Legal

Privacy Policy

Effective date: March 2026

BioStrategy (“we”, “our”, or “us”) is committed to protecting your personal and health data. This Privacy Policy explains what data we collect, how we use it, and what rights you have as a client of our health optimization platform. By using our services, you agree to the practices described herein.

1. What Data We Collect

Health & Biometric Data

We collect health and biometric data to provide our coaching services. This includes data from wearable devices (heart rate, HRV, sleep stages, activity levels, SpO₂), continuous glucose monitor (CGM) readings, blood biomarkers and laboratory test results, body composition measurements, and recovery metrics.

Personal Information

We collect personal information you provide directly, including your name, email address, phone number, date of birth, and billing information. We also collect lifestyle data such as nutrition habits, training history, stress levels, and health goals shared during onboarding and coaching sessions.

Usage Data

We automatically collect certain technical information when you use our platform, including IP address, browser type, pages visited, and timestamps. This data is used solely for platform security and performance purposes.

2. How We Use Your Data

Personalized Coaching

Your health and biometric data is the foundation of everything we do. We use it to build your individual baseline, design a personalized health optimization strategy, identify patterns and trends in your performance, and provide actionable recommendations from your coach.

AI Analysis & Reporting

Aggregated biometric data is processed by our analytical systems to generate automated health reports, alerts, and trend visualizations. This analysis is always reviewed and contextualized by your human coach.

Service Improvement

We may use anonymized, aggregated data to improve our platform, refine our analytical models, and develop better coaching methodologies. This data cannot be linked back to any individual client.

Communication

We use your contact information to deliver coaching reports, schedule sessions, send service updates, and respond to your inquiries. We do not send unsolicited marketing communications without your explicit consent.

3. Third-Party Sharing

Wearable & Device Partners

BioStrategy integrates with third-party platforms including Garmin, WHOOP, and Oura to retrieve your biometric data. Data is accessed solely through your authorized connection and is used only to provide our coaching service. We do not sell or share your data with these partners beyond what is required for integration.

No Sale of Personal Data

We do not sell, rent, or trade your personal or health data to any third party. Full stop.

Service Providers

We may share limited data with trusted service providers (e.g., cloud infrastructure, payment processors) who assist in operating our platform. All such providers are contractually bound to process your data only as directed by BioStrategy and in compliance with applicable privacy laws.

Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect the rights, property, or safety of BioStrategy, our clients, or others.

4. Data Security

Technical Safeguards

We implement industry-standard security measures to protect your data, including end-to-end encryption for data in transit (TLS 1.3), encryption at rest for all stored health data, strict access controls limiting data access to authorized personnel only, and regular security audits.

Data Retention

We retain your personal and health data for the duration of your engagement with BioStrategy and for a period of 3 years thereafter, unless you request earlier deletion. After this period, data is securely destroyed.

Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify you and relevant authorities within 72 hours of becoming aware of the incident, as required by applicable law.

5. Your Rights

Access

You have the right to request a copy of all personal and health data we hold about you at any time. We will provide this within 30 days of your request.

Correction

You may request correction of any inaccurate or incomplete data we hold about you.

Deletion

You have the right to request deletion of your personal data. Upon termination of your coaching relationship, you may request complete erasure of your data from our systems. Note that we may retain certain anonymized records for legal compliance purposes.

Portability

You may request your data in a structured, machine-readable format to transfer to another service provider.

Withdraw Consent

Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing prior to the withdrawal.

6. Contact Us

Privacy Inquiries

For any questions, requests, or concerns regarding this Privacy Policy or your personal data, please contact us at:

Email: jkbnsk@gmail.com

Location: Prague, Czech Republic

We aim to respond to all privacy-related requests within 30 days.

This policy may be updated periodically. We will notify active clients of any material changes via email. Last updated: March 2026.