What’s Your Diet Type? >> FREE QUIZ <<

Get DNA test

Privacy Policy

We care about your privacy

Here we tell you what sort of data we collect, why we collect it and what we do with it. Remember that you are always in full control of what happens with your own data.

Our Privacy Policy

This Privacy Statement applies to all websites owned and operated by Vojo Health Ltd (referred to as “Vojo Health” or “Vojo”), including www.vojo.health, www.vojohealth.com, and any other websites, pages, features, or content we own or operate, and to your use of any related Services. This Privacy Statement is designed to help you better understand how we collect, use, store, process, and transfer your information when using our Services.

At Vojo, we are committed to protecting your Information, handling it responsibly and securing it with administrative, technical and physical measures and safeguards and only Processing it for the legitimate Purposes disclosed. All genetic test results and any Personal Information are maintained under a strict policy of confidentiality.

Please carefully review this Privacy Statement and our Terms of Service. By using our Services, you acknowledge all of the policies and procedures described in the foregoing documents. If you do not agree with or you are not comfortable with any aspect of this Privacy Statement or our Terms of Service you should immediately discontinue use of our Services.

1. Key Definitions

Capitalised terms not defined in this Privacy Statement have the same meaning as those defined in the Terms of Service.

“Anonymised Information” - means any Information that we have anonymised in a manner to result in the Information no longer being able to identify you, whether directly or indirectly, and is therefore no longer Personal Information.

“Applicable Law” - means any law, by-law, ordinance, proclamation and/or statutory regulation which the Parties are required to observe by reason of this Privacy Statement and matters incidental thereto, including, but not limited to, the GDPR.

“Data Subject” - means the person who is the subject of Personal Information.

“Vojo”, “Vojo Health”, “we”, “us” and “our” - means Vojo Health Ltd (United Kingdom company registration No. 12124440) whose registered address is Elm Barn, Lovington Lane, Worcester, WR2 6QQ, United Kingdom; email: [email protected]

“GDPR” - means the European Union’s General Processing Regulations, 2016/679.

“Processing”, “Process” and “Processed” - means any operation or set of operations which is performed on Information, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Purpose” - means the purposes for which we Process Information.

“Sensitive Personal Information” - means Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, national identification number, or any other information that may be deemed to be sensitive under Applicable Law.

“Terms of Service” - means the specific terms that apply to our relationship when we provide you with Services.

2. How We Obtain Your Personal Data

We may collect the following categories and types of Information about you:

  1. Registration Information – when registering for our Services and/or purchasing a product, an account will be set up with personal login credentials and will be used to provide you with your chosen Services. You will be asked to provide your certain Personal Information, including your name, contact details and date of birth, to facilitate Service delivery, communicate with you and perform identity verification during inbound and outbound contact;
  2. Payment Information – when transacting on Our Site, banking card details will be taken at point of sale using card processing platforms to facilitate purchases. We do not store credit/debit card information as this is held by our payment processing providers;
  3. Genetic Information– Personal Information related to your genotype (e.g. A, T, C, and G at different genetic markers), generated through the analysis of your saliva test which will be Processed by us. The genetic variants identified enable our product to personalise your experience to your DNA. Once your results have been generated, any sample is securely destroyed as per our lab quality manual and process;
  4. Self-Reported Information– Personal Information, including medical conditions, sports-related information, ethnicity, family history, and other Information that you enter in surveys, forms or features while entering Our Site may be collected by us should you choose to voluntarily share such Personal Information with us. Self-Reported Information may be converted into Anonymised Information and used in approved Vojo Health research which is subject to separate consent in the form of the Consent Document and as detailed in the ‘How We Use Your Personal Data’ section; and
  5. Web behaviour Information – we may collect Information on how Users make use of Our Site. This Information is collected through log files, cookies, and web beacon-, analytical- and advertising technologies.

Any Information collected by us will be held by Vojo Health as the Controller. Information will only be used for the Purposes as described in this Privacy Statement and any additional Consent Document or agreement that we may enter with you. You agree to these Purposes when you formally acknowledge the Consent Document.

