Privacy Policy — BeyondHealth.global

Contents

Who We Are
Data We Collect
Purpose of Processing
Legal Basis
Data Retention
Your Rights
Third-Party Services
Cookies
Data Security
Contact

Who We Are

BeyondHealth.global ("we", "us", "our") is an independent educational health information and consultation platform. We provide informational resources, educational content, and personal consultation services relating to biological balance, biomarkers, and general wellness.

We are the data controller for personal data collected through this website. Our contact details are provided in Section 10 of this Policy.

Important notice: The content on this website is for informational and educational purposes only. It does not constitute medical advice, diagnosis, or treatment. Always consult a qualified healthcare professional for personal medical guidance.

Data We Collect

We collect only the personal data that is necessary to provide our services and communicate with you effectively. The categories of data we may collect include:

Category	Data Points	How Collected
Identity	First name, last name	Contact or booking forms
Contact	Email address, phone number (optional)	Contact or booking forms
Booking	Appointment date, time, consultation type	Online scheduling tool
Communication	Messages, questions submitted via forms	Contact forms
Technical	IP address, browser type, pages visited, session duration	Automatically via cookies / analytics

We do not collect sensitive health data (special category data under GDPR) through this website. Any health-related discussions during consultations are handled with strict confidentiality and under applicable professional obligations.

Purpose of Processing

We process your personal data for the following specific purposes:

Consultation services — to schedule, manage, and follow up on personal consultation appointments
Communication — to respond to enquiries submitted through our contact forms
Educational content delivery — to send newsletters or informational materials where you have given explicit consent
Website analytics — to understand how visitors use our site, enabling us to improve content and functionality
Legal compliance — to meet our obligations under applicable law

We will not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

Legal Basis for Processing

We process your personal data only when we have a lawful basis to do so under the EU General Data Protection Regulation (GDPR). The applicable legal bases are:

Consent (Art. 6(1)(a) GDPR) — for marketing communications and non-essential cookies, where you have explicitly opted in
Contract performance (Art. 6(1)(b) GDPR) — to fulfil our consultation services when you book an appointment
Legitimate interests (Art. 6(1)(f) GDPR) — for website analytics and security, where our interests do not override your fundamental rights
Legal obligation (Art. 6(1)(c) GDPR) — where processing is required to comply with applicable law

Where we rely on consent, you have the right to withdraw it at any time without affecting the lawfulness of prior processing.

Data Retention

We retain personal data only for as long as is necessary for the purpose for which it was collected, and in accordance with applicable legal requirements.

Data Type	Retention Period
Consultation booking records	5 years from date of appointment
Email correspondence	3 years from last contact
Newsletter subscribers	Until withdrawal of consent
Analytics data	Up to 26 months (aggregated / anonymised)
Legal records	As required by applicable law (typically 5–8 years)

Upon expiry of the applicable retention period, personal data is securely deleted or anonymised.

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights regarding your personal data:

Right of access — to obtain a copy of the personal data we hold about you
Right to rectification — to have inaccurate or incomplete data corrected
Right to erasure — to request deletion of your data ("right to be forgotten") where legally permissible
Right to restriction — to request that we limit how we process your data in certain circumstances
Right to data portability — to receive your data in a structured, machine-readable format
Right to object — to object to processing based on legitimate interests or for direct marketing purposes
Right to withdraw consent — at any time, without affecting prior lawful processing

To exercise any of these rights, please contact us using the details in Section 10. We will respond within 30 days. You also have the right to lodge a complaint with your national supervisory authority. In Hungary, this is the Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH).

Third-Party Services

Certain information presented on this website may refer to services, tests, or products offered by independent third-party providers. BeyondHealth.global does not own, operate, or control these providers and is not responsible for their data practices.

Where we use third-party tools to operate our website (such as scheduling software, email platforms, or analytics services), we select only GDPR-compliant providers and ensure appropriate data processing agreements are in place.

Third-party providers who may process your data in connection with our services include:

Online appointment scheduling and calendar platforms
Email communication and newsletter services
Website analytics providers (anonymised/aggregated data)
Cloud infrastructure and hosting services

We do not sell your personal data to third parties. We do not share your data with external parties for their own marketing purposes.

Cookies

We use cookies and similar tracking technologies on our website. Cookies are small text files stored on your device that help us provide and improve our services.

For full details on the cookies we use, their purpose, and how to manage your preferences, please refer to our Cookie Policy.

In summary, we use:

Essential cookies — necessary for the website to function; cannot be disabled
Analytics cookies — help us understand usage patterns; require your consent
Preference cookies — remember your settings and language preferences

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or alteration. These measures include:

Encrypted data transmission (HTTPS/TLS)
Access controls and authentication for internal systems
Regular review of our security practices and data handling procedures
Limited access to personal data on a need-to-know basis

While we strive to protect your data, no method of transmission over the Internet is entirely secure. In the event of a personal data breach that poses a risk to your rights, we will notify you and the relevant supervisory authority as required by GDPR.

Contact Us

If you have any questions, requests, or concerns regarding this Privacy Policy or the way we handle your personal data, please contact us:

BeyondHealth.global
Email: privacy@beyondhealth.global
Website: beyondhealth.global

This Policy may be updated from time to time to reflect changes in our practices or legal requirements. We encourage you to review it periodically. Material changes will be communicated via a notice on our website.