Welcome to the Enbiosis privacy policy!
Last updated: 06th February 2024
Hello, welcome to the Enbiosis privacy policy. This is where we tell you how we process and protect your data and how we respect your privacy.
This policy is made for and applies to anyone who is an Enbiosis customer or subscriber, or just anyone who is visiting our website. Please make sure you check this policy and if you don’t agree with it, then (although we hate to turn you away) you shouldn’t use our site or service. This is because by accessing or browsing enbiosis.com (our “Website”), or using any of the services we provide to our customers (our “Service”), then you confirm that you have read, understood and agreed to this.
Alternatively, feel free to email us at info@enbiosis.com if you have questions or concerns.
We may update our privacy policy from time to time. Any changes we make will be posted on this page and, where appropriate, we will send you an email to confirm the changes as well.
Contents of this Policy:
1. About Enbiosis
2. The personal information we collect
3. How do we use it?
4. Sharing your information
5. How long we store your data for
6. Your choices and rights
7. Transfers of information
8. Security of your personal information?
9. Third party websites
10. Cookies
11. Contact us
12. Cookie Policy
1. About Enbiosis
We are registered as a limited company in the UK as Enbiosis Biotechnology Limited and refer to ourselves in the first person throughout this policy.
Our registration number is 13111010 and our registered offices is 100 Borough High Street, London, SE1 1LB, UK. We are registered with the UK Information Commissioner’s Office
2. The personal information we collect
Personal information is the term we use to describe information which we collect and which can be used to personally identify someone. For example, a name, a personal address or even an IP address.
Here is a list of the types of personal data we collect:
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (‘Personal Data’). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Postal code, City
- Cookies and Usage Data
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.
You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.
Health and Lifestyle Information
This is information from the questionnaires on our site about your health, including your own and your close relatives’ medical history, treatments received or ongoing, known allergies, medications, known long term conditions and relevant lifestyle information such as smoking or alcohol consumption.
Biological Samples
These are the stool samples which you provide to us to enable us to perform the testing services.
Information Derived from Information You Give Us
Genetic Data
This is uninterpreted DNA data which we receive from our laboratories and which is stored and displayed to you in your personal account. The raw data can also be downloaded as a *.txt file or as a *.csv file. This information, in anonymised form, is also used for interpretation (see below), and you must agree to that before you submit an order for our testing services.
Results of Interpretation
These include health, nutrition, sports, ancestry and personal traits data which are derived from interpretation of your health and lifestyle information and raw data and which we display to you in your personal account. All this information is stored on secure servers of the Amazon Web Services (AWS) under our control.
Information We Collect about You
Usage Data
We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device (‘Usage Data’).
This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), your login information, browser type, browser version, browser plug-in types and versions, operating system and platform, time zone setting, clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, any phone number used to call our customer service number, the time and date of your visit, unique device identifiers and other diagnostic data.
When you access the Service by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
Tracking Cookies Data
We use cookies and similar tracking technologies to track the activity on our and hold certain information.
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.
Information from Third Parties
We may be provided personal information from the companies which serve as our sales partners, distributors or are otherwise related to our sales channels. We take all the reasonable efforts to ensure that all these parties comply with all the national and the international legislation in terms of privacy. This information generally includes, but may be not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
3. How do we use it?
We only ever use your information in line with data protection laws – in particular, the EU General Data Protection Regulation, otherwise known as GDPR. In short, this means we only use it where we have a legal basis to do so. These are the general legal basis for which we use your information:
Consent – you have given clear consent to us to process your personal information for a specific purpose.
Our contract – processing your personal information is necessary for a contract you have with us, or because we have asked you to take specific steps before entering into that contract.
Legitimate interests – processing your personal information is necessary for our legitimate interests or those of a third party, provided those interests are not outweighed by your rights and interests.
Enbiosis uses the collected data for various purposes:
a) To provide and maintain our Service
b) To notify you about changes to our Service
c) To allow you to participate in interactive features of our Service when you choose to do so
d) To provide customer support
e) To gather analysis or valuable information so that we can improve our Service
f) To monitor the usage of our Service
g) To detect, prevent and address technical issues
h) To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information
We primarily use the following types of information for the following purposes:
Information We Collect from You
We will use your personal details:
a) to provide you with the testing services that you request from us;
b) to notify you about changes to our Service; and
c) to ensure that content from our site is presented in the most effective manner for you and for your computer.
We will use your health information and biological samples to provide you with the testing services you request from us.
Information Derived from Information You Give Us
We will use your raw data and the results of interpretation to provide you with the testing services that you request from us.
We may use anonymised and aggregate raw data to identify disease patterns and for other interpretive purposes. Anonymised and aggregate raw data has been stripped of your name and other contact information and aggregated with other customers’ raw data so that you cannot reasonably be identified as an individual from that information.