Providing Personal Information other than Registration Information is voluntary. You can access and control your Personal Information by contacting us, set your browser settings to determine how we track your web behaviour, opt-out of direct marketing and research and development (“R&D”), and choose when to share Information on public forums, discussion boards and social media.

As stipulated in the Terms of Service, Vojo Health does not provide direct to consumer Services directly to anyone under the age of 18 (eighteen) years old or as otherwise provided by the rules of a member state of the European Union or other Applicable Law, and therefore does not knowingly Process Information for such Data Subjects (“Children’s Personal Information”). All reasonable effort is made to ensure Users are not under age, but should we discover a User to be under the age threshold then this would be considered a violation of the Terms of Service and all agreements with such User will be terminated, Services revoked, and Children’s Personal Information will be deleted.

We collect Personal Information from the following sources:

  1. from you, the User, directly;
  2. through your use of Our Site or Services;
  3. from any public sources where you have chosen to make your Information public, such as social media platforms;
  4. from content and advertising third parties with whom you have interacted on our Site; and
  5. from third parties who lawfully provide it to us.

Please note that we require certain types of information so that we can provide services to you. If you do not provide us with such information, or if you ask us to delete your information or account, we will no longer be able to provide our services to you.

3. How we use your personal data

Our primary purpose in using your data is to provide you with the Services. We may also analyse your data to enable us to provide a better service to you.

We will keep all your personal information provided by you confidential, except that we may use personal information for any of the following purposes.

General use of Information:

  • In terms of your consent - Once we have received your consent to Process your Information for the specified Purposes, this consent gives us the legal basis to Process your Information, including your Personal Sensitive Information, for providing the Services. We also rely on your explicit consent to Process your Genetic Information (as detailed below) and you have the right to withdraw your consent at any time.
  • In terms of contractual commitments with you - We also will Process your Information on the basis of a contractual commitment to you in terms of the agreement that we have entered with you. For example, we will need to Process your Payment Information and other Information necessary for purposes of our agreement with you.
  • On the bases of our legitimate interests - We may also Process your Information on the bases of our legitimate interests, including to offer new products and Services to you, inform you about events, invite you to participate in relevant Vojo Health research; obtain testimonials for promotional purposes, perform quality control checks and to conduct R&D. Where we rely on a legitimate interest to Process your Information, you have the right to object to such Processing and this can be stopped at any time by contacting us. We will not rely on our legitimate interests to Process your Information where such Processing overrides your fundamental rights, interests or freedoms or where we have another legal justification for Processing your Information.
  • In terms of contractual commitments with you - We may Process your Information to enable you to create and access a free online account (which will be subject to this Privacy Statement, the Terms of Service and Terms of Use). This account will allow you to receive the Services, access your Information, and control your preferences in respect of your Information and is necessary for the agreement that we have entered with you. Related Processing may include communications requesting you to review and update your Information.

 

Processing of your Sensitive Personal Information:

  • In terms of your prior consent - We will Process your Sensitive Personal Information only with your prior, written and express consent in order to provide you with the Services in terms of the agreement entered with you. We will obtain this consent from you when entering into an agreement or in terms of the Consent Document, depending on the circumstances;
  • As required by a legal obligation - We may also Process your Sensitive Personal Information where the Processing is required or permitted by Applicable Law or for the detection or prevention of crime (including the prevention of fraud); or
  • When necessary for the establishment, exercise or defence of legal rights - Where the Processing is necessary for the establishment, exercise or defence of legal rights, we may Process your Sensitive Personal Information.

 

Processing to create Information:

  • We may Process your Information to create Anonymous Information which may be disclosed to third parties. If we use your Information in terms of this clause, your privacy will not be able to identify you.

 

Processing for Vojo Health Research and R&D:

  • We may Process your Information if you have provided prior, express and voluntary consent for your Genetic Information and Self-Reported Information to be used in any Vojo Health Research and R&D. This Processing includes sharing your Information with contracted third parties for Purposes of Vojo Health Research and R&D.
  • If we want to use any Vojo Health Research that includes your Information, even if only Anonymised Information, for scientific publication, such publication will be subject to full IRB (Institutional Review Board) approval and we will also obtain your consent with a Consent Document before authorising any such publication.
  • We will request your express written prior consent before sharing or publishing your Information for Vojo Health Research or R&D Purposes through a Consent Document.

