- Introduction
At ZEEQUEST, we are concerned with the protection of your privacy, and we engage to comply with the applicable laws on privacy protection in relation to the processing of your data. We collect, process, and store your Personal Data as you use Services as it is defined in the Terms and Conditions. Personal Data is information that can reasonably identify you, such as your name, email or date of birth, biological sex, health data, or it may be information that can reasonably be linked back to you.
This Privacy Policy describes our practices for collecting, processing, and storing your Personal Data, and the controls we provide you to manage it within Services.
We commit ourselves to be transparent with you by providing clear information about what personal data we collect; what we do with it and why; who we disclose it to; how we protect personal data and what choices you have regarding the use of your personal data by us and third parties.
Importantly, we do not collect, process, and store any Data Concerning Health (as defined below). Any Personal Data is not processed for any other purpose than to provide you with the Services report. Personal Data is stored within the Account, however, we have implemented secure means that are intended to prevent third parties to reviewfrom reviewing such data. If you terminate your Account, all such data will be deleted.
Data Processor and Contact
The entity responsible for the processing of your personal data when using the Services is ZeeQuest Inc., company registration number [COMPANY REGISTRATION NUMBER], 16192 Coastal Highway Lewes, Delaware United States of America. If you have questions about our Privacy Policy or practices, please feel free to get in touch. You can contact us at support@zeequest.com.
- Definitions
Application: ZeeQuest Navigator app.
Anonymized Information: any information that has been anonymized in a manner to result in the information no longer being able to reasonably identify an individual, whether directly or indirectly, and is therefore no longer considered as Personal Data.
Concerning Health: Personal Data related to the physical or mental health of a natural person, including the provision of health related services, which reveal information about his or her health status, as defined in Article 4 of the GDPR.
GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Personal Data: information that can be used to identify you, either alone or in combination with other information, as defined in Article 4 of the GDPR.
Services: ZEEQUEST’ application intended for interpretation of blood results by way of advanced machine learning algorithms for medical use, as well as products, software, services, and website (including but not limited to text, graphics, images, and other material and information) as accessed from time to time by the user, regardless if the use is in connection with an account or not, and as defined in the Terms and Conditions.
ZEEQUEST, us or we: ZeeQuest Inc., aA privately owned company aiming to explore, pioneer, create and develop innovations for personal development, business success and well-being, whose principal place of business is at 16192 Coastal Highway Lewes, Delaware, USA, and any of its subsidiaries.
Terms and Conditions: ZEEQUEST’ Terms and Conditions, available within Services application when creating your account and under Settings – Terms & Conditions.
- Registration Process and Your Engagement with Services
Personal Data required to start the registration process are your name, biological sex, country of residence, email address and your date and hour (optional) of birth (age).
Registration process also requires you to agree to the Terms and Conditions and this Privacy Policy by clicking “I accept the Terms and Conditions” and “I consent to the processing of my personal data and accept the Privacy Policy”.
By clicking “I consent to the processing of my personal data and accept the Privacy Policy”“Register” you are telling us that youexpressly consent to ZEEQUEST collecting, processing, and storing your Personal Data, including special category data (such as Data Concerning Health), as described in this Privacy Policy and in any other documents referenced in this Privacy Policy.
- What Personal Data Does ZEEQUEST Collect From You?
| Data Category | Use DescriptionData type |
| Account Information | Email address Your first name Your last nameYour birth date and (optional) time of birth (age) Your biological sexYour country of residenceYour other Personal Data you voluntarily includeType of your device using for registration and software Location of the deviceDevice language IP address |
| Service Information | Mandatory parametersReport on the interpretation of mandatory parameters (potential health conditions) |
| Credit Card/Payment Information | Payment information such as your billing address(es), when you purchase a payable service from ZEEQUEST. Please note that any credit card information is processed by providers of payment services and not ZEEQUEST. |
| Your Communications | Information you provide in communications with ZEEQUEST. |
The table below describes the Personal Data we collect from you to provide you with Services.
