0
0
mob menu open mob menu close

Privacy Policy



We place great importance on protecting your privacy and personal rights. We kindly request that you carefully read the following overview of how our website operates. You can rely on transparent and fair data processing, and we strive to handle your information with care and responsibility.

The information below on data protection is intended to inform you about how we use your personal data. In doing so, we comply with the strict provisions of Dutch GDPR implementing legislation, as well as the requirements of the General Data Protection Regulation (GDPR).

Controller

Responsible under the GDPR is:

The Hack
Hudsonstraat 67, 1067RZ Amsterdam, Netherlands
Email (for privacy inquiries): [email protected]
Web: www.biohackcore.nl

Scope of Personal Data Processing
We generally collect and use your personal data only to the extent necessary to provide a functional website, as well as our content and services—e.g., when you register on our website, log in to an existing customer account, or order products. The collection and use of your personal data usually take place only with your consent. An exception applies in cases where prior consent is not possible for factual reasons and processing is permitted by legal regulations.

Security

Safeguarding your personal data is a high priority for us. Therefore, we protect the data stored with us through technical and organizational measures to effectively prevent loss or misuse by third parties. In particular, our employees who process personal data are obliged to maintain confidentiality. To protect your personal data, it is transmitted in encrypted form; for example, we use SSL (Secure Socket Layer) for communication via your internet browser. You can recognize this by the lock symbol displayed by your browser when an SSL connection is established. In order to ensure the continuous protection of your data, our technical security measures are regularly reviewed and, if necessary, adapted to the state of the art. These principles also apply to companies that process and use data on our behalf and in accordance with our instructions.

Purposes of Processing and Legal Basis

We collect, process, and use your personal data for the following purposes:

  • Establishing and performing contractual relationships;
  • Marketing activities;
  • Customer satisfaction surveys and analyses;
  • Product evaluations;
  • Customer service and support;
  • Processing orders for our online goods offerings.

The processing of your personal data can be based on the following legal grounds:

  • Art. 6 (1)(a) GDPR serves as our legal basis for processing activities when we obtain your consent for a specific processing purpose.
  • Art. 6 (1)(b) GDPR, insofar as the processing of personal data is necessary for the performance of a contract, e.g., if you purchase a product. This also applies to such processing that is necessary for pre-contractual measures, for instance in the case of inquiries about our products or services.
  • Art. 6 (1)(c) GDPR, insofar as we are subject to a legal obligation requiring the processing of personal data, such as fulfilling tax obligations.
  • Art. 6 (1)(f) GDPR applies based on our legitimate interests, e.g., when using service providers in the context of order processing (such as shipping service providers) or conducting statistical surveys and analyses and logging registration procedures. This interest is geared toward a user-friendly, attractive, and secure presentation and optimization of our website, which serves our business interests and meets your expectations.

Duration of Storage and Routine Deletion of Personal Data

We process and store personal data only for the period necessary to fulfill the purpose of storage or if required by law or regulations. Once the purpose ceases to exist or has been achieved, your personal data will be erased or blocked. During blocking, deletion takes place as soon as legal, statutory, or contractual retention periods do not conflict with it, there is no reason to assume that deletion would harm your legitimate interests, and deletion does not involve disproportionate effort due to the specific nature of the storage.

By default, we apply a maximum retention period of 2 years following your last activity, unless you request earlier deletion.

Collection of General Data and Information, So-Called Log Files

When you visit our website for informational purposes only, without providing personal data via registration or otherwise, we only process the internet connection data that your browser transmits to our server. Each time our website is accessed, it collects a series of general data and information, which are temporarily stored in the log files of a server. A log file is created as part of an automatic protocol of the processing computer system. The following may be recorded:

  • Access to the website (date, time, and frequency)
  • How you arrived at the website (previous page, hyperlink, etc.)
  • Amount of data transmitted
  • Which browser and browser version you use
  • Which operating system you use
  • Which internet service provider you use
  • Your IP address, which your internet service provider assigns to your computer when you connect to the internet

The legal basis for this data processing is Article 6 (1)(b) GDPR, as collecting and storing this data is necessary for the operation of the website in order to ensure the website’s functionality and to properly deliver the content of our website.

Furthermore, the data help us optimize our website and ensure the security of our IT systems, which is based on Art. 6 (1)(f) GDPR. The data are therefore retained for a maximum of 7 days as a technical precaution.

