개인정보처리방침
Last updated: 20 October 2025
Privacy Policy explains in detail how Phenome Longevity Ltd ("Phenome Longevity", "we", "us", or "our") collects, uses, stores, and protects your personal information when you visit, use our services, or make a purchase from phenomelongevity.com (the “Site”), use our mobile application, or otherwise interact with us in connection with our products and services.
Phenome Longevity Ltd is the data controller responsible for the processing of your personal information. We are registered in England and Wales under company number 13926236 and are officially registered with the Information Commissioner’s Office (ICO) under registration number ZC006359. Our registered office is located at The Shard, 32 London Bridge Street, London, SE1 9SG, United Kingdom.
We comply fully with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all guidance issued by the Information Commissioner’s Office (ICO). All personal data is handled lawfully, fairly, transparently, and in accordance with the principles of data protection and confidentiality.
Phenome Longevity has appointed a Data Protection Officer (DPO) to oversee all matters relating to data protection and privacy compliance. You can contact our DPO at info@phenomelongevity.com.
We are committed to protecting your privacy, ensuring the security of your personal information, and being transparent about how your data is processed. We never sell, rent, or trade your personal, health, or genetic data to any third party.
1. Purpose of This Policy
This Privacy Policy describes the types of information we collect from you, how and why we use it, the circumstances under which it may be disclosed to others, and your rights in relation to your personal data. By using our website, app, or related services, you acknowledge that you have read and understood this Privacy Policy and consent to the practices described herein.
2. Information We Collect
We collect a variety of personal information in order to provide and improve our services, process orders, and meet legal and regulatory obligations. The categories of data we may collect include:
Identification and Contact Information: name, email address, phone number, and postal address.
Account and Login Information: username, password, and authentication details necessary to maintain secure access to your Phenome Longevity account.
Order and Payment Information: transaction history, billing address, payment confirmation, and shipping details. We do not store full card details; payments are securely processed by PCI DSS-compliant providers such as Stripe.
Health, Biological, and Genetic Data: information derived from your biological samples, including genomic, microbiome, or metabolomic data, and any health or lifestyle information you choose to provide. These are classified as special category data under the UK GDPR and are processed only with your explicit consent.
Technical and Usage Data: IP address, device type, browser information, operating system, app version, referral URLs, session duration, and browsing interactions.
Communication Records: correspondence you send us via email, chat, social media, or other communication channels.
App and Wearable Data: if you connect your Phenome Longevity App to Apple Health, Google Fit, or other devices, we only access and process data you explicitly authorise. You can disconnect these integrations or delete synced data at any time.
3. Legal Basis for Processing
We process your personal data under the lawful bases provided in the UK GDPR, which include:
To perform a contract (Article 6(1)(b)) — such as processing orders, analysing biological samples, and delivering reports.
To comply with legal obligations (Article 6(1)(c)) — including tax, accounting, and regulatory compliance.
To pursue legitimate interests (Article 6(1)(f)) — such as improving our products, maintaining security, and preventing fraud.
To obtain your explicit consent (Article 6(1)(a) and 9(2)(a)) — when processing genetic or microbiome data, or when sending marketing and research communications.
4. How We Use Your Personal Data
We use your personal data to provide, manage, and improve our products and services, including:
Processing orders, dispatching test kits, and providing test results and reports.
Analysing biological samples and generating personalised insights.
Creating and managing your account securely.
Providing customer support and responding to inquiries.
Improving our Site, App, and services through analytics and user feedback.
Sending marketing communications, newsletters, and service updates (only with your consent or under legitimate interest).
Conducting ethically approved research and innovation projects where you have consented.
Complying with legal obligations, including tax and audit requirements.
5. Processing of Genetic, Microbiome, and Health Data
By activating a test kit and submitting a biological sample, you give explicit consent for Phenome Longevity to process your biological material and resulting genetic or microbiome data. This information is used exclusively to perform the analysis, generate your report, and provide your personalised results.
We treat all biological and genetic information as strictly confidential. It is never shared with employers, insurers, or any unauthorised third parties. If you provide additional consent for scientific research, your data will be pseudonymised and used for ethically approved studies that contribute to advancements in genomics, systems biology, longevity, and preventive health.
You may withdraw your consent for research or testing at any time by contacting info@phenomelongevity.com, without affecting the lawfulness of processing already carried out.
6. Automated Processing and Profiling
We use algorithmic models and artificial intelligence systems to analyse biological and behavioural data in order to produce personalised longevity insights and recommendations. These automated analyses are intended to provide information and guidance only; they do not make legally binding or similarly significant decisions. You may request human review or object to automated profiling at any time.
7. Accuracy and Responsibility
You are responsible for providing accurate, complete, and up-to-date information. Providing incorrect data may impact the quality of your results or delay processing. You can review and update your personal details at any time through your account settings or by contacting us directly.