 

Additional Purposes for Processing Information:

  • Marketing and Advertising - From time to time we may send you communications not directly related to the provision of the Services, but about new services available to you, discounts and event invitations. We may also direct advertising to you via third party sites including social media. We will only send marketing material to you in accordance with this Privacy Statement, where we have a legitimate interest to do so, where you have opted-in to such communications or as determined by your web browser/cookie settings. You may change your marketing preferences at any time by contacting us.
  • Location - We may use device and IP locations to determine the regional version of Our Site to be displayed relevant to the country from which you are accessing Our Site. You can manage your location settings from your device or computer but please note if these are switched off, the default version of Our Site (the United Kingdom version) will be displayed.
  • Messages – We may collect Information when you send, receive, or engage in messaging with Vojo Health. We do this to delegate your inquiries to the correct department. We also use analytics from your messages to determine ongoing service and resource needs.
  • Complaints - We may use your Personal Information to investigate, respond to and resolve complaints and Service issues.

 

4. Do you share my information with other organisations?

Except as otherwise stated in this Privacy Statement or the Terms of Service, we will never share your Information with a third party without first asking and getting your explicit prior consent to do so, unless we are required to do so by law. If we are legally required to disclose any Information, we will make reasonable efforts to notify you unless we are legally prohibited from doing so.

We will only share your Personal Information with those categories of third parties listed below and under these circumstances or as detailed in the Consent Document:

  1. Contracted consultants, suppliers and partners used to undertake fundamental activities to enable us to provide our services, enhance the User experience; and to effectively operate and manage our organisation;
  2. Card processing service providers;
  3. Research contractors where you have given consent to participate anonymously in Vojo Health Research and R&D.
  4. Where we are required by Applicable Law and by the appropriate authorities to do so as further set out in the “INFORMATION DISCLOSURE AS REQUIRED BY LAW” section; or
  5. With anyone else as provided for in terms of your explicit prior consent to do so.

 

Any Processors or other third-party service providers will be required to contractually comply with the principles and objectives of any Vojo Health policies, including this Privacy Statement, as well as the requirements of the GDPR and other Applicable Law and will be required to sign a data processing agreement to confirm that Information will not be collected, used, shared, stored or otherwise for any Purpose other than those instructed by Vojo Health.

5. What are my rights?

Every individual has the right to see, amend, delete or have a copy, of data held that can identify you, with some exceptions. You do not need to give a reason to see your data.

If you want to access your data you must make a subject access request in writing to [email protected]. Under special circumstances, some information may be withheld. We shall respond within 20 working days from the point of receiving the request and all necessary information from you. Our response will include the details of the personal data we hold on you including:

  • Sources from which we acquired the information
  • The purposes of processing the information
  • Persons or entities with whom we are sharing the information

 

You have the right, subject to exemptions, to ask to:

  • Have your information deleted
  • Have your information corrected or updated where it is no longer accurate
  • Ask us to stop processing information about you where we are not required to do so by law.
  • Receive a copy of your personal data, which you have provided to us, in a structured, commonly used and machine readable format and have the right to transmit that data to another controller, without hindrance from us.
  • Object at any time to the processing of personal data concerning you.

 

You have the right to obtain access to your Information any time by sending your request via email to [email protected]. We do not carry out any automated processing, which may lead to automated decision based on your personal data. We will contact you to undertake identity verification before any disclosure and discuss your needs fully. We will provide this within the timeframes as determined by the GDPR or other Applicable Law.

Please note that your request to access your Information that we hold about you might be limited and/or subject to a reasonable fee in terms of Applicable Law where the request is manifestly unfounded or excessive.

6. What safeguards are in place to ensure data that identifies me is secure?

We only use information that may identify you in accordance with GDPR. This requires us to process personal data only if there is a legitimate basis for doing so and that any processing must be fair and lawful.

While we cannot guarantee that unauthorised access, disclosure, misuse or loss of Information will never occur, we ensure the information we hold is kept in secure locations, restrict access to information to authorised personnel only, protect personal and confidential information held on equipment such as laptops with encryption (which masks data so that unauthorised users cannot see or make sense of it). We ensure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.

