Privacy Policy
Effective as of June 24, 2026
Introduction
Healsens Store (store.healsens.com) is operated by Healsens B.V. and its affiliates (“Healsens”, “we”, “us”). This Privacy Policy explains how we collect, use, store, and protect personal data when you browse our website, create an account, purchase health-related products or services, or otherwise interact with the store.
This policy should be read together with our Healsens app Privacy Notice, which describes processing in the mobile application. Where the same account or health profile is used across the app and store, we apply consistent safeguards and access controls.
We may update this policy from time to time. If we make material changes, we will notify you on the website, by email where appropriate, or through another reasonable channel. Continued use of the store after the effective date of an updated policy means you accept the revised policy, unless applicable law requires explicit consent.
Who is responsible for your data?
Unless stated otherwise, Healsens B.V. acts as the controller of personal data processed through the store. We determine why and how your data is processed, limited to operating the store, fulfilling orders, providing customer support, and improving our services.
What data we collect and why
Account and identity data
- Name, email address, and account credentials when you register or sign in.
- Authentication data processed through Auth0 when you use social login or passwordless sign-in. Auth0 may process identifiers needed for authentication and security, but not your health records.
- Profile details such as date of birth or gender when you provide them for checkout or when we retrieve them from your Healsens account to prefill forms.
Order and payment data
- Billing and delivery address, order history, product selections, and transaction references.
- Payment status and limited payment metadata processed by Stripe or other payment providers. We do not store full payment card numbers on our servers.
- Communications related to orders, refunds, or customer support.
Health-related context
Some products and assessments relate to health and wellbeing. Depending on your activity, we may process:
- Information you choose to provide when completing store assessments or quizzes.
- Identifiers that link a store purchase to a Healsens test, plan, or recommendation when you are signed in with the same account.
- Wellness-related preferences or indicators you submit in connection with a purchase or assessment flow.
We process this data to deliver the products or services you request, provide relevant information about your order, and maintain accurate records. We do not use store checkout data to make medical diagnoses.
Technical, cookie, and analytics data
- Device identifiers, browser type, IP address, pages viewed, and referral information.
- Cookie and consent preferences managed through our cookie banner and settings.
- Product analytics events (for example via PostHog and, when consented, Google Analytics 4) to understand how the store is used and to improve checkout and product flows.
- Marketing measurement tags (for example Google Ads or Meta Pixel) only when you opt in to marketing cookies.
Essential cookies and similar technologies are used to operate the cart, checkout, session, and security features. Non-essential analytics and marketing technologies are used only according to your consent choices. For details, see our Cookie Policy.
Legal bases for processing
Depending on the activity and your location, we rely on one or more of the following legal bases:
- Contract — to create and manage your account, process orders, deliver products or services, and provide support.
- Legitimate interests — to secure the store, prevent fraud, improve our services, and measure product performance in a privacy-conscious way.
- Consent — for non-essential cookies, certain marketing activities, and optional communications where required.
- Legal obligation — for tax, accounting, consumer, and regulatory requirements.
Processors and service providers
We use trusted providers to help us run the store, including:
- Auth0 — authentication and identity management. Auth0 privacy information.
- Google Cloud — hosting and infrastructure. Google Cloud privacy notice.
- Stripe — payment processing. Stripe privacy policy.
- PostHog — product analytics when enabled. PostHog privacy policy.
These providers process data on our instructions and only for the purposes described in this policy or our agreements with them.
Retention
We retain personal data for as long as needed to provide the store, fulfil orders, resolve disputes, enforce agreements, and comply with legal obligations. Account data is kept while your account remains active. Order and invoice records may be retained for statutory accounting periods. Analytics data is retained according to our analytics configuration and consent settings. When data is no longer required, we delete or anonymize it.
International transfers
Your data may be processed or stored in countries outside your own, including the United States and the European Economic Area. Where required, we use appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms.
Your privacy rights
Depending on your location, you may have the right to access, rectify, erase, restrict, or object to certain processing, to withdraw consent, and to receive a copy of your data in a portable format. You may also lodge a complaint with your local supervisory authority.
To exercise your rights, contact us at contact@healsens.com. We respond within 30 days where possible and may request information to verify your identity. You can also manage cookie preferences at any time through Cookie settings in the store footer.
Children
The store is not intended for children under 13 (or under 16 in the EU/EEA). If you believe we have collected data from a child without appropriate authorization, contact us and we will take appropriate steps to delete it.
Security
We apply technical and organizational measures to protect personal data, including access controls, encryption in transit, segregation of identity and health-related data where applicable, and staff confidentiality obligations. No method of transmission or storage is completely secure; please use a strong password and protect access to your device.
Contact
Questions about this policy or our processing practices can be sent to contact@healsens.com.
Healsens B.V.
Netherlands