| Data Category | Use Description |
| Account Information | Email address Your first name Your last nameYour birth date and (optional) time of birth (age) Your biological sexYour country of residenceYour other Personal Data you voluntarily includeType of your device using for registration and software Location of the deviceDevice language IP address |
| Service Information | Mandatory parametersReport on the interpretation of mandatory parameters (potential health conditions) |
| Credit Card/Payment Information | Payment information such as your billing address(es), when you purchase a payable service from ZEEQUEST. Please note that any credit card information is processed by providers of payment services and not ZEEQUEST. |
| Your Communications | Information you provide in communications with ZEEQUEST. |
- What Information Does ZEEQUEST Collect Through Your Use of Services?
| Information Category | Use Description |
| Computer and Mobile Device Information | Information about how you access Services (as defined in the Terms and Conditions). |
| Information from your use of Services | Information about your use of Services, such as when you access your profile, location of the device, device language, IP address and related activities. |
- How Does ZEEQUEST Use Your Personal Data?
| Category | Use Description |
| Personal Data (Account Information and Service Information) | We use your Personal Data to provide, personalize, improve, update and expand our services. This includes:Authenticating your access to Services, and improving ZEEQUEST information securityProcessing your payments for purchased services (via payment provider) Conducting statistical researchProvision of functionalities of Services to youConducting of interpretation of the mandatory parameters through Services in order to provide you with the requested resultsDetecting and protecting against error, fraud, or other criminal or malicious activity and enforcing our Terms and Conditions |
| Communications | We use your Personal Data to communicate with you about Services, such as when we:Respond to your inquiries in relation to ServicesInform you about activities and results related to your use of Services Inform you of product changes or new similar products and services Provide you with information or request action in response to technical, security, legal and other operational issues |
| Scientific and Research Purposes | In order to support the research on development of AI and the corresponding care paths, we may use your data, pseudonymized or anonymized (without us being able to identify you) for research purposes. This may include sharing your data with carefully selected third party research institutions. By accepting our Terms and Conditions and our Privacy Policy and by performing measurements through Services, you agree to the fact that your measurements being processed for the purposes of the provision of Services and to be used in accordance with Article 89 GDPR and preferably pseudonymized for the purposes of research and testing of Services. As such, your measurements may be reviewed by our employees or third-party consultants who work for us and who are bound by strict confidentiality. The processing of your Personal Data for scientific and research purposes shall be done based upon legitimate interest. If you no longer wish that ZEEQUEST uses your Personal Data you can object to this use, we shall only be able to use anonymized data. |
| Category | Use Description |
| Personal Data (Account Information and Service Information) | We use your Personal Data to provide, personalize, improve, update and expand our services. This includes:Authenticating your access to Services, and improving ZEEQUEST information securityProcessing your payments for purchased services (via payment provider) Conducting statistical researchProvision of functionalities of Services to youConducting of interpretation of the mandatory parameters through Services in order to provide you with the requested resultsDetecting and protecting against error, fraud, or other criminal or malicious activity and enforcing our Terms and Conditions |
| Communications | We use your Personal Data to communicate with you about Services, such as when we:Respond to your inquiries in relation to ServicesInform you about activities and results related to your use of Services Inform you of product changes or new similar products and services Provide you with information or request action in response to technical, security, legal and other operational issues |
| Scientific and Research Purposes | In order to support the research on development of AI and the corresponding care paths, we may use your data, pseudonymized or anonymized (without us being able to identify you) for research purposes. This may include sharing your data with carefully selected third party research institutions. By accepting our Terms and Conditions and our Privacy Policy and by performing measurements through Services, you agree to the fact that your measurements being processed for the purposes of the provision of Services and to be used in accordance with Article 89 GDPR and preferably pseudonymized for the purposes of research and testing of Services. As such, your measurements may be reviewed by our employees or third-party consultants who work for us and who are bound by strict confidentiality. The processing of your Personal Data for scientific and research purposes shall be done based upon legitimate interest. If you no longer wish that ZEEQUEST uses your Personal Data you can object to this use, we shall only be able to use anonymized data. |
- When Do We Share Your Personal Data and Who are the Recipients?
