Privacy Policy

This Personal Data Protection Policy (the “Privacy Policy”) describes the manner in which Macromo s.r.o., with its office at Českomoravská 2408/1a, Libeň, 190 00 Prague 9, Czech Republic, Company ID No.: 14031493, registered in the Commercial Register maintained by the Municipal Court in Prague, File No. C 359192 (“Macromo” or “we”) collects, processes, and protects your personal data. Macromo undertakes to protect your personal data in accordance with applicable data protection laws and regulations, such as Regulation (EU) 2016/679 of the European Parliament and of the Council – General Data Protection Regulation (the “GDPR”).

This Privacy Policy applies to the processing of personal data across all services, applications, and websites operated by Macromo that display or link to this Privacy Policy. It applies to the processing of personal data of website visitors, users of our services, and individuals who contact us through our website or other channels. This Privacy Policy applies when Macromo acts as a data controller.

For the purposes of this Privacy Policy, “Application” means the application through which Macromo offers and makes available its services. For information about our services, please refer to our Terms and Conditions.

What data do we process?

When you create an account with Macromo, visit our website, order goods or services from our e-shop, or subscribe to our newsletter, we may process the following categories of personal data:

● identification data,, e.g. first name, last name, nickname, date of birth;

● contact details, e.g.. address, phone number, email;

● health and genetic data, e.g. information about your DNA, blood markers, or health condition, data revealing your racial or ethnic origin;

● records of mutual communication, e.g. chat messages, emails, written correspondence, records of phone calls and records of other communication made through different channels;

● service usage data, e.g. information about your behavior on the website, interactions with the Application;

● information about your preferences, e.g. whether you have subscribed to the newsletter;

● other data necessary for the performance of a contract, e.g. payment details;

● any other information you choose to share with us.

We obtain most personal data directly from you – whether by filling out relevant forms or contractual documents, connect your wearables to the Application (e.g. Apple Watch, Oura Ring, etc.) or sharing data in anyother form (e.g. providing a sample or uploading an analysis report to the Application, etc.).

We also process personal data obtained from a third-party laboratory that analyses the biological sample you provide, based on your consent to the transfer of such data from the laboratory.

Why do we process your data and for how long?

We process your personal data for the following purposes:

a) Registration and maintenance of user account

When you create an account with Macromo, we process the data necessary to create your account, such as your identification and contact data.

By creating an account, you enter into a contractual relationship with Macromo. The legal basis for the processing of this personal data is the performance of a contract or pre-contractual relationship within the meaning of Article 6(1)(b) GDPR.

We will process this data for the duration of your registration. You can request the deletion of your account at any time.

b) Provision of services within the Application

To provide our services within the Application, we process personal data necessary for the performance of a contract, e.g. data required to process your order, which may include your contact, identification, and payment details. The legal basis for the processing of this personal data is the performance of a contract or pre-contractual relationship within the meaning of Article 6(1)(b) GDPR. We will process this data for the duration of the provision of our services.

Our services may involve the processing of health and genetic data. This data constitutes a special category of personal data within the meaning of Article 9(1) GDPR, and we therefore process it on the legal basis of your explicit consent pursuant to Article 9(2)(a) GDPR, which you grant us in the process of creating an Account. We will process this data for the duration of the provision of our services or until you withdraw your consent.

c) Sending of news about the Application and our services and their updates

Macromo may use your data for marketing purposes, i.e. if you subscribe to our newsletter or other marketing communications. This communication is carried out in accordance with the applicable legal regulations.

We will only send you marketing messages:

● if you have granted us your consent pursuant to Article 6(1)(a) GDPR; or

● based on our legitimate interest pursuant to Article 6(1)(f) GDPR if you have already purchased something from us and have not opted out of receiving such communication.

We will process this data until you unsubscribe or withdraw your consent, or for as long as our legitimate interest applies, unless you object to the processing earlier.. After that, we retain only the minimal information necessary to ensure that no further communication is sent.

d) Protection of our rights

We may also process your personal data when necessary to protect our legal claims and to ensure the proper safeguarding and effective exercise of our rights and entitlements.

