Homediq Europe BV owns and operates an online platform that connects customers with certified medical laboratories. With Homediq, customers can order, manage and track laboratory tests. The Homed-IQ online portal is used to receive results of male and female laboratory tests.

In order to provide our services, we need to process certain personal information about you. Homediq respects your privacy and the personal data we process are treated with the utmost care and control.

In this privacy & cookie statement we inform you about the way we process your personal data. When processing your personal data, we use our website (www.homediq.com), where we store the information we have received from you.

1. Who does this privacy & cookie statement apply to?

This privacy and cookie statement applies to you when:
– you use the services and/or 
– you order or use the tests and/or 
– you visit the website and/or 
– when you contact us. 

2. Who is the data controller? 

Homediq is the data controller for the processing of your personal data under applicable data protection laws. The contact details of Homediq are:

Homediq Europe BV
Waaier 30B
2451 VV Leimuiden
[email protected]

3. What types of personal data do we process?

We may process the following types of personal data about you:

Account on the website
In order to use our services, you must create a user account on the website. To do this, you must provide the following information:
– Name;
– Contact details
– E-mail address;
– Telephone number;
– Gender;
– Date of birth;
– Any other information we receive from you through our website.

If you are registered as a company, we will further process:
– Company name;
– Registration number with the trade register of the Chamber of Commerce.

Handling orders and payments
We use the following information to process orders and process your payment: 
– Bank account number;
– Information about the payment service provider you use;
– For companies: VAT number;
– Any other information provided to you regarding payments.

Send tests by mail
After payment is received, we will send the test (s) to you by mail. For this we need:
– Contact details;
– Delivery address, zip code, country;
– Billing address.

Surveys / questionnaires
If you suggest product features or provide other feedback about the Services, we can use it without any obligation to you. Any feedback, comments, or suggestions you may provide to us on any public forum regarding Homed-IQ or the Services (“Feedback”) is voluntary, and you hereby grant Homed-IQ a perpetual, irrevocable, unrestricted, royalty-free right and license to use Feedback in any lawful manner.

Email
If you contact us by email, we may keep that correspondence.

Presenting test results on our website
In order to provide our laboratory testing services to the best of our ability, we need to disclose information to several individuals within our company, including the physician, accredited laboratory, and our IT service providers. As soon as you purchase a product from us, your order data must be processed so that the test can be sent to you. 

The accredited laboratory only has access in a pseudonymized manner to your date of birth, your test sample and the test results published therein. The accredited laboratory does not have access to your other personal information and the data to which it has access cannot be attributed to you without the use of additional information that is separately stored in our database.

After Homediq has received the results, Homediq may present the results to you by email or they will be accessible on the secure portal through the Homediq website. Homediq will ask for your explicit permission during the ordering process.

Children’s Privacy
We will not knowingly collect personal information from website users under the age of 18. We rely on your promise in the terms and conditions that you are over 18 years old. You may not use the Homediq website or its services, including purchasing products if you are not 18 years of age or older.

4. What are the applicable legal grounds for the processing of your personal data?

We may only process your personal data if there is a legal ground. We always ask your explicit permission for the processing of genetic data, health data or other data. 

We may also ask your permission for certain data processing activities, for example when we want to send emails for marketing purposes. In some cases, we have a legitimate interest in the processing of your personal data where we do not infringe on your privacy. For example, if you are an existing customer and we want to keep you informed of interesting developments around Homediq. In addition, we can process personal data to comply with our legal obligations.

All other forms of data processing are carried out for the execution of the agreement concluded before we provide you with services or tests.

5. How long are your personal data kept?

We will not keep your personal data longer than is necessary for the purposes for which we obtained your personal data. In principle, we can keep your personal data for a maximum of one (1) year after the termination of our business relationship, unless we have to keep your personal data to comply with a legal obligation. In addition, we may retain personal information necessary for legal proceedings, complaints and disputes for as long as is necessary to protect our interests.