ZEEQUEST does not share your Personal Data with third parties without your additional consent other than as described in this Privacy Policy. The circumstances described below explain when sharing might occur:
| People with whom your Personal Data may be shared / Circumstances in which sharing might occur | Description |
| Service Providers | We use other companies to help us provide functionalities of Services to you, which may include our group companies. As a result, these partner |
| companies will have some of your Personal Data in their systems. Our partners are subject to contractual obligations governing data security and confidentiality consistent with this Privacy Policy and applicable laws.These processing partners include our: Payment processorsProvider of Cloud services (Hetzner Online GmbH)Please note that the above list is not final and may be subject to change, depending on current circumstances. | |
| Legal or Regulatory Process | We may share your Personal Data if we believe it is reasonably necessary to:Comply with valid legal processes (e.g., subpoenas, warrants) Enforce or apply the ZEEQUEST Terms and Conditions Protect the security or integrity of Services orProtect the rights, property, or safety, of ZEEQUEST, our employees or usersIf we are compelled to disclose your Personal Data to law enforcement, we will do our best to provide you with advance notice, unless we are prohibited under the law from doing so or such action would circumvent the purpose of the enforcement. |
| Research Institutions | We may share your Personal Data in the manner as disclosed in section 6 above with applicable research institutions. |
In the event of a full or partial merger, or the takeover of ZEEQUEST in full or in part, we shall be permitted to relay your Personal Data to a third party for the purpose of executing the transaction, including a due diligence review. In that case, ZEEQUEST shall require the said third party to use any Personal Data only in strict compliance with the present Privacy Policy. In the event of a commercial transaction concerning our assets or part of the company, Personal Data may be transferred to a third person.
- Your Choices, Rights and Access to Your Personal Data
We are committed to giving you control over your personal data to the furthest extent possible and in order to do so you can exercise certain rights which affect how we process your personal data. You can read a more detailed description about those rights below.
Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
You have the right to lodge a complaint with a supervisory authority.
In detail. Your right to complain exists without prejudice to any other administrative or judicial remedy. You have the right to lodge a complaint with a supervisory authority in the EU/EEA member state of your habitual residence, place of work, or place where the alleged infringement of applicable data protection laws has allegedly occurred. You can find the competent supervisory authority in the relevant EU/ EEA member state on this list.
Right to withdraw consent (Article 7.3 GDPR)
You have the right to withdraw your consent at any time. This can easily be done in the Application under privacy settings or contact us via the contact details at the beginning of this Privacy Policy.
The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
If you withdraw your consent, we may not be able to provide you with the Services and you should discontinue using the Services.
Right to access (Article 15 GDPR)
You have the right to obtain confirmation as to whether we are processing personal data concerning you or not. You can make a request by contacting us. If we do process your personal data, you also have a right to obtain a copy of the personal data processed by us as well as information about our processing of your personal data.
In detail. The information we provide includes the following:
– the purposes of the processing,
– the categories of personal data concerned,
– the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations,
– where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period,
– the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing,
– the right to lodge a complaint with a supervisory authority, and
– the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer of personal data to a third country.
For any further copies of the personal data undergoing processing requested by you, we may charge a reasonable fee based on administrative costs. If you have made the request by electronic means the information will be provided to you in a commonly used electronic form, unless otherwise requested by you.
Right to rectification (Article 16 GDPR)
You have a right to obtain, without undue delay, the rectification of inaccurate personal data concerning you.
In detail. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including the means of providing a supplementary statement.
We will notify each recipient to whom the personal data has been provided of any correction that has been made unless this turns out to be impossible or entails a disproportionate effort. If you want information about these recipients, you are welcome to contact us.
Please note that you can change your personal information in Services at any time under the “Settings”. Regardless of the aforementioned, Date, hour of birth and biological gender can be changed only once, for any additional changes you should contact support@zeequest.com. Email can be changed by written request to support@zeequest.com.
Right to erasure (“the right to be forgotten”) (Article 17 GDPR)
You can at any time ask us to delete some or all of your personal data.
In detail. You have the right to obtain from us the erasure of your personal data and we have the obligation to erase your personal data without undue delay where one of the following grounds applies:
– the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed,
– you withdraw your consent and there is no other legal ground for the processing,
– you object to the processing pursuant to Article 21.1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21.2 GDPR,
– the personal data have been unlawfully processed, or
– the personal data have to be erased for compliance with a legal obligation in Union or Member State law that applies to us.
We will notify each recipient to whom the personal data has been provided about any erasure of personal data according to the above unless this turns out to be impossible or entails a disproportionate effort. If you want more information about these recipients, you are welcome to contact us.
