Privacy Policy - geneticbeautylab.com

GENETIC BEAUTY LAB

Privacy Policy

Version 2.0
Last Updated: 23 May 2026
IMPORTANT: This Privacy Policy explains how Genetic Beauty Lab collects, uses, stores, protects, and processes your personal data.
By using our website or services, you confirm that you have read and understood this Privacy Policy.
In this Policy, references to “Genetic Beauty Lab”, “we”, “us”, or “our” refer to Genetic Beauty Lab, a trading name of Biovance Group Ltd.

1. Who We Are
Genetic Beauty Lab is a trading name of Biovance Group Ltd, a company registered in England and Wales.
Company Number: 17135820
Email: geneticbeautylab@gmail.com
Website: www.geneticbeautylab.com
For the purposes of UK data protection law, Genetic Beauty Lab acts as the Data Controller in relation to your personal data.
Our services are intended for UK residents only.

2. ICO Registration
Genetic Beauty Lab intends to maintain registration with the Information Commissioner’s Office (“ICO”) where required under applicable UK data protection law.
You have the right to lodge a complaint with the ICO if you believe your personal data has been handled unlawfully.
Website: www.ico.org.uk
Telephone: 0303 123 1113

3. Personal Data We Collect
We may collect and process the following categories of personal data.
3.1 Identity & Contact Information
full name;
email address;
telephone number;
date of birth;
age;
gender;
delivery address.
3.2 Financial Information
Payment details are processed securely by third-party payment providers.
We do not store full payment card information.
3.3 Special Category Data
Certain information processed by us may constitute special category personal data under UK GDPR.
This may include:
DNA-related wellness reports;
biological age reports;
hormone-related wellness reports;
allergy-related wellness reports;
consultation notes;
lifestyle information voluntarily shared by you;
wellness-related information discussed during consultations.
We process this information only where legally permitted and, where required, on the basis of your explicit consent.
3.4 Communications Data
We may retain records of:
emails;
booking correspondence;
customer support enquiries;
consultation scheduling communications;
marketing preferences.
3.5 Technical Data
We may collect limited website usage information including:
IP address;
browser type;
device information;
website pages visited;
analytics and cookie data.

4. How We Collect Your Data
We collect personal data:
directly from you when you contact us or purchase services;
during consultations;
through website forms;
through booking systems;
from third-party testing providers where relevant to delivering your service;
automatically through cookies and analytics technologies.

5. Lawful Basis for Processing
Under UK GDPR, we rely on the following lawful bases.
5.1 Contractual Necessity
We process certain personal data to:
fulfil your order;
arrange testing;
communicate with you;
deliver consultations;
provide wellness services.
5.2 Explicit Consent
Where required by law, we process special category data based on your explicit consent.
You may withdraw consent at any time, although this may affect our ability to provide services.
5.3 Legal Obligations
We may retain certain financial and transaction records where required by law, including HMRC obligations.
5.4 Legitimate Interests
We may process limited data where reasonably necessary for:
improving our services;
responding to enquiries;
protecting our business;
website administration;
fraud prevention;
customer support.
We do not use automated decision-making or profiling which produces legal or similarly significant effects.

6. How We Use Your Information
We may use your personal data to:
process orders;
arrange test kit delivery;
communicate consultation details;
deliver wellness consultations;
provide wellness reports and recommendations;
send PDF wellness plans;
send follow-up communications;
respond to enquiries;
improve our services;
maintain internal records;
comply with legal obligations.

7. Marketing Communications
Where you provide consent, we may use your email address and contact details to send:
newsletters;
wellness updates;
skincare content;
educational content;
promotions;
offers;
service announcements;
product updates;
marketing communications.
Marketing communications will only be sent where:
you have actively opted in;
we are otherwise legally permitted to contact you under applicable law.
You may unsubscribe or withdraw marketing consent at any time by:
clicking the unsubscribe link within emails;
contacting us directly.
We will never sell your personal data to advertisers or unrelated third parties.