We also use this data for advertising purposes, market research, and adapting our services to your needs by creating and evaluating user profiles under a pseudonym, but only if you have not exercised your right to object to this use of your data (see information on the right to object under “Your Rights”).

Cookies

In order to make the visit to our website more appealing and to enable the use of certain functions, we use so-called cookies. These are small text files stored on your end device that store certain information for exchange with our system. The legal basis for processing this data is Art. 6 (1)(f) GDPR. For more information about the cookies we use, please refer to our Cookie Policy.

We use Complianz to manage your cookie preferences. On your first visit, a cookie banner will appear allowing you to set your preferences. You can modify these settings at any time thereafter.

Future analytics/advertising services: In the future, we may implement external analytics tools and advertising services (e.g., Google Analytics, Google Ads, Facebook Pixel) to collect statistics and offer targeted ads. Such services may place their own cookies or tracking technologies, about which we will inform you in our Cookie Policy and through the cookie banner.

Sending Information

To this end, we use your data to send you information about our offerings and other products to the email address you provide.

If you purchase goods or services on our website, we may also send you information about our own similar goods to the email address you have provided, even without your explicit consent. The legal basis for this data processing is Art. 6 (1)(f) GDPR, as advertising related products and services by means of direct advertising represents a legitimate interest for us as the website operator. You can object to the processing of your personal data for direct advertising purposes at any time. In that case, we will refrain from further processing for such purposes. You can send us your objection as described below.

Moreover, you can withdraw your consent to receive such information at any time in the future without giving any reason, either by unsubscribing via the link at the end of each email or by contacting us in another way. We want you to enjoy reading our emails; therefore, we try to include content that we believe is likely to interest you. That is why we measure and store the open and click-through rates in your user profile—i.e., whether and when you open our emails, which content in them you click on and when, as well as whether and why our emails may not have been delivered. We also use this data for statistical purposes. In particular, this serves our legitimate interest to evaluate the performance of individual campaigns and determine optimization measures to make the information as appealing and relevant as possible for you. The legal basis for processing is therefore Art. 6 (1)(f) GDPR.

You may unsubscribe from our information at any time, i.e., withdraw your consent effective for the future, or object to data processing. A corresponding unsubscribe link is included in every email. You can also confirm your unsubscription on our website, or contact us to request a cancellation at any time.

Contacting Us, Registering, or Placing Orders

a) Contacting us
If you contact us by telephone, email, or via a contact form, the data you provide is stored by us on the basis of Art. 6 (1)(b) GDPR, to the extent it is necessary to answer your queries. To prove that the contact took place in compliance with legal requirements, the contact is logged. We erase data arising in this context once the conversation with you has ended and the relevant facts are definitively clarified.

b) Registration
We offer you the opportunity to register on our website by providing personal data. The data is entered into an input field and transmitted to us and stored. Registration is necessary to create your customer account, which you can use to place orders and access services. Data processing for registration thus serves the performance of the usage contract or the performance of pre-contractual measures and is based on Art. 6 (1)(b) GDPR. On our website, you can delete your customer account at any time.

c) Storing Data in the User Account
To conclude and process contracts, we need contact details such as name, shipping and billing address, and email address, as well as information about your chosen payment method, depending on the individual case. You can store this data in your user account. In addition, we use your data to maintain our customer database, so that only correct data is stored there. To avoid typing errors and ensure the items you ordered reach you, we verify the completeness and correctness of your address when you enter it. Following your order, you will receive an order confirmation and further documents that we are required by law to provide in order to meet our obligations for an effective conclusion of a contract with you. Therefore, processing your data is necessary for concluding the contract with you and is based on Art. 6 (1)(b) GDPR.

d) Order Confirmation/Shipping Confirmation
In order to carry out the contract and provide our services to you, for instance operating the webshop or sending you a package for which a fee is charged, we use your contact details to send you registration confirmations, customer service information, order confirmations, contractual documents, or information about payment processing. We must send you these documents to comply with our legal information obligations for an effective contract conclusion with you. Therefore, processing your data is necessary for concluding the contract with you and is based on Art. 6 (1)(b) GDPR.

g) Other
On the basis of Art. 6 (1)(c) and (f) GDPR, we use and store your personal data and technical information insofar as necessary to prevent or prosecute misuse or other illegal behavior on our website, e.g., to maintain data security in the event of attacks on our IT systems. This also applies where we are legally obliged to do so, for instance by official or court orders, and for exercising our rights and claims as well as for legal defense.