This is based on our legitimate interest pursuant to Article 6(1)()f) GDPR.

We will process this data for the duration of the applicable limitation period, including the period covering any suspension or interruption thereof, which is typically not more than 15 years, plus one year in case of potential disputes or legal claims.

e) Ensuring the quality of services, creation of analyses, surveys, and statistics

We may also process your personal data to ensure the quality of our services and to create analyses, surveys, and statistics based on our legitimate interest in safeguarding and effectively exercising our rights and claims pursuant to Article 6(1)(f) GDPR.

We will process this data for the duration of the applicable limitation period, including the period covering any suspension or interruption thereof, which is typically not more than 15 years, plus one year in case of potential disputes or legal claims.

f) Compliance with our legal obligations

In certain cases, we are legally required to process your personal data – for example, under tax and accounting laws, or when specific data must be provided to public authorities by law. This means that we may process your personal data to ensure compliance with these obligations. The legal basis for processing such personal data is compliance with our legal obligations under Article 6(1)(b) GDPR.

We will process this data for the period stipulated by the relevant laws.

Cookies and other monitoring technologies on our website

Our website uses cookies to collect information about persons who visit our website. Cookies are small encrypted text files that are stored on your computer or other device. Cookies help us operate our website and provide important features and functionality on our website. They help us understand how our website is used. At the same time, we use cookies for statistical and analytical purposes, for example, to track and monitor from which country, what website, and how they were used to visit our website, as well as to enable personalization.

We use the following types of cookies:

(i) essential (strictly necessary) cookies that are necessary to provide access to our website and to provide the services you have specifically requested, to enable basic website functions such as tagging your data inputs, network management, and accessibility; (if these cookies are disabled, our website may not function properly);

(ii) analytic (performance) cookies help us analyse how you move around our website and what content is relevant to our users. Based on this, we are able to track user navigation on our website/application (we track automated events, custom events, and event logging and store them in a real-time database). Analytic and performance cookies are also used to measure and improve performance.

(iii) Functional cookies allow us to remember choices you have made in the past, such as what language and currency you prefer, remember your name and email, and automatically fill out forms and allow for personalization, such as live chats, videos and the use of social media such as Smartlook, Microsoft Clarity;

(iv) advertising cookies that help deliver tailored and personalized advertising, such as Google Analytics, Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, TikTok Pixel and UET Tag.

We may collect the following information through cookies: IP address, gender, time zone, browser settings, operating system, website traffic information including URL, searched terms, information about what you have viewed or searched for on our website, website response time, download errors, length of visits to certain pages, information about how you interact with the website (such as scrolling, clicking and hovering).

When you visit our website, you will be informed via the cookie banner located on the website that we collect cookies. This banner allows you to manage what cookies Macromo can collect. You can change your settings and withdraw your consent at any time via the privacy settings at the bottom of our website.

If we store data or access data already stored on your end device, such as a computer or mobile device, for analytical, functional, or advertising purposes, we do so only with your consent within the meaning of Article 6(1)(a) GDPR.

When collecting essential cookies, the legal basis for processing these data is a legitimate interest within the meaning of Article 6(1)(f) GDPR. It is not possible to disable these cookies through your privacy settings as our website may not function properly if you disable this type of cookies, however, if you still wish to do so, you can follow the instructions below under Blocking the cookies.

If you do not want us to use cookies, you can withdraw your consent for each type of cookie or re-grant it at any time after you have given it on the page dedicated to managing the cookie consent, which is available through the cookie icon.

Blocking the cookies

If you do not want cookies to be collected, you can restrict, block or delete them at any time by adjusting your browser configuration. Although each browser has different parameters, the configuration of cookies can usually be found in the “Preferences” or “Tools” menu. If you disable cookies, the functionality of our website may be limited (in the case of essential cookies, you may not be able to access our website).

