BioLoop
Get Started

Privacy Policy

Last updated: April 9, 2026

This policy is provided as a structured draft for your product. Have qualified legal counsel review and replace any sections before relying on it for compliance (including HIPAA, state privacy laws, or GDPR where applicable).

Who we are

BioLoop operates the website and services described at our site (collectively, the "Services"). For privacy requests, contact privacy@bioloop.com.

Information we collect

  • Account data: name, email, authentication identifiers, and profile preferences you provide.
  • Order and logistics: shipping address, kit and supplement fulfillment details, payment status (payment card data is processed by our payment processor—we do not store full card numbers).
  • Health-related information you choose to share: quiz responses, lab results obtained through our lab partners or uploads, supplement protocols, and messages you send to in-product features such as the AI coach.
  • Technical data: device/browser type, IP address, and usage information collected through cookies or similar technologies where enabled.

How we use information

We use information to:

  • Provide, maintain, and improve the Services, including personalized protocols and quarterly workflows.
  • Process orders, subscriptions, and customer support requests.
  • Send service-related messages and, where permitted, marketing (you may opt out of marketing as described below).
  • Operate AI-powered features only as disclosed in-product and subject to your settings and applicable terms.
  • Detect abuse, protect security, and comply with legal obligations.

How we share information

We share information with service providers that help us run the Services (for example: hosting, database, email delivery, payments, lab integrations, and AI inference). Those providers are permitted to use data only to perform services for us and under appropriate contractual terms. We may disclose information if required by law or to protect rights, safety, and security. A high-level subprocessor inventory is maintained for internal security review; counsel may publish an updated list here for transparency.

Retention

We retain information for as long as needed to provide the Services, comply with law, resolve disputes, and enforce agreements. Retention periods may differ by data category; specifics should be finalized with counsel.

Security

We use administrative, technical, and organizational measures designed to protect information, including encryption in transit and access controls. No method of transmission or storage is completely secure.

Your choices and rights

Depending on your location, you may have rights to access, correct, delete, export, or restrict certain processing of your information, and to object to or opt out of certain uses (including targeted advertising where applicable). To exercise rights, contact privacy@bioloop.com. You may unsubscribe from marketing emails using the link in those emails.

Children

The Services are not directed to children under 13 (or the minimum age in your jurisdiction). Do not provide PHI for minors without appropriate authorization as required by law.

International transfers

If you access the Services from outside the United States, your information may be processed in the United States or other countries. Counsel should add Standard Contractual Clauses or other mechanisms as needed.

Changes

We may update this policy from time to time. We will post the updated version and revise the "Last updated" date.