Disclosure of Personal Data to Third Parties

We only disclose your personal data if there is a legal obligation to do so, or to service providers (such as shipping companies) and partner companies that have been carefully selected in advance and are contractually obligated to comply with data protection laws.

a) Disclosure within Affiliated Companies under Art. 6 (1)(b) GDPR
We pass on your personal data to affiliated companies to conclude and process contracts for offers on our website. This is particularly necessary so that you can use all of our offerings. If you contact us with questions, complaints, or returns, they also get access to your order data to handle your request.

b) Disclosure to Service Providers under Art. 6 (1)(b) and (f) GDPR
For the operation and optimization of our website and our services, as well as for contract processing, various service providers work for us—for example, for central IT services or hosting our website, for payment and product delivery, to whom we pass on the data necessary for fulfilling the task (e.g., name, address). Some of these companies act on our behalf and are allowed to use the data provided only in accordance with our instructions. In this case, we are legally responsible for ensuring adequate data protection at the companies we commission. Therefore, we agree on specific data security measures with these companies and regularly check compliance. In the following cases, as an exception from pure order processing, we transfer data to third parties for their own use to carry out the contract:

  • When shipping goods to logistic companies and the shipping service provider indicated in the order.
  • In the event of payment for goods to the payment service provider specified in the order.
  • Payment information such as credit card numbers or bank details is not collected or stored by us during the payment process. You provide this information exclusively and directly to the respective payment service provider.

c) Disclosure to Other Third Parties under Art. 6 (1)(c) and (f) GDPR
Within the scope of applicable data protection laws, we will disclose your data to third parties or government agencies if we are legally obliged to do so (e.g., by an official or judicial order) or if we are entitled to do so (for example, because it is necessary for the prosecution of criminal offenses or for exercising and enforcing our rights and claims).

Data Transfers to Third Countries

If we use service providers in third countries, we take additional measures to ensure an adequate level of data protection for transferring personal data in accordance with Art. 44 GDPR, thereby ensuring that transfers are generally permitted and that the particular requirements for a transfer to a third country are met (e.g., by concluding EU Standard Contractual Clauses and additional safeguards, as well as additional technical and organizational measures such as encryption or anonymization).

Note: Some hosting and service providers (such as Cloudflare, WordPress) may process data outside the European Union. We take appropriate measures (e.g., EU Standard Contractual Clauses) to ensure that your data is also processed securely and according to European standards in those cases.

Your Rights

Of course, you have rights regarding the collection of your data, which we would like to explain here. If you wish to exercise any of the following free rights, a simple message to us is sufficient. For your protection, we reserve the right, in the event of an existing request, to obtain additional information necessary to confirm your identity and, if identification is not possible, to refuse to process the request.

a) Right to Information
Information and/or copies of the personal data concerning you are available upon request.

b) Right to Rectification
Everyone has the right to request that his or her personal data be corrected and/or completed without delay.

c) Right to Object to Processing
You have the right to request the restriction of the processing of your personal data, provided that the accuracy of the data is disputed by you, the processing is unlawful but you object to erasure of the data and we no longer need the data, or you need it for the establishment, exercise, or defense of legal claims.

d) Right to Erasure of Data
Unless the exercise of the right to freedom of expression and information, the processing is necessary for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims, you have the right to request that your personal data stored by us be erased.

e) Right to Be Informed
When you have exercised your right to rectification, erasure, or restriction of processing, we will notify all recipients to whom your personal data has been disclosed of this rectification, erasure, or restriction of processing, unless this proves impossible or involves disproportionate effort.

f) Right to Data Portability
You have the right to have the personal data you provided to us handed over to you or to a third party in a structured, commonly used, and machine-readable format. If you request that the data be transferred directly to another controller, this will only be done if technically feasible.

g) Right to Object
Insofar as your personal data is processed on the basis of legitimate interests under Article 6(1)(f) GDPR, you have the right to object at any time to the processing in accordance with Article 21(1) GDPR. If we process your data for direct marketing, you have the right to object at any time to the processing of your personal data for such marketing in accordance with Art. 21(2) GDPR; this also applies to profiling to the extent related to such direct marketing.