Note that our obligation to erase and inform according to the above shall not apply to the extent that processing is necessary according to the following reasons:
– for exercising the right of freedom of expression and information,
– for compliance with a legal obligation which requires processing by Union or Member State law that applies to us, or
– for the establishment, exercise, or defence of legal claims.
Right to restriction of processing (Article 18 GDPR)
You have the right to demand restriction on the processing of your personal data.
The right applies if:
– the accuracy of the personal data is contested by you, during a period enabling us to verify the accuracy of the personal data,
– the processing is unlawful, and you oppose the erasure of the personal data and instead request the restriction of the use,
– you need the personal data for the establishment, exercise, or defence of legal claims even though we no longer need the personal data for the purposes of the processing, or
– you have objected to processing pursuant to Article 21.1 GDPR pending the verification of whether our legitimate grounds override yours.
Where the processing has been restricted according to the above, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defence of legal claims or the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. We will notify you before the restriction of processing is lifted.
We will notify each recipient to whom the personal data has been provided about any restriction of processing according to the above unless this turns out to be impossible or entails a disproportionate effort. If you want more information about these recipients, you are welcome to contact us.
Right to data portability (Article 20 GDPR)
You have the right to receive your personal data from us in a structured, commonly used and machine-readable format and, where technically feasible, have your personal data transferred to another data controller (“data portability”).
The right applies to our processing of your personal data when it is based on the lawful basis of consent (Article 6.1 (a) GDPR or contract (Article 6.1 (b) GDPR) and the processing is carried out by automated means.
The exercise of the right to data portability shall be without prejudice to the right to be forgotten (Article 17 GDPR).
Your right to data portability shall not adversely affect the rights and freedoms of others.
Right to object (Article 21 GDPR)
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data that is based on the lawful basis legitimate interest (Article 6.1 (f) GDPR), including profiling.
If you object, we shall then no longer process the personal data in question, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of you, or for the establishment, exercise, or defence of legal claims.
Subject to certain exceptions, you have a right to request access to your Personal Data (along with information about the nature, processing and disclosure of your Personal Data), and to be provided with a copy of Personal Data you provided to ZEEQUEST, as well as to seek to update, delete or correct this information by contacting ZEEQUEST.
Please note that you can change your personal information in Services at any time under the “Settings”. Regardless of the aforementioned, Date, hour of birth and biological gender can be changed only once, for any additional changes you should contact support@zeequest.com. Email can be changed by written request to support@zeequest.com.
You also have a right not to provide your Personal Data to us. Exercising this right may however result in ZEEQUEST not being able to provide you with the full benefits of Services. Additionally, you have a right to object to processing of your Personal Data, request restriction of processing of Personal Data, and to lodge complaints with a competent protection authority regarding the processing of your Personal data by us or on our behalf.
You may withdraw your consent at any time. When you wish to withdraw your consent, please contact us via the contact details at the bottom of this Policy. When you withdraw your consent, we will not be able to provide you with the Services and you should discontinue using Services.
Furthermore, the law permits us to as yet process Personal Data for the above purposes which, strictly speaking, are not necessary but which are useful with a view to the performance of the User Agreement (“Optional Personal Data”), if you give us your consent to do so. Please note: if you actively supply this information in response to our request, this may be considered as consent. For example: If you voluntarily provide us with additional information regarding your use of Services, we may be obliged to communicate this Optional Personal Data on to the relevant regulatory bodiesauthorities.
- What are ZEEQUEST Retention Practices?
Generally, ZEEQUEST retains Personal Data on our system until our users inform us of their desire to delete their data or close their accounts. In some cases, we choose to retain usage information (e.g., visits to sites) in a depersonalized or aggregated form. Once aggregated, this information ceases to be personal and will not be subject to ZEEQUEST user deletion requests.
| Data Category | Retention Period |
| Account Information Service Information | During the contractual relationship and for the subsequent 2 years, unless the user exercises its right to be forgotten10 years after non-use of the application by users, unless the user exercises its right to be forgotten |
| Payment Information | During the contractual relationship and for the subsequent 10 years due to tax regulations. As mentioned above, if you have chosen in-app payment or your operating system only supports in-app payment, ZEEQUEST does not process any payment information. |
| Communications | During the contractual relationship and for the subsequent 5 years. |
- How can I Delete my Personal Data?
