Privacy Policy
Last updated: March 2026
1. Introduction
Auriome is committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR). This policy explains how we collect, use, and safeguard your personal data.
2. Data collected
We collect: account information (name, email), microbiome sample data, payment information (processed by Stripe), and usage data (anonymised analytics).
3. Purpose
Your data is used to: provide microbiome analysis services, generate personalised reports, improve our analytical algorithms (using anonymised/aggregated data only), and communicate service updates.
4. Legal basis
We process your data based on: your explicit consent (microbiome analysis), contractual necessity (service delivery), and legitimate interest (service improvement with anonymised data).
5. Health data
Microbiome data is classified as health-related data under GDPR. We process this data only with your explicit consent, apply encryption at rest and in transit, restrict access to authorised personnel only, and never sell or share identifiable health data with third parties.
6. Your rights (GDPR)
Under GDPR, you have the right to: access your personal data, rectify inaccurate data, request erasure ('right to be forgotten'), data portability, restrict or object to processing, and withdraw consent at any time.
7. Data retention
We retain your data for the duration of your account plus 3 years. Anonymised research data may be retained indefinitely. You may request deletion at any time by contacting us.
8. Security measures
We implement industry-standard security measures including TLS encryption, secure infrastructure hosted in the EU, regular security audits, and access controls and monitoring.
9. Contact
For privacy-related inquiries, contact us at: privacy@revheal.ai