h) Right to Withdraw Your Consent
You have the right to withdraw your consent for data collection at any time with effect for the future. Data collected up until the valid withdrawal remains unaffected. We ask for your understanding that it may take some time for your withdrawal to be implemented for technical reasons, and that you may still receive messages from us in the meantime.

i) Right to Lodge a Complaint with a Supervisory Authority
If the processing of your personal data violates data protection law or if your data protection rights have otherwise been infringed in any way, you can lodge a complaint with the supervisory authority. You can also most quickly, simply, and conveniently exercise your right to rectification and erasure by logging into your customer account and editing or deleting your data stored there directly.

j) Automated Decision-Making Including Profiling
We grant you the right not to be subject to a decision based solely on automated processing that produces legal effects concerning you or similarly significantly affects you. At this time, we do not engage in fully automated decision-making that has significant consequences for individual users.

Hosting and Content Management System

The hosting of this website is provided by our external service providers (Cloudflare and WordPress). The personal data collected on this website is stored on the servers of Cloudflare and WordPress. This may include, but is not limited to, IP addresses, contact requests, metadata and communications data, contractual data, contact details, names, website access logs, and other data generated via a website. Cloudflare and WordPress are used to perform the contract with our potential and existing visitors and users, and in the interest of a secure, fast, and efficient provision of our online offering by a professional provider. Cloudflare and WordPress process your data only to the extent necessary to fulfill their service obligations and follow our instructions regarding that data.

Social Media

Online Presence in Social Media
In order to communicate with customers, interested parties, and users who are active there, we maintain an online presence in social networks and platforms. Unless otherwise stated in this policy, we process the data of users when they communicate with us within the social networks and platforms, for example by writing posts on our online presences or sending us messages.

Social Media Plugins

Social media plugins typically ensure that every visitor to a page is immediately recorded by these services along with their IP address, and that their further surfing behavior is logged. This can happen even if you do not click the button. Therefore, we use the Shariff method. This means that our social media buttons only establish direct contact between the social network and you when you click the corresponding button. If you are already logged in to a social network, this happens without another window or pop-up, depending on the social network. In this way, you can post our content on social networks without them being able to create full surfing profiles. The social media platform will usually store cookies on your device or even store your usage behavior in your account, especially if you are logged in. The social media platform may use your data to analyze your usage behavior and use it for interest-based advertising. This may result in ads shown to you within and outside the social media platform.

Data Breaches/Notification

Databases or data sets containing personal data may be breached inadvertently or through unlawful intrusion. When we become aware of a breach involving personal data, we will notify all affected individuals whose personal data may have been compromised and the notification will include a description of the measures being taken to remediate the breach. Such notification will be made as soon as possible after the breach is discovered.

Updating Your Information

If you believe that the information we hold about you is inaccurate or that we are no longer entitled to use it, and you wish to request its rectification or erasure, or object to its processing, please contact us. To protect you and all our users, we may ask you to prove your identity before we can respond to the aforementioned requests.

Please note that we may reject requests for certain reasons, e.g., if the request is unlawful or if it may violate trade secrets, intellectual property, or the privacy of another user. It is also possible that we may be unable to comply with certain requests to object to the processing of personal data, particularly where such requests would mean we could no longer provide our service to you.

Data of Children

This website is not intended for children, and we do not knowingly collect data relating to children. If you discover that your child has provided us with personal data without parental consent, please contact us and we will take the necessary steps to remove that information from our server.

Changes

To ensure that our information on data protection always meets current legal requirements, we reserve the right to make changes at any time. This also applies when data protection information must be adjusted due to new or revised offers or services.

Shopping cart

Cart is empty

0 items
Delivery0.00
Total0.00
View cart Checkout
Choose Your Location
Country icon
Netherlands
We see you've chosen the [Region] region. Would you like to go to the dedicated domain (regiondomain.com)?

Approximately 1-2 days to reach your destination

Choose Your Language
Language icon
English

WISHLIST

Wishlist haven't items

Sign in / Register Links sort by type sort by use Shop Blog CONTACT US
NL
en

Log in
Sign Up Forgot password?

You need a buy product for a writing review

Thank you for getting in touch!

We have received your message and would like to thank you for writing to us. If your inquiry is urgent, please use the telephone number listed below to talk to one of our staff members.

Thank you for subscription!