8. Special Category Data Safeguards
We recognise that wellness, genetic, and consultation-related information may constitute sensitive personal data.
Accordingly:
access to sensitive information is restricted;
we aim to minimise data retention wherever possible;
data is stored securely;
data is only used for legitimate operational purposes;
sensitive data is not publicly disclosed;
we do not sell genetic or wellness data.

9. Third-Party Providers
We may share limited personal data with trusted third-party providers where necessary to operate our services.
9.1 Testing Providers
Third-party testing providers may receive information necessary to:
dispatch testing kits;
process samples;
generate reports.
Third-party laboratories act independently in relation to their own laboratory processing activities.
9.2 Payment Providers
Payments are processed by secure third-party payment processors.
9.3 Email & Communication Platforms
We may use third-party communication platforms to:
send service communications;
deliver reports;
send newsletters and marketing communications;
manage bookings.
9.4 Legal & Regulatory Disclosure
We may disclose personal data where required:
by law;
by court order;
by regulatory authorities;
to protect legal rights or safety.

10. Data Retention
We retain personal data only for as long as reasonably necessary.
Typical retention periods include:
Data Type
Retention Period
Contact information
Duration of service + up to 12 months
Consultation notes
Up to 12 months
Financial records
Up to 7 years where legally required
Marketing preferences
Until unsubscribed or withdrawn
Website analytics
Varies depending on analytics provider
We may securely delete or anonymise data earlier where appropriate.

11. Your Rights Under UK GDPR
Under UK GDPR, you may have the right to:
access your personal data;
request correction of inaccurate information;
request deletion of your data;
restrict processing;
object to certain processing;
withdraw consent;
request data portability;
complain to the ICO.
Requests may be submitted by contacting us using the details within this Policy.

12. Data Security
We take reasonable technical and organisational measures to protect personal data.
These measures may include:
password-protected systems;
restricted access controls;
secure email systems;
encrypted services where available;
secure deletion procedures.
However, no internet transmission or electronic storage system can ever be guaranteed completely secure.
By using our services, you acknowledge the inherent risks associated with online communications and electronic data transmission.

13. International Transfers
We aim to keep personal data within the United Kingdom and European Economic Area wherever reasonably possible.
Where international transfers occur, we will seek to ensure appropriate safeguards are in place in accordance with UK GDPR.

14. Cookies & Website Tracking
Our website may use:
cookies;
analytics tools;
tracking technologies.
These technologies help us:
improve website functionality;
understand website usage;
improve user experience;
measure marketing performance.
Where legally required, we will request consent before placing non-essential cookies.
A separate Cookie Policy may also be published on our website.

15. Children’s Data
Our services are intended for adults aged 18 and over only.
We do not knowingly collect data from minors.
If we become aware that data relating to a person under 18 has been collected, we will seek to delete it promptly.

16. Third-Party Websites
Our website or communications may contain links to third-party websites.
We are not responsible for the privacy practices, content, or security of third-party websites.
You should review their privacy policies independently.

17. Changes to This Policy
We may update this Privacy Policy periodically.
Updated versions will be published on our website with a revised effective date.
Continued use of our services following changes constitutes acceptance of the updated Policy.

18. Contact Us
If you have questions regarding this Privacy Policy or your personal data, please contact us.
Genetic Beauty Lab
A trading name of Biovance Group Ltd
Company Number: 17135820
Email: geneticbeautylab@gmail.com
Website: www.geneticbeautylab.com

19. Complaints
If you are dissatisfied with how we handle personal data, we encourage you to contact us first so we can attempt to resolve the issue.
You also have the right to lodge a complaint with the Information Commissioner’s Office.
Website: www.ico.org.uk
Telephone: 0303 123 1113

Genetic Beauty Lab
Personalised Wellness, Rooted in Science

Important Note
This Privacy Policy is drafted for a wellness consultancy model and is intended to support compliance with UK GDPR principles.
However, data protection obligations vary depending on operational practices, software providers, marketing systems, payment processors, and evolving legal requirements.
We strongly recommend obtaining professional legal and GDPR review before launch or commercial scaling.