If you wish to prevent the installation of new cookies or if you wish to delete existing cookies, you can find instructions at the links below. The exact procedure depends on the browser you are using:

Internet Explorer: here

Firefox: here and here

Google Chrome: here

Safari: here

For mobile devices, you can limit tracking through your device’s privacy settings (by turning off the advertising identifier), see https://www.networkadvertising.org/mobile-choice/.

In addition, you can use a third-party tool to opt out of targeted advertising. Available third-party opt-out tools include:

● Digital Advertising Alliance;

● Network Advertising Initiative; and

● European Interactive Digital Advertising Alliance (Europe only).

To opt out of receiving cross-device web advertising (i.e., tracking a user across devices), you can access your device settings or visit and use the controls described on NAI Mobile Choices.

Who processes your personal data and to whom do we transfer it?

All the above-mentioned personal data are processed by us as the data controller. This means we determine the above-defined purposes and means of collecting your personal data and are responsible for ensuring its proper handling.

Your personal data will not be shared with any third party except in the following situations:

● the data are necessary for the provision of Macromo services (e.g. booking your laboratory appointment);

● based on your consent (e.g. sharing your health and genetic data with external consultants);

● personal data are entrusted to processors who process data on behalf of Macromo (see Processors below);

● Macromo is obliged to provide personal data pursuant to legal requirements or orders from public authorities.

Processors

Macromo engages verified suppliers (“Processors”) to assist in providing our services. These Processors handle your personal data based on Macromo’s instructions. The following categories of Processors are used by Macromo:

● hosting;

● analytical tools;

● marketing tools;

● IT tools;

● our contractors and other partners who assist in providing our services.

Transfers to third countries

In some cases, Macromo may transfer your data to countries outside the EU/European Economic Area. Such a transfer can only take place if it complies with the GDPR. This means, for example, that the provider is based in a country for which the European Commission has issued a decision that it provides an adequate level of protection for personal data, or that standard contractual clauses issued by the European Commission and/or other transfer mechanisms are in place that provide adequate safeguards with respect to the protection of your personal data. It may be necessary to apply certain additional measures in order to provide the data subject with a level of protection substantially equivalent to that guaranteed by the GDPR.

You have the right to receive a copy of the Standard Contractual Clauses (“SCC”) that we have entered into in order to transfer personal data outside the EU/EEA. If you wish to obtain a copy of the SCC relating to a specific transfer of your personal data, please contact us via [email protected].

Data security

Macromo is committed to ensuring that your personal data is stored securely. Therefore, Macromo has implemented appropriate technical and organizational measures to safeguard the personal data processed by Macromo, including, but not limited to:

● encryption of data,

● use of passwords and other barriers to accessing user data (e.g., multiple levels of system logs, a strong password policy),

● implementation of sufficient physical barriers to enter the premises where the data is stored (access control),

● automated and manual QA tests,

● two-factor authentication when logging into the development environment.

We store your personal data on your device and in the cloud and always encrypt it when transmitted.

These measures do not relieve you of the obligation to take appropriate measures to secure your personal data. You should, among other things, change your passwords regularly. On the other hand, you should not, among other things, use predictable usernames and/or passwords, share your passwords with others or provide access to your administrator account and/or disclose your personal information to others. Macromo will never ask you for your password in any unsolicited communication. Immediately notify us of any unauthorized use of your administrator account or any other suspected breach of security.

Your rights

Under the GDPR, you have the following rights:

Right to withdraw your consent to the processing of your personal data

You can withdraw your consent to the processing of your personal data at any time by contacting us. Upon withdrawal of your consent, your personal data will be deleted unless another lawful basis for processing applies. The withdrawal does not affect the lawfulness of any processing carried out based on your consent prior to its withdrawal.

Right to access

You have the right to be informed, among other things, about what personal data Macromo processes about you, the purposes of the processing, and the recipients of your personal data. If you wish to obtain such information, please contact us.

You have learned this information in this Privacy Policy. However, if you are unsure which personal data we process about you, you may ask us to confirm whether we process personal data relating to you and, if so, you have the right to access that data.

