Privacy Policy – Byolete
Last updated: [Insert Date]
Effective from: [Insert Date]

Byolete (“we”, “our”, or “us”) is committed to protecting your personal data and ensuring transparency about how it is collected, used, and safeguarded. This Privacy Policy outlines how we handle your information when you visit our website, use our biochemical testing services, or take part in consultations.

1. Who We Are

Byolete is a preventative health company providing biochemical testing and personalised insights for athletes and gym-goers in the United Kingdom. We operate in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Address: 81 Greenes Road, Whiston, L35 3RE
Email: byoletehealth@gmail.com

2. What Data We Collect

Personal Identification Data

  • Full name

  • Email address

  • Date of birth (to confirm age eligibility)

  • Contact number

  • Billing and shipping address

  • Payment details (processed securely by third-party providers such as Stripe)

Health and Biometric Data

  • Biochemical test results

  • Self-declared lifestyle and health information via questionnaires

  • Any health-related information shared during consultations

Technical & Usage Data

  • IP address

  • Browser type and version

  • Device identifiers

  • Cookies and site usage data (e.g., via Google Analytics and Meta Pixel)

3. How We Collect Your Data

We collect your data through:

  • Website forms (e.g., orders, newsletter signups)

  • Test kit registration pages

  • Video consultations

  • Cookies and tracking technologies

  • Third-party tools and integrations

4. Why We Collect and Process Your Data

We collect and process your personal and health information to:

  • Provide and deliver biochemical testing services

  • Interpret and communicate your test results

  • Conduct secure online video consultations

  • Send you reports and follow-up information

  • Manage your account and orders

  • Improve our website performance and user experience

  • Fulfil legal, regulatory, and contractual obligations

  • Send marketing communications (with your explicit consent)

5. Legal Bases for Processing

We rely on one or more of the following legal grounds:

  • Your explicit consent (e.g., to process sensitive health data or send marketing emails)

  • Performance of a contract (e.g., providing test results)

  • Compliance with legal obligations

  • Legitimate interests (e.g., site analytics, customer service improvements)

You may withdraw consent at any time by contacting us at byoletehealth@gmail.com.

6. Use of Cookies and Tracking Tools

We use cookies to:

  • Understand how users interact with our website

  • Improve site functionality

  • Measure the effectiveness of marketing campaigns

You can manage or opt out of cookies via your browser settings or our cookie banner.

7. Who We Share Your Data With

We only share data when necessary to deliver our services:

  • Laboratory Partners: To process your blood sample and generate test results

  • Video Consultation Provider (Doxy.me):
    We use Doxy.me to deliver secure video consultations. They act as a data processor on our behalf and treat UK data under the same protections as EU data in line with GDPR. A separate Data Processing Agreement (DPA) is available upon request if required.

  • Payment Processors (e.g. Stripe): For secure transactions

  • Email Platforms (e.g. Mailchimp): To send updates and reports

  • Analytics Services (e.g. Google Analytics, Meta Pixel): To evaluate website traffic and performance

We do not sell or rent your personal data.

8. Data Retention

We retain personal and health data only for as long as necessary:

  • Health records and test results: Retained while your account remains active or as required by law

  • Consultation logs (if applicable): Retained securely for a limited time

  • Email marketing data: Retained until you unsubscribe

  • Analytics data: Typically retained for 24 months

You may request deletion of your personal data at any time by contacting us.

9. How We Protect Your Data

We take your privacy seriously and protect your data through:

  • SSL encryption and secure servers

  • Strict internal access controls

  • Data minimisation and audit practices

  • Staff training in data protection responsibilities

In the event of a data breach, we will notify the Information Commissioner’s Office (ICO) and affected users in accordance with UK law.

10. Your Data Protection Rights

As a UK or EU resident, you have the right to:

  • Access your personal data

  • Rectify inaccurate or outdated data

  • Request erasure (“right to be forgotten”)

  • Restrict processing under certain conditions

  • Object to certain types of processing

  • Data portability — receive your data in a structured format

  • Withdraw consent at any time without affecting the lawfulness of prior processing

To exercise any of your rights, please contact: byoletehealth@gmail.com

11. Children’s Privacy

Byolete only serves individuals aged 18 years and over. If we become aware that we have collected personal data from anyone under 18, we will delete it immediately.

12. Updates to This Privacy Policy

We may update this policy from time to time. When we do, we will post the revised version on our website and, where appropriate, notify you via email or banner notification.

13. Contact Us

If you have any questions, concerns, or data requests, please contact:

📧 byoletehealth@gmail.com
📍 81 Greenes Road, Whiston, L35 3RE