Sharing Self-Reported Information through surveys, or other features on Our Site, is voluntary and done at your sole risk. We cannot take responsibility for Information that you release or that you request us to release publicly.

In the event of a security incident, Vojo Health’s internal procedures and those prescribed by the GDPR will be followed. You will be notified of any material impacts or direct consequences to you as a User without undue delay.

Vojo Health is registered with the Information Commissioner’s Office (ICO) as a data controller and collects data for a variety of purposes. A copy of the registration is available through the ICO website (search by business name).

7. How long do you hold confidential information for?

Information will be retained for as long as a User’s account is active. Accounts will be closed within 30 (thirty) calendar days of a written request by the User or termination of an agreement with a User in terms of the Terms of Service.

All Information will be deleted from your account and the Vojo Health database with the following exceptions:

  1. Genetic Information and/or Self-Reported Information that you have previously disclosed and for which you have completed the Consent Document for use in Vojo Health Research and/or R&D will not be removed from ongoing or completed studies that use such Information unless you expressly revoke your consent in respect of such Information being used for those Purposes. We will however inform any recipient of your Information for Vojo Health Research or R&D that you have closed your account and not use the Information in any new Vojo Health Research and/or R&D after your account is closed. We will keep a record of any Processors that will retain your information for this Purpose;
  2. Electronic Consent Documents (e.g. scanned paper forms or online consent history) will be retained indefinitely under strict access control on our database to maintain the record that DNA testing was completed with your permission. Paper Consent Documents will be securely destroyed 5 years from the date the account closure or data deletion request is received by Vojo Health;
  3. We must keep Information relating to orders for Services and payment history for accounting purposes for 7 (seven) years to meet HMRC requirements; and
  4. Any Information required to meet legal or regulatory obligations in terms of Applicable Law as necessary.

 

All Processors will be instructed to delete any Information stored by them subject to the above exceptions.

8. Website technical details

We use electronic forms on our website making use of an available ‘forms module’ which has a number of built-in features to help ensure privacy. We also aim to use secure forms where appropriate.

We use cookies on our Site. We do not make use of cookies to collect any private or personally identifiable information. The technical platform of this website uses cookies solely to aid the proper technical functioning of the website. The cookies used contain random strings of characters alongside minimal information about the state and session of the website – which in no way collects or discloses any personal information about you as a visitor.

Advanced areas of this site may use cookies to store your presentation preferences in a purely technical fashion with no individually identifiable information. Note also our statement on analytics software below – as analytics software also uses cookies to function.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org.uk

To opt out of being tracked by Google Analytics across all websites visit https://tools.google.com/dlpage/gaoptout

9. Analytics

Like most websites, we make use of analytics software in order to help us understand the trends in popularity of our website and of different sections. We make no use of personally identifiable information in any of the statistical reports we use from this package. We use an analytics package called Google Analytics who provide details of their privacy policy on the Google website.

10. Privacy Statement Changes

This Privacy Statement may be amended from time to time as necessary and/or required by Applicable Law. Any material changes to the Privacy Statement or how we use your Information will be notified either via Our Site or Services, by notice posted to User accounts or by email to existing Users if appropriate.

If you do not agree to any changes, you may request to discontinue your use of the Vojo Health Services and Our Site.

Please revisit this Privacy Statement regularly for any changes as your continued access to or use of Our Site and/or Services after the publication of any changes to this Privacy Statement will mean that you agree to any such changes.

Previous versions of this Privacy Statement are available on request by emailing [email protected].

11. Complaints

If you have a complaint regarding the use of your personal data then please contact us by writing to the Data Controller at [email protected] and we will do our best to help you.

If your complaint is not resolved to your satisfaction and you wish to make a formal complaint to the Information Commissioner’s Office (ICO), you can contact them on 01625 545745 or 0303 1231113.

Copyright © Vojo Health Ltd 2023. All rights reserved.

While testing can be helpful in finding out more about your nutrition needs, they’re only one part of the picture and we don’t recommend using the results in isolation. Our products are not intended to diagnose, treat, cure or prevent any disease. If you are pregnant, nursing, taking medication, or have a medical condition, consult with your GP.