6. Who has access to your personal data?

Individuals working for Homediq may have access to your personal information on a need-to-know basis. However, these individuals will never have access to genetic data, health data or your test results. This data is only processed under the responsibility of a medical professional under the duty of confidentiality. 

Information may be shared with external partners who process information on our behalf. We use external partners for, among other things, technical operation and improvements of the Website, distribution of newsletters and targeted marketing including retargeting (e.g. recommendations based on your preferences), as well as for your assessment of our company and products. Among other things, we share certain information such as order number, name and email address with TrustPilot so that an invitation can be sent on our behalf for customers to review us on TrustPilot’s website. If you choose to leave a review, TrustPilot will be the data controller for the information provided. These companies are data processors under our instruction and process data for which we are the data controller. The data processors may not use the information for any purpose other than fulfilling the agreement with us, and are subject to confidentiality agreements. We have entered into written data processor agreements with all data processors that process personal data on our behalf.

We may provide your personal information to the competent authorities at their request to the extent required by law or as necessary to defend our rights in legal proceedings or investigations. 

Right of inspection
You have the right to view the data that we process or have processed that relates to your person or can be traced back to it. You can make a request to this effect with our contact person for privacy matters. You will then receive a response to your request within 30 days. If your request is granted, we will send you a copy of all data with an overview of the processors who hold this data, stating the category under which we have stored this data, at the e-mail address provided to us.

7. Are your personal data processed outside the EEA?

Our third-party service providers may be located in countries outside the European Economic Area (EEA), which may not provide an adequate level of protection for personal data. To protect your personal information and to comply with our legal obligations, we will enter into a data transfer agreement based on the standard contractual clauses approved by the European Commission before we engage service providers outside the EEA. 

8. Is your personal information secure?

We process your personal data with the utmost care and control. This means that we will take appropriate technical and organizational measures to ensure that all information is correct, current and complete and to prevent unauthorized persons from accessing our organization. We protect our systems and applications in accordance with applicable information security standards.

9. Where can you submit requests for access, rectification, deletion and restriction?

You can exercise your right of access to your personal data at reasonable intervals at any time. After your inspection, you can request that we correct or delete incorrect information or allow us to restrict the processing of your personal data.

If your personal data is processed based on your consent, you can withdraw your consent at any time. To exercise this right and the rights mentioned above, please contact us using the contact details in this privacy statement.

Right of rectification
You have the right to have the data that we process or have processed that relates to your person or that can be traced back to it, adjusted. You can make a request to this effect with our contact person for privacy matters. You will then receive a response to your request within 30 days. If your request is granted, we will send you a confirmation that the data has been changed at the e-mail address provided to us.

Right to restriction of processing
You have the right to limit the data that we process or have processed that relates to your person or that can be traced back to it. You can make a request to this effect with our contact person for privacy matters. You will then receive a response to your request within 30 days. If your request is granted, we will send you a confirmation to the e-mail address provided to us that the data will no longer be processed until you lift the restriction.

Right to portability
You have the right to have the data that we process or have processed that relates to your person or that can be traced back to it be carried out by another party. You can make a request to this effect with our contact person for privacy matters. You will then receive a response to your request within 30 days. If your request is granted, we will send copies of all personal data that we have processed or that has been processed by other processors or third parties to the email address provided to us. In this situation, we likely will no longer be able to continue our services, because the secure linking of data files can no longer be guaranteed.

Complaints?
If you have complaints about how we handle your personal data, you can contact us using the contact details in this privacy statement. We are happy to help you find a solution. If that does not work, you can always file a complaint with the Dutch supervisory authority (Dutch Data Protection Authority); more information about submitting a complaint can be found on this page.

Questions?
We take your privacy very seriously and try to protect your privacy as much as possible. If you have any questions about how we process your personal data, or if you would like to assert your rights, you can always contact us at [email protected].

This privacy statement can change at any time. You will always find our current privacy statement on the website. 

This privacy statement was last modified on February, 2023.