You can delete your Personal Data retained by ZEEQUEST by contacting us via email support@zeequest.com.
Please note that there may be some latency in deleting your Personal Data from our backup systems after it has been deleted from our systems. Also, our partners may retain certain information they receive from us in order to comply with laws or regulations that may require them to do so. ZEEQUEST may also retain certain information as reasonably necessary to comply with our legal obligations (including law enforcement requests), resolve disputes, maintain security, prevent fraud and abuse, as well as to comply with tax, payment industry, securities, and clinical regulatory compliance requirements.
- Personal Information Regarding the Health of Others
Services is intended for your personal use. If you want to help others, please do so by encouraging them to download their own version of Services application. This could help them to improve their time, health, social relations and finances.
- Security
ZEEQUEST maintains a comprehensive information security program designed to protect our customers’ Personal Data using administrative, physical, and technical safeguards.
The specific security measures used are based on the sensitivity of the Personal Data collected. We have measures in place to protect against inappropriate access, loss, misuse, or alteration of Personal Data under our control.
ZEEQUEST regularly reviews our security and privacy practices and enhances them as necessary to help ensure the integrity of our systems and your Personal Data.
We use latest standard security mechanisms while processing and storing Personal Data, and we only partner with security companies that meet and commit to our security standards. While we cannot guarantee that loss, misuse or alteration of data will not occur, we use reasonable efforts to prevent this.
We shall constantly strive to keep your Personal Data safe on our servers which are situated inside the European Economic Area.
It is also important for you to guard against unauthorized access to your Personal Data by maintaining strong passwords and protecting against the unauthorized use of your device. We request that all users assume their responsibility in protecting all login data and to immediately notify us of any unauthorized use of your individual Account.
- Data Transfer
Your information, including Personal Data, may be transferred to — and stored on — servers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that processing.
ZEEQUEST will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and the GDPR, and that no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal data.
- Changes to this Privacy Policy
We may modify this Privacy Policy at any time, but we will provide prominent advance notice of any material changes, such as posting a notice through Services application, on our website, or by sending you an email, to provide you the opportunity to review the changes and choose whether to continue using Services.
We will also notify you of non-material changes to this Privacy Policy as of their effective date by posting a notice through Services application, on our website, or by sending you an email. Your continued use of Services after notice of non-material changes means that you consent to the updated Privacy Policy.
- Legal Basis under GDPR for Processing of Personal Data
Where you have consented to data processing, your consent provides the legal basis to process your Personal Data. You have the right to withdraw consent at any time. Please note that your withdrawal of consent to collect and process your Personal Data will not affect the lawfulness of processing your Personal Data based on your consent before you withdrew your consent.
We also process your Personal Data on the basis of contractual necessity to perform a contract we have with you. We do not process your credit card or other payment means information, since this is the responsibility of the payment service provider.
We may also process your Personal Data on the basis of our legitimate interests, including in providing and improving Services. For example, ZEEQUEST has a legitimate interest in understanding your login history so
we can assess your interaction with Services. We use your Personal Data to keep Services safe and secure and we do so as it is necessary to pursue your and our legitimate interests in ensuring that Services is secure, and to protect against fraud, spam and abuse.
Where we rely on legitimate interests to process your Personal Data, you have the right to object to such processing. You can use your Privacy Settings to control certain ways in which we process your data. You can also contact us, using the details below, to object to other forms of processing.
- Identity and Contact Details
Services customers can reach us at any time by writing us at support@zeequest.com.
In addition, you also have a right to lodge a complaint about how we handle your Personal Data with your relevant regulatory authority in terms of the applicable law that applies to you.
| Regulatory Authority | Contact details |
| The European Commission | Online complaint procedure: https://ec.europa.eu/info/about- european- commission/contact/problems-and-complaints_enAddress: European Commission, Secretary-General, B-1049 Brussels, BELGIUMFax: 3222964335 |
| The independent Data Protection Authority per Member State of the European Union | Website listing all DPA’s per member state: http://ec.europa.eu/justice/article-29/structure/data-protection- authorities/index_en.htm |