Information We Collect about You
We will use this information:
a) to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
b) to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
c) to allow you to participate in interactive features of our service, when you choose to do so; and
d) as part of our efforts to keep our site safe and secure; and
e) to provide you with the results of interpretation.
Information from Third Parties
The data we obtain from these sources is will further be used by us:
a) to provide you with the testing services that you request from us; and
b) to notify you about changes to our Service.
4. Sharing your information
We may share your personal information with the following categories of third parties, including:
a) our service providers and sub-contractors, including but not limited to payment processors, suppliers of technical and support services and cloud service providers;
b) companies that assist us in our marketing, advertising and promotional activities;
c) analytics and search engine providers that assist us in the improvement and optimisation of our Website; and
d) any third parties that you have agreed that we may share your personal information with for marketing purposes.
If we share your personal information to third parties, they will only legally be able to use it for the purpose of providing services to us. We make sure that third parties we share personal information with follow equivalent privacy and security procedures to our own to protect your information.
We may anonymise and aggregate your data to create health reports and statistics. This may be used for marketing or shared with third parties for purposes of academic research.
Finally, we may also disclose your personal information to third parties in certain exceptional circumstances as follows:
a) if we sell or buy any business or assets, we may disclose your personal information to the seller or buyer of that business or those assets;
b) if Enbiosis or most of our assets are acquired by a third party, in which case personal information held by Enbiosis will be one of the transferred assets;
c) if we are required by any applicable law or law enforcement organisation to do so;
d) in order to enforce or apply our terms and conditions or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or
e) to protect the rights, property, or safety of Enbiosis, our customers or other persons. This may include exchanging information with other organisations for the purposes of fraud protection and credit risk reduction.
Except for what is written in this policy, we will never share any of your personal information to any third party without notifying you and/or getting your consent. If you do consent and later change your mind, you can remove consent and therefore our permission to use this information. See below for your rights to withdraw consent.
5. How long we store your data for
Enbiosis Biotechnology Limited will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
Enbiosis Biotechnology Limited will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
6. Your choices and rights
Choices:
At any time:
You can choose not to provide us with personal data
If you choose to do this, you can continue to visit our website and browse its content, but we won’t be able to provide you with services, even if you have already paid for them.
You can turn off cookies in your browser settings
If you turn off cookies, you can continue to visit our website and browse its content, but our online services might be less effective.
You can choose for us not to use your personal information for marketing
We will request your consent to do this, but you can choose to refuse your consent. If you have given your consent and want to retract it later, then you can either unsubscribe to the communications or opt out by contacting us at info@enbiosis.com .
Rights:
You can contact us by email at info@enbiosis.com at any time, to request that we:
a) update any personal information which is out of date or incorrect;
b) delete any personal information which we are holding about you;
c) restrict the way that we process your personal information;
d) provide your personal information to a third party provider of services; or
e) provide you with a copy of any personal information which we hold about you on request to info@enbiosis.com (although we reserve the right to charge reasonable fee for this if requests are excessive or repetitive).
You have the right to withdraw your consent in relation to us processing your special categories of personal data (as mentioned above) at any time.
You can do this by contacting us through online chat or via info@enbiosis.com.
If you withdraw your consent to us processing your personal data, especially the special categories above, this will mean that we are unable to provide our services to you. In addition, please remember that we are required by law to retain medical records for 10 years.
7. Transfers of information
The personal data we collect is processed at our offices in London and in any data processing facilities operated by the third parties. Technology businesses often use third parties to help them host their application, communicate with customers, power their emails etc. We carefully vet any services we use to ensure they adhere to high standards of security and privacy.
When we do this, sometimes it is necessary for us to share your data with them in order to allow these services to work. Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy.
Below is a list of the main third party providers we use:
Infrastructure: Heroku, Amazon Web Services, Sentry
Analytics: Mixpanel, Segment, Full Story
Communications: Mailchimp, Intercom, Sendgrid, Twilio
Payments: Stripe
If we transfer or store your information outside of the EEA, then we will take steps to inform you of this by outlining it in our privacy policy and taking all reasonable precautions to ensure privacy rights continue to be protected.
8. Security of your personal information
Our responsibility to you
At Enbiosis, we have physical, electronic and managerial procedures in place to protect and secure the information we collect. We are committed to protecting personal information from loss, misuse, disclosure, alteration, unauthorised access and destruction and we take all reasonable precautions to safeguard the confidentiality of personal information.
We make every effort to protect your personal information. However, there is always an inherent risk, beyond our control, in sending information over the internet. If we do ever encounter any online data breaches, we commit to taking prompt action to resolve the situation to protect your information.
We use Stripe for payment transactions and so do not hold payment or payment card data.