8. How We Process Data
We process your information using secure manual and electronic systems designed to maintain the highest levels of confidentiality and integrity. All data processing adheres to the principles of fairness, transparency, data minimisation, purpose limitation, accuracy, and accountability under the UK GDPR and ICO guidance. Only authorised personnel trained in data protection have access to your information, and all employees are bound by confidentiality agreements.
9. Data Sharing and Third Parties
We may share personal data with trusted service providers and partners who perform essential functions on our behalf, including:
Accredited laboratories and diagnostic facilities conducting sample analysis.
Clinicians and scientific advisors offering consultations or data interpretation.
Payment processors such as Stripe and PayPal.
Couriers and postal services such as Royal Mail and DHL.
Technology providers including Shopify, AWS, and other infrastructure partners.
Marketing and analytics providers supporting customer engagement and insights.
Professional advisers such as auditors, accountants, and legal counsel.
All partners operate under strict contractual agreements and are required to comply with Article 28 of the UK GDPR, ensuring equivalent security and confidentiality standards. You may request a list of authorised data processors by contacting info@phenomelongevity.com.
10. International Transfers
In some cases, your personal data may be transferred to service providers outside the UK or EEA. Such transfers are carried out only under legally recognised safeguards such as adequacy regulations, the UK Addendum to the EU Standard Contractual Clauses, or other approved transfer mechanisms. You may obtain further details of these safeguards from our DPO.
11. Data Retention and Sample Destruction
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected or to comply with legal, contractual, and quality requirements.
Orders, billing, and accounting information are retained for six years.
Customer accounts are anonymised or deleted after twenty-four months of inactivity.
Laboratory and analytical data are stored for five years for quality assurance and audit purposes.
Support inquiries are retained for twelve months after resolution.
Research data are retained while scientifically relevant or until consent is withdrawn.
All biological samples are securely destroyed once analysis is complete unless you have provided consent for further testing or scientific research. Destruction follows internationally recognised laboratory standards, including ISO 15189 and ISO 20387.
12. Unreadable or Failed Samples
If a laboratory is unable to process your sample due to insufficient material, contamination, or technical limitations, Phenome Longevity will provide one replacement kit at no additional cost. If the second sample cannot be processed for reasons beyond our control, we will discuss alternative options, which may include a refund or a reissue.
13. Data Security
We apply robust administrative, technical, and physical safeguards to protect your data, including encryption in transit and at rest, access control, firewalls, multi-factor authentication, secure data centres, and regular vulnerability testing. All payment information is processed through PCI DSS-certified providers. While no system is entirely risk-free, we maintain continuous monitoring to detect and respond to potential threats promptly. In the unlikely event of a data breach, we will notify you and the ICO without undue delay.
14. Your Rights
Under the UK GDPR and the Data Protection Act 2018, you have the right to:
Access the personal data we hold about you.
Request the correction of inaccurate or incomplete information.
Request the deletion of data that is no longer necessary for processing.
Restrict or object to processing in certain circumstances.
Request a copy of your data in a structured, machine-readable format.
Withdraw your consent at any time where processing is based on consent.
To exercise any of these rights, please contact info@phenomelongevity.com. We may request proof of identity before fulfilling your request to ensure your data remains protected.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection authority. You can contact the ICO through their website at www.ico.org.uk or by phone at 0303 123 1113.
15. Children’s Data
Our services are intended for adults aged 18 and above. We do not knowingly collect or process personal data from minors. If we become aware that data have been collected from a child, we will delete it immediately.
16. Research and Innovation
Phenome Longevity may conduct internal or collaborative research using pseudonymised data from consenting participants to support innovation in personalised health, longevity science, and preventive care. All research activities are carried out in accordance with the UK GDPR, ICO guidance, and ethical research standards. Participation in research is entirely voluntary and can be withdrawn at any time.
17. Regulatory Compliance and ICO Oversight
Phenome Longevity is registered with the Information Commissioner’s Office (ICO) under registration number ZC006359. We are committed to maintaining the highest standards of privacy and compliance as outlined by the UK GDPR, the Data Protection Act 2018, and all applicable ICO requirements. Our data protection framework is reviewed regularly to ensure full compliance with evolving laws and best practices.
18. Updates to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our operations, services, or legal requirements. The effective date at the top of this document indicates the latest version. Significant updates will be communicated to you via email or through our website or app.
19. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our Data Protection Officer:
Phenome Longevity Ltd
The Shard, 32 London Bridge Street, London, SE1 9SG, United Kingdom
Email: info@phenomelongevity.com
Phenome Longevity Ltd acts as the data controller for all personal information collected and processed under this Privacy Policy and operates in full compliance with the UK GDPR, the Data Protection Act 2018, and the guidance and oversight of the Information Commissioner’s Office (ICO) under registration number ZC006359.