Bioalivewipe (“we”, “us”, “the studio”) respects your privacy and is committed to handling personal data lawfully, fairly, and transparently. This Privacy Policy describes our practices for the website at the domain bioalivewipe.world and any messages you send to us. It is written to align with the EU General Data Protection Regulation (GDPR), the Dutch implementing legislation, and other applicable data protection laws.
The studio publishes general informational and educational content about active breaks for remote and hybrid workers. We do not provide medical, clinical, or therapeutic services, and we do not process special categories of data for those purposes.
1. Who we are (data controller)
The data controller responsible for the personal data described in this policy is:
- Name: Bioalivewipe
- Address: Hullenbergweg 1, 1101 BT Amsterdam, Netherlands
- Phone: +31 20 721 2200
- Email: inquiry@bioalivewipe.world
- Contact form: available on our Contact page
If you have any question about this policy or about how we handle your data, you can reach us using the details above. Where required, the relevant supervisory authority in the Netherlands is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority).
2. Scope of this policy
This policy applies to personal data we process through this website, including the contact form, and through any email correspondence that follows. It does not apply to third-party websites that we may link to; those websites operate under their own policies, which we encourage you to read.
3. Personal data we collect
We aim to collect as little personal data as possible. The categories of data we may process are described below.
3.1 Data you provide directly
When you complete the contact form or write to us, we process the information you choose to share, which typically includes:
- Name — so we can address our reply to you;
- Email address — so we can respond to your enquiry;
- Message content — the details you decide to include.
Please send only the information necessary for your enquiry. We ask that you do not include sensitive details, such as information about your health, in your message.
3.2 Data collected automatically
Like most websites, our hosting environment may record limited technical information for security and reliability, such as the approximate date and time of a request and basic server log data. Where cookies are used for analytics or marketing, they are only set after you give consent through our cookie banner. See our Cookie Policy for full details.
3.3 Consent records
When you set your cookie preferences, we store a small record of your choice on your device so that we can respect it on future visits. This record does not identify you personally.
4. Purposes and legal bases for processing
We process personal data only where we have a lawful basis to do so under Article 6 of the GDPR. The table below summarises the main activities.
| Purpose | Data used | Legal basis |
|---|---|---|
| Responding to your enquiry | Name, email, message | Consent and/or our legitimate interest in answering messages addressed to us |
| Keeping the website secure and available | Technical log data | Legitimate interest in protecting our service |
| Optional analytics and marketing measurement | Cookie and usage data | Your consent |
| Meeting legal obligations | Relevant records | Compliance with a legal obligation |
Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
5. Sharing your data and our processors
We do not sell personal data, and we do not share it for third-party advertising. We may rely on carefully selected service providers (processors) who act only on our documented instructions, for example:
- a hosting provider that operates the servers for this website;
- an email provider used to receive and reply to your messages;
- where you consent, an analytics provider that helps us understand how content is read.
Each processor is bound by a contract that requires appropriate confidentiality and security measures. We may also disclose data where we are legally required to do so by a competent authority.
6. International data transfers
We aim to keep personal data within the European Economic Area (EEA). If a processor stores or accesses data outside the EEA, we take steps to ensure an adequate level of protection, for example through an adequacy decision of the European Commission or by using Standard Contractual Clauses together with any additional safeguards required.
7. How long we keep data
We keep personal data only for as long as necessary for the purposes described in this policy.
- Enquiry correspondence: retained for up to 24 months after our last contact, so we can follow up on related questions, then deleted or anonymised.
- Technical logs: typically retained for a short period for security purposes before being overwritten.
- Cookie consent records: stored on your device until they expire or you clear them.
Where a longer retention period is required by law, we will keep the relevant data for that period and then delete it.
8. How we protect data
We apply appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or loss. These measures include serving the website over encrypted HTTPS connections, limiting access to messages to those who need it, and reviewing our providers’ security practices. While no method of transmission or storage is completely secure, we work to maintain protections that are proportionate to the limited data we handle.
9. Your rights
Subject to the conditions in the GDPR, you have the right to:
- Access — request a copy of the personal data we hold about you;
- Rectification — ask us to correct inaccurate or incomplete data;
- Erasure — ask us to delete your data in certain circumstances;
- Restriction — ask us to limit processing in certain circumstances;
- Objection — object to processing based on legitimate interests;
- Portability — receive certain data in a portable format;
- Withdraw consent — where processing is based on consent.
To exercise any of these rights, please contact us using the details in section 1. We will respond within the timeframe required by law, normally within one month. You also have the right to lodge a complaint with a supervisory authority, in particular the Autoriteit Persoonsgegevens in the Netherlands.
10. Children
This website and its content are intended for adults in a working context. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can remove it.
11. Changes to this policy
We may update this policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will update the “last updated” date at the top of this page. We encourage you to review this policy periodically.
12. How to contact us
If you have questions, requests, or concerns about this Privacy Policy or your personal data, please use the form on our Contact page or write to us at Hullenbergweg 1, 1101 BT Amsterdam, Netherlands. We will be glad to help.
This document is provided for general information and transparency. It is not legal advice. For advice about your specific situation, please consult a qualified professional.