Privacy Policy

Effective date: November 2025 • Bien-Etre Ltd

Bien-Etre Ltd (“Bien-Etre”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This policy explains what we collect, how we use it, and your rights under UK data protection law (UK GDPR and the Data Protection Act 2018).

By using this website, placing an order, subscribing, or engaging with our services, you agree to the practices described here.

1. Who we are

Data Controller: Bien-Etre Ltd, registered in England and Wales.

Registered office: [Insert registered address]
Email: privacy@bien-etre.ai
Website: www.bien-etre.ai

We act as the Data Controller for personal data collected via our website, subscriptions, and customer support channels.

2. Data we collect

2.1 Information you provide

Identity & contact: name, email, phone, billing/shipping address
Account details: login, preferences, communication settings
Order & subscription details: products purchased, frequency, delivery
Payment data: processed by PCI-DSS compliant providers (we do not store full card details)
Health-related information: only if you activate a diagnostic test and give explicit consent
Support communications: enquiries via email or social channels

2.2 Information collected automatically

Technical data: IP address, device & browser type, operating system
Usage data: pages viewed, time on site, referral source, interactions
Cookies & similar technologies (see Cookie Policy)

2.3 Information from third parties

Payment processors (e.g., Shopify Payments, Stripe)
Subscription management (Recharge)
Analytics & marketing platforms (Google Analytics/Ads, Meta, Klaviyo)
Fulfilment & logistics partners
Laboratory partners (if you submit a diagnostic test)

3. How we use your data

To process and deliver orders and subscriptions
To provide your account, test results, and personalised recommendations (with consent)
To communicate about orders, deliveries, changes, and support
To improve our website, products, and customer experience
To prevent fraud and ensure network security
To comply with legal and regulatory requirements
To send marketing you’ve opted into, with easy opt-out at any time

We never sell or rent your personal data.

4. Legal bases for processing

Contract: processing orders, subscriptions, deliveries
Consent: health/diagnostic data, marketing communications, certain cookies
Legitimate interests: service improvement, fraud prevention, security
Legal obligation: accounting, tax, regulatory requirements

5. Health & diagnostic data

Where you use Bien-Etre diagnostic services, we may process health-related data strictly as follows:

Collected only with your explicit consent during kit activation
Processed by accredited laboratory partners under confidentiality
Encrypted in transit and at rest, with restricted access
You may withdraw consent for future processing at any time by emailing info@bien-etre.ai (this may limit our ability to provide ongoing analysis)

6. Sharing your data

We share limited data with trusted providers who help us deliver our services, under data processing agreements:

Provider	Purpose	Data Categories
Shopify / Shopify Payments	Store platform, checkout, payment processing	Identity, contact, order, limited payment metadata
Recharge	Subscription management & billing	Identity, contact, subscription details
Laboratory partners	Diagnostic sample processing & reporting	Sample ID, test data, health data (with consent)
Fulfilment & logistics	Pick, pack, ship and tracking	Identity, contact, order & delivery details
Google / Meta / Klaviyo	Analytics, performance, personalisation, marketing (with consent)	Usage data, device data, marketing preferences

We may also disclose data if required by law, to enforce our terms, or to protect rights, property, or safety.

7. International transfers

Your data may be transferred outside the UK/EEA via approved safeguards (e.g., UK IDTA or EU SCCs, where applicable). We ensure partners implement appropriate technical and organisational measures.

8. Data security

Secure servers within the UK/EEA where possible
Encryption in transit and at rest for sensitive data
Access controls, audits, and staff training
PCI-DSS compliant payment processing via third parties

9. Data retention

We keep personal data only as long as necessary for the purposes collected or to meet legal obligations:

Orders & account records: typically 6 years (tax/legal)
Health/diagnostic data: typically 2 years (unless ongoing services or regulation require longer)
Marketing preferences: until you opt out or request deletion

10. Your rights

Under UK GDPR, you have the right to:

Access your personal data
Rectify inaccurate or incomplete data
Erase data (“right to be forgotten”)
Restrict or object to processing
Data portability (receive your data in a structured, commonly used format)
Withdraw consent where processing relies on consent

To exercise your rights, contact privacy@bien-etre.ai. We respond within one month.

You can also complain with the UK Information Commissioner’s Office (ICO): www.ico.org.uk.

11. Marketing preferences

You can opt in or out of marketing at any time by using the unsubscribe link in our emails, adjusting your account settings, or emailing privacy@bien-etre.ai.

12. Cookies

We use cookies and similar technologies to operate the site, analyse performance, and personalise content. For details and to manage your consent choices, see our Cookie Policy.

View Cookie Policy Manage Cookie PreferencesIf supported

13. Updates to this policy

We may update this Privacy Policy to reflect changes in law, technology, or our services. The latest version will always be available on this page with the effective date above.

14. Contact us

If you have questions about this policy or how we handle your data, please contact:

Email: privacy@bien-etre.ai
Company: Bien-Etre Ltd
Website: www.bien-etre.ai