Bioslllife
Privacy Policy

How we protect and handle your personal data

Effective date: . This Privacy Policy describes the data collection, processing, and protection practices of Bioslllife in accordance with the General Data Protection Regulation (GDPR), the Australian Privacy Act 1988, and applicable international privacy frameworks.

1. Introduction and Data Controller

Bioslllife ("we," "us," or "our") operates the website bioslllife.world and provides general informational content about smart grocery planning along with consulting-style educational guidance. We are committed to protecting the privacy and security of personal information entrusted to us by visitors, customers, and inquiry submitters.

The data controller responsible for your personal information is:

Bioslllife
147-189 Brisbane Rd, Biggera Waters QLD 4216, Australia
Telephone: +61 7 5529 1734
Email: hello@bioslllife.world

For any privacy-related inquiries, data subject requests, or concerns regarding this policy, please contact us using the details above. We aim to respond to all privacy inquiries within thirty calendar days.

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through our website, contact forms, email communications, consulting engagements, and any other channels operated by Bioslllife. It does not apply to third-party websites linked from our platform, which maintain their own independent privacy practices.

By accessing our website or submitting personal information through any of our channels, you acknowledge that you have read and understood this Privacy Policy. Where required by applicable law, we obtain your explicit consent before processing personal data for specific purposes.

3. Categories of Personal Data We Collect

We collect only the personal data necessary to fulfil the purposes described in this policy. The categories of data we may collect include:

3.1 Identity and Contact Data

When you complete our contact form or communicate with us directly, we may collect your full name, email address, telephone number, and any other contact details you voluntarily provide in your message.

3.2 Technical and Usage Data

When you visit our website, we automatically collect certain technical information including your IP address, browser type and version, operating system, device type, referring URL, pages viewed, time spent on pages, and the date and time of your visit. This data is collected through cookies and similar technologies as described in our Cookie Policy.

3.3 Communication Data

We retain records of correspondence when you contact us, including the content of messages, inquiry topics, and our responses. This enables us to provide consistent support and maintain an accurate record of interactions.

3.4 Transaction Data

If you purchase educational products or consulting services, we collect billing information, payment confirmation details, and records of services provided. Payment processing may be handled by third-party payment processors who operate under their own privacy policies.

4. Purposes of Data Processing and Legal Bases

We process personal data only for specified, explicit, and legitimate purposes. Under GDPR Article 6, our legal bases for processing include:

  • Consent (Article 6(1)(a)): When you submit our contact form, accept cookies, or opt in to marketing communications, you provide consent for the associated processing activities.
  • Contractual necessity (Article 6(1)(b)): Processing required to respond to your inquiries, deliver purchased services, or fulfil our obligations under agreements with you.
  • Legitimate interests (Article 6(1)(f)): Processing necessary for our legitimate business interests, such as improving website functionality, ensuring security, and analysing aggregated usage patterns, provided these interests do not override your fundamental rights.
  • Legal obligation (Article 6(1)(c)): Processing required to comply with applicable laws, regulations, court orders, or regulatory requests.

Specific purposes for which we use your data include:

  • Responding to contact form submissions and general inquiries
  • Delivering educational content and consulting-style guidance services
  • Maintaining and improving website performance and user experience
  • Conducting aggregated analytics to understand content engagement
  • Complying with legal and regulatory obligations
  • Protecting against fraud, abuse, and security threats

5. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law. Our standard retention periods are as follows:

  • Contact form submissions: Retained for twenty-four months from the date of submission, after which they are securely deleted unless an ongoing business relationship exists.
  • Customer and transaction records: Retained for seven years from the date of the last transaction to comply with Australian tax and accounting requirements.
  • Cookie and analytics data: Retained according to the periods specified in our Cookie Policy, typically between six and twenty-six months depending on cookie type.
  • Marketing consent records: Retained for the duration of the consent plus three years after withdrawal for compliance documentation.
  • Server logs and security data: Retained for ninety days unless required for an ongoing investigation or legal proceeding.

When retention periods expire, personal data is securely deleted or anonymised so that it can no longer be associated with an identifiable individual.

6. Data Sharing and Third-Party Processors

We do not sell, rent, or trade your personal data to third parties for their marketing purposes. We may share personal data with the following categories of recipients when necessary:

  • Service providers: Third-party vendors who assist with website hosting, email delivery, analytics, payment processing, and customer support. These processors act on our instructions and are bound by data processing agreements requiring appropriate security measures.
  • Legal authorities: When required by law, regulation, legal process, or enforceable governmental request.
  • Professional advisers: Lawyers, accountants, and auditors who require access to data in the course of providing professional services, subject to confidentiality obligations.

Where personal data is transferred outside the European Economic Area (EEA) or Australia, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or transfers to countries with adequacy decisions.

7. Security Measures

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Access controls limiting personal data access to authorised personnel on a need-to-know basis
  • Regular security assessments and vulnerability monitoring of our website infrastructure
  • Secure storage practices for digital records containing personal information
  • Staff training on data protection principles and incident response procedures
  • Incident response protocols for detecting, reporting, and addressing data breaches

While we strive to protect your personal data, no method of electronic transmission or storage is completely secure. We encourage you to use strong passwords and exercise caution when sharing information online.

8. Your Rights Under GDPR and Australian Privacy Law

Depending on your location and applicable law, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete personal data.
  • Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to restrict processing: Request limitation of processing in certain circumstances.
  • Right to data portability: Receive your personal data in a structured, commonly used, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: File a complaint with a supervisory authority, such as the Office of the Australian Information Commissioner (OAIC) or your local data protection authority in the EEA.

To exercise any of these rights, contact us at hello@bioslllife.world or +61 7 5529 1734. We will verify your identity before processing requests and respond within thirty days, or inform you if an extension is required.

9. Children's Privacy

Our website and services are not directed at individuals under the age of sixteen. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without appropriate parental consent, we will take steps to delete that information promptly. Parents or guardians who believe their child has provided personal data to us should contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. When material changes occur, we will update the effective date at the top of this page and, where appropriate, notify you via email or a prominent notice on our website. We encourage you to review this policy regularly to stay informed about how we protect your information.

11. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact:

Privacy Officer — Bioslllife
147-189 Brisbane Rd, Biggera Waters QLD 4216, Australia
Email: hello@bioslllife.world
Phone: +61 7 5529 1734