Privacy Policy – Byolete
Last updated: 14/08/2025
Effective from: 19/08/2025

Byolete (“we”, “our”, or “us”) is committed to protecting your personal data and ensuring transparency about how it is collected, used, and safeguarded. This Privacy Policy outlines how we handle your information when you visit our website, use our biochemical testing services, or take part in consultations.

1. Who We Are

Byolete is a preventative health company delivering precision biochemical testing for health-conscious individuals in the United Kingdom. We operate in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Email: hello@byolete.co.uk

2. What Data We Collect

Personal Identification Data

  • Full name

  • Email address

  • Date of birth (to confirm age eligibility)

  • Contact number

  • Billing and shipping address

  • Payment details (processed securely by third-party providers such as Stripe)

Health and Biometric Data

  • Biochemical test results

  • Self-declared lifestyle and health information via questionnaires

  • Any health-related information shared during consultations

Technical & Usage Data

  • IP address

  • Browser type and version

  • Device identifiers

  • Cookies and site usage data (e.g., via Google Analytics and Meta Pixel)

3. How We Collect Your Data

We collect your data through:

  • Website forms (e.g., orders, newsletter signups)

  • Test kit registration pages

  • Video consultations

  • Cookies and tracking technologies

  • Third-party tools and integrations

4. Why We Collect and Process Your Data

We collect and process your personal and health information to:

  • Provide and deliver biochemical testing services

  • Interpret and communicate your test results

  • Conduct secure online video consultations

  • Send you reports and follow-up information

  • Manage your account and orders

  • Improve our website performance and user experience

  • Fulfil legal, regulatory, and contractual obligations

  • Send marketing communications (with your explicit consent)

5. Legal Bases for Processing

We rely on one or more of the following legal grounds:

  • Your explicit consent (e.g., to process sensitive health data or send marketing emails)

  • Performance of a contract (e.g., providing test results)

  • Compliance with legal obligations

  • Legitimate interests (e.g., site analytics, customer service improvements)

You may withdraw consent at any time by contacting us at hello@byolete.co.uk.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website, analyse site usage, and support marketing activities.

Types of Cookies We Use:

  • Essential cookies: Required for the basic functionality of the site, such as shopping cart and account management.

  • Analytics cookies: Help us understand how visitors use our website and improve performance (e.g., Google Analytics).

  • Marketing cookies: Track user behaviour to deliver relevant advertising and promotions (e.g., Meta Pixel).

Your Choices:
You can manage or opt out of cookies at any time via your browser settings. Disabling certain cookies may affect the functionality of the website.

7. Who We Share Your Data With

We only share data when necessary to deliver our services:

  • Laboratory Partners: To process your blood sample and generate test results

  • Video Consultation Provider (Zoom): We use Zoom to deliver secure video consultations. Zoom acts as a data processor on our behalf and processes UK data in accordance with GDPR. A copy of Zoom’s Data Processing Agreement (DPA) is available here.

  • Payment Processors (e.g., Stripe): For secure transactions

  • Email Platforms (e.g., Mailchimp): To send updates and reports

  • Analytics Services (e.g., Google Analytics, Meta Pixel): To evaluate website traffic and performance

We do not sell or rent your personal data.

8. Data Retention

We retain personal and health data only for as long as necessary:

  • Health records and test results: Retained while your account remains active or as required by law

  • Consultation logs (if applicable): Retained securely for a limited time

  • Email marketing data: Retained until you unsubscribe

  • Analytics data: Typically retained for 24 months

You may request deletion of your personal data at any time by contacting us.

9. How We Protect Your Data

We take your privacy seriously and protect your data through:

  • SSL encryption and secure servers

  • Strict internal access controls

  • Data minimisation and audit practices

  • Staff training in data protection responsibilities

In the event of a data breach, we will notify the Information Commissioner’s Office (ICO) and affected users in accordance with UK law.

10. Your Data Protection Rights

As a UK or EU resident, you have the right to:

  • Access your personal data

  • Rectify inaccurate or outdated data

  • Request erasure (“right to be forgotten”)

  • Restrict processing under certain conditions

  • Object to certain types of processing

  • Data portability — receive your data in a structured format

  • Withdraw consent at any time without affecting the lawfulness of prior processing

To exercise any of your rights, please contact: hello@byolete.co.uk

11. Children’s Privacy

Byolete only serves individuals aged 18 years and over. If we become aware that we have collected personal data from anyone under 18, we will delete it immediately.

12. Updates to This Privacy Policy

We may update this policy from time to time. When we do, we will post the revised version on our website and, where appropriate, notify you via email or banner notification.

13. Contact Us

If you have any questions, concerns, or data requests, please contact:
📧 hello@byolete.co.uk