As part of your right of access, you may request a copy of the personal data we process about you. The first copy will be provided free of charge; additional copies will be provided for a fee.

Right to rectification (right to have the data completed)

You have the right to have any of your incomplete, inaccurate, or outdated personal data rectified.

Right to erasure (right to be forgotten)

You have the right to have certain personal data we have collected and processed about you erased without undue delay. Please note that Macromo may be entitled – or even obliged – to retain some personal data despite your request for erasure. This is particularly the case where we need to process your personal data to comply with legal obligations or to establish, exercise, and defend legal claims.

Right to restriction of processing

In some cases, in addition to the right to erasure, you may exercise the right to restrict the processing of personal data. This right allows you, in certain cases, to request that your personal data be marked and excluded from further processing – not permanently (as with the right to erasure), but for a limited period of time.

You can request a restriction of processing in situations such as:

● when you dispute the accuracy of the personal data, for a period of time that allows us to verify the accuracy of the personal data;

● when the processing is unlawful and you do not consent to the erasure of your personal data and request the restriction of its use;

● when we no longer need your data for processing purposes, but it is necessary for the establishment, exercise, or defense of legal claims,

● you have objected to the processing (the right to object is described in more detail below in the “Right to object” section); we are obliged to restrict the processing of your personal data while we assess whether your objection is justified.

Right to data portability

You have the right to obtain the personal data you provide to us in a structured, commonly used, and machine-readable format and to request that it be transferred to another controller, if technically feasible. Please note that the right to data portability only applies to data that you have provided to us and that we process as controller on the basis of your consent or the performance of a contract.

Right to object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you that is carried out in the public interest or for the purposes of Macromo’s legitimate interests, including profiling.

The exercise of your rights may be limited where Macromo is required to retain any of your personal data for the purposes of complying with legal obligations, establishing, exercising, or defending legal claims, or for other compelling reasons set out in applicable data protection legislation.

Right not to be subject to automated individual decision-making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision:

● is necessary for entering into, or performance of, a contract between you and Macromo;

● is authorized by the law and the law lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

● is based on your explicit consent.

Macromo does not make decisions based solely on automated processing that would have significant effects on its users. For the sake of completeness, we note that Macromo uses cookies and similar technologies, the use of which may constitute profiling. Information on how to withdraw your consent to the use of cookies or disable cookies can be found in Chapter III. Cookies of this Privacy Policy.

Right to lodge a complaint

If you believe that your data has been processed unlawfully, please contact us and we will try to resolve the issue. Under the GDPR, you have the right to file a complaint with the Office for Personal Data Protection, which is located at Pplk. Sochora 27, 170 00 Praha 7, Czech Republic.

Contact details

If you wish to exercise any of your rights set out above, please contact us at [email protected]. We will process your request without undue delay, but within one month at most. In exceptional cases, in particular due to the complexity of your request, we are entitled to extend this period by a further two months. We will, of course, inform you of any such extension and the reasons for it.

If you would like to learn more about Macromo, its privacy protection, or this Privacy Policy, you may contact us at [email protected].

Please help us keep your information up to date. If you believe that any data processed by Macromo are incorrect, or if you believe that we are not complying with this Privacy Policy, please contact us at [email protected].

Final provisions

Our website, services, and applications are not intended for individuals under the age of 18. If you are under the age of 18, please do not provide your personal information to Macromo. We do not knowingly collect any personal information from minors under the age of 18 on our website. Users under the age of 18 (or the age of majority in the applicable jurisdiction) should not use Macromo’s website, services, and applications without authorization from a parent or legal guardian.

This Privacy Policy may be amended by Macromo at any time. If we change this Privacy Policy, we will post the changes on our website and/or other places we deem appropriate. We may, but are not obligated to, notify you of such changes by email or other means. However, you should check this Privacy Policy periodically for any significant updates.

In the event of any conflict between this Privacy Policy and any specific privacy policy applicable to any Macromo product or service, the specific privacy policy shall prevail.

The provisions of this Privacy Policy are effective as of the above effective date.