to the Vendor or consent for the processing thereof. Nevertheless, in certain cases it will be necessary to provide your personal data to the Vendor so that a service can be provided and the applicable legislation can be complied with, such as your medical information for the purpose of analysis.
The personal data are collected and/or processed by the Vendor for the following purposes. The table below also contains the legal grounds for the Vendor doing so.
Managing our company and this website
Identification and contact details
Login details associated with the user account
Technical information
Necessary for the purposes of the legitimate interests (art. 6.1. f) GDPR).
Registering you as a customer
Identification and contact details
Financial information
Login details associated with the user account
Necessary for the performance of the contract (art. 6.1. b) GDPR).
In order to assist you in the event of technical issues or other queries
The information required to solve such issues
Necessary for the purposes of the legitimate interests (art. 6.1. f) GDPR).
Generating reports
Identification and contact details
Genetic or other biomarker data
Your explicit, free, specific and informed consent provided in advance (art. 9.2 a) GDPR). This consent can be withdrawn at any time.
Consultations
Nutritional and lifestyle insights
Health-related information
Your explicit, free, specific and informed consent provided in advance (art. 9.2 a) GDPR). This consent can be withdrawn at any time.
Collecting debts
Identification and contact details
Financial information
Necessary for the purposes of the legitimate interests (art. 6.1. f) GDPR).
To make suggestions and recommendations to you about goods and services that could be of interest to you
Identification and contact details
Login details associated with the user account
Technical information
Genetic or other biomarker data
Necessary for the purposes of the legitimate interests (art. 6.1. f) GDPR).
To notify you of changes to our privacy policy
Identification and contact details
Login details associated with the user account
Necessary for complying with a statutory obligation (art. 6.1. c) GDPR)
To survey your experiences with our product or ask you to leave a review or complete a survey
Identification and contact details
Login details associated with the user account
Necessary for the purposes of the legitimate interests (art. 6.1. f) GDPR).
Data analysis to be used to improve our website, services, marketing, consumer relationships and experiences
Identification and contact details
Login details associated with the user account
Technical information
Necessary for the purposes of the legitimate interests (art. 6.1. f) GDPR).
Data analysis to optimise our products and for research purposes
Unidentified or other biomarker data
Unidentified self-reported information
Necessary for the purposes of the legitimate interests (art. 6.1. f) GDPR).
To mail test kits or other products to you
Identification and contact details
Financial information
Login details associated with the user account
Necessary for performing the contract (art. 6.1. b) GDPR).
To prevent, track down and combat fraud or other illegal or illicit activities
Necessary for the purposes of the legitimate interests (art. 6.1. f) GDPR).
For the purpose of supporting the performance of the contract, in certain cases the Vendor shall share the above data with third parties. When transferring personal data to third parties, the Vendor ensures that suitable technical and organisational security measures are always engaged.
The Vendor can disclose your personal data to the following third parties:
Third parties that provide services to the Vendor or that provide services on behalf of the Vendor, such as IT providers, the suppliers of payment services, PR services, consultants, etc;
The Vendor can provide information to law enforcement agencies and regulatory authorities when such is required by law in order to comply with a valid court order, summons or search warrant;
Your personal data can be shared in the context of a merger, acquisition or the sale of assets. The Vendor shall notify you hereof prior to sharing your personal data. In that event, you will be subject to a different Privacy policy.
Employees, representatives, shareholders, (sub)contractors, affiliated companies, external consultants of the Vender, including affiliated dieticians.
On the other hand, the Vendor shall under no circumstances:
Sell, lease out or rent out your personal data to a third party for marketing purposes without your prior explicit consent;
Share your personal data with public databases; or
Verstrekken aan een verzekeringsmaatschappij of werkgever.
For the purpose of sharing biomarker analysis reports, the Vendor uses the services of Google Cloud Platform (GCP). This party has engaged suitable technical and organisational measures in order to prevent, insofar as is possible, the misuse, loss and corruption of your and our data. Google does not share your files and data with others, except where set out in their Privacy Policy.
In line with the separate Cookie Policy, which also constitutes a part of this Privacy Policy, the Vendor uses cookies. Cookies are required to ensure the website runs properly.
You can make changes to your browser settings to reject all or some cookies. If you switch off or reject cookies, remember that some parts of the website could be inaccessible or not work properly.
The Vendor shall only use your personal data for the purposes for which they were collected, unless the Vendor may reasonably use that data for another purpose that is compatible with the original objective. Please contact the Vendor if you require further details on how the processing for the new objective is compatible with the original objective.
If the Vendor wishes to use your personal data for an unrelated objective, the Vendor shall provide to you information on the legal grounds for doing so and shall request your consent in advance.
The Vendor shall not retain the personal data longer than is required to perform the requested service, with due regard for the contractual and legal obligations on the part of the Vendor.
In order to determine the correct retention period for the personal data, the Vendor takes into account the quantity, nature and sensitivity thereof, the potential risk of damage caused by unauthorised usage or disclosure of the personal data, the purposes for which the personal data are processed and whether the objectives can be achieved by other means, as well as the applicable statutory, regulatory, tax, accounting and other requirements.
In some cases, the Vendor shall anonymise or pseudonymise personal data (which means that data can no longer be associated with you) for research or statistical purposes, in which event we can use this information for an indefinite period and are not required to notify you.
In some cases, you can request that we delete your data: see below “What are my rights as a data subject?”
In order to provide the best possible protection for the personal data, the Vendor engages suitable measures and best practices are applied in order to prevent loss, misuse, disclosure, unauthorised access to or changing of the personal data. The necessary measures are engaged at both a technical and an organisational level in order to create an adequate level of security.
The Vendor has introduced the procedures required for handling a breach or a suspected breach of the personal data. In the event of such happening, the Vendor shall notify you and all relevant regulatory agencies, where such is required by law.
Payment details are always protected in accordance with the standard encryption methods used for protecting sensitive financial information.
You have the right to access and correct your personal data that the Vendor processes at all times.
You also have the right to the deletion of your personal data, to restrict the processing of your personal data and to the portability of your personal data, in accordance with the requirements in the applicable legislation.
You can, at all times, withdraw your consent for specific processes and object to the processing of your personal data on urgent and legitimate grounds. Moreover, the data subject has the right to oppose the use of personal data for direct marketing, the transfer of personal data to third parties (when such a transfer is not required for the service to be provided) and the creation of a profile.
You are always entitled to information. We have appointed a data protection officer (hereinafter referred to as the “DPO”), who shall respond to any questions concerning this privacy policy. If you have any queries you wish to address to the DPO with respect to this policy, including applications to exercise your legal rights, they can be contacted at info@biometriq.be.
In principle, access to your personal data is free of charge (as is the exercising of your other rights), but in the event of unreasonable or repeated requests, the Vendor can demand that a reasonable administrative charge be paid.
For further information and advice on the above rights, please see the website of the Data Protection Authority (Gegevensbeschermingsautoriteit): www.gegevensbeschermingsautoriteit.be
You are also entitled to submit a complaint to the supervisory authority for data protection at the following address:
Gegevensbeschermingsautoriteit.be
Drukpersstraat 35
1000 Brussels
This website was developed with the support of
efewfgewgewg
efewfgewgewg