Your responsibility to us
Where we have given you (or where you have chosen) a password which enables you to access your online account, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
9. Third party websites
Our Website may, from time to time, contain links to websites operated by third parties.This privacy policy only applies to the personal information that we collect through this Website and we cannot be responsible for personal information collected and stored by third parties. Third party websites have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal information to these websites. We don’t endorse or accept any responsibility for the content of those third party websites or third party terms and conditions or policies.
10. Cookies
Some pages on our Website use cookies, which are small text files placed on your device (such as your computer, tablet or mobile phone) when you visit our Website. We use cookies in order to offer you a more tailored experience in the future, by understanding and remembering your particular browsing preferences. For more information, please see www.allaboutcookies.org.
Please click here to view our separate cookie policy, which is part of this privacy policy.
11. Contact us
Questions, comments and requests about this privacy policy or how we collect, use or store your personal information are welcomed and should be emailed to info@enbiosis.com or our data protection officer.
If you believe we have breached your rights, you can contact us, or you can make a complaint to the UK Information Commissioner’s Office (https://ico.org.uk) or seek remedy through your local courts if you believe your rights have been breached.
12. Cookie Policy
What are cookies?
Some pages on our Website use cookies, which are small text files placed on your device (such as your computer, tablet or mobile phone) when you visit our Website. We use cookies in order to offer you a more tailored experience in the future, by understanding and remembering your particular browsing preferences.
Cookies help us provide you with the best possible experience. When you re-visit our Website, cookies allow our Website to recognise you, remember your preferences and tailor your use of our Website. Information provided by cookies can help us to analyse your use of our Website and help us to provide you with a better user experience.
Cookies are referred to as either “session” or “persistent” cookies, depending on how long they are used for:
Session cookies only last for the duration your online session and disappear from your device when you close your browser. Session cookies are not stored on the hard drive of your device.
Persistent cookies are stored on the hard drive of your device after the browser has been closed and last until you delete them or they reach their expiry date. Persistent cookies are activated each time you visit the site where the cookie was generated.
For more information, please see www.allaboutcookies.org.
What types of cookies do we use?
The types of cookies that may be used on our Website fall into one of four categories as follows:
‘Strictly necessary’ cookies. These cookies are essential for the operation of our Website and enable you to access certain features. Without these cookies, we would be unable to provide you with the online services you request, for example, remembering your shopping basket and logging into your account. These cookies do not track where you have been on the internet and do not gather information about you that could be used for marketing purposes.
Functional cookies. Functional cookies are used to recognise you when you return to our Website. They also remember your preferences (such as your username, language and region) on our Website and enable us to personalise our content for you. The information collected by these cookies is usually anonymised, so we cannot identify you personally. Functional cookies do not track your internet usage or gather information which could be used for selling advertising, but they do help with serving advertising.
Analytical cookies. Analytical cookies are used to monitor the performance of our Website. For example, they allow us to recognise and count the number of visitors and to see how visitors move around our Website when they are using it. The information provided by these cookies allows us to analyse patterns of user behaviour and we use that information to enhance user experience or identify areas of our Website which may require maintenance. All of the information collected by these cookies is anonymous and is only used for statistical purposes.
Targeting cookies. These cookies may be placed on your device by us or by trusted third parties. They remember that you have visited our Website and use that information to provide you with advertising which is tailored to your interests. This is often called online behavioural advertising (OBA) and involves the monitoring of interests based upon web browsing history.
Your web browsing history can be used to infer things about you (for example, your age, gender etc.), and this information may also be used to make advertising on websites more relevant to you. Although behavioural advertising cookies can track your activity around the internet they cannot identify you personally, even if you are signed in to our Website. Without these cookies, online advertisements you encounter will be less relevant to you and your interests. If you would like more information about OBA, including how to opt-out of these cookies, please visit www.youronlinechoices.com.
Our emails and Website pages may contain a web beacon to track whether you open an email and if you click on any of the links in the email or Website page. We may use this information to help us analyse the types of topics that you are interested in, for fraud detection and to let our advertisers know how many of our anonymised, aggregated users click on their advertisements. When you delete the email, the web beacon will be deleted.
When you browse our Website some cookies may be set by third parties, over which we have no control. When you visit a page with embedded third party content, the service provider may set their own cookies on your device. You may also encounter third party cookies resulting from our use of third party services, which help us monitor traffic on our Website. We do not control the use of these cookies and you should refer to the relevant third party websites for more information.
How can I manage or disable cookies?
There are a number of ways for you to manage cookies. Your browser settings should allow you to accept or reject cookies and you can set your browser to prompt you before accepting a cookie.
You can delete any cookies that have been installed in the cookie folder of your browser. The various browsers provide different procedures to manage your settings. Most browsers will have a help feature or menu that will tell you how to delete or disable cookies. You can also delete similar data used by browser add-ons by changing the settings of your add-on or visiting manufacturer’s website.
Please be aware that if you set your browser to disable cookies entirely it may affect the way our Website operates and you may not be able to use certain features of our Website.