As the data controller, Alba Health AB ("The Company," "we," or "us") is committed to ensuring that all processing of your personal data is carried out in accordance with the General Data Protection Regulation (GDPR). This personal data policy provides detailed information on the personal data we process, the purpose of such processing, and outlines your rights and how to exercise them. Additionally, we explain the measures we undertake to ensure the secure processing of your personal data.‍‍‍‍‍‍‍ 

Personal data refers to any information, whether direct or indirect, that pertains to a living individual. This includes but is not limited to names, addresses, photos, encrypted data, and electronic identifiers such as IP numbers. We exclusively process your personal data. Processing encompasses various activities, such as data collection, storage, registration, organisation, compilation, transfer, or deletion.

‍Data Controller and its Responsibilities:
‍
Alba Health ApS Filial, registered under Swedish organisation number 516413-0691, assumes the role of data controller for the company's personal data processing. This signifies our responsibility to process your personal data in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR). If we engage a service provider to process your personal data, that provider is recognized as a personal data processor.

Personal Data Processing:

Data collected will be stored with necessary safety measures taken to protect the data processed. This will be done in accordance with GDPR and applicable regulations to ensure that only Alba Health, our representatives and collaborators will have access. Your personal identifiable data will be completely separated from any questionnaire & health data and the keys will not be shared with external collaborators outside of Alba Health. We store the data in the EU. In certain cases, we may engage personal data processors located outside the EU/EEA to handle the collected personal data. Before transferring personal data to these third parties, we implement appropriate protective measures to ensure they have adequate security measures in place.

We are unable to set any particular time limit on the storage of your personal data, but we will keep it under regular review and ensure that it is not kept longer than is necessary.

For the purposes of the GDPR, Alba Health will be a data controller. The GDPR requires that we have a lawful basis for processing personal data about you. For this product, you have given your consent. 

According to the GDPR you have a number of rights. You have the right to access the data about you free of charge, and you can request corrections if needed. You can also ask for the deletion of your data or restrict its processing. For further info about your rights, see: https://www.imy.se/en/organisations/data-protection/this-applies-accordning-to-gdpr/the-data-subjects-rights/

If you want to exercise your rights or have any questions related to your rights, please contact Alba Health. The Data Protection Officer can be reached via email (see contact details below). If you are dissatisfied with how your personal data is handled, you have the right to file a complaint with the Swedish Data Protection Authority, which is the supervisory authority. The Swedish Authority for Privacy Protection can be contacted at: Address: Integritetsskyddsmyndigheten, Box 8114, 104 20 Stockholm. Phone: 08-657 61 00. Email: imy@imy.se. Website: www.imy.se

Processing of Personal Data and Purpose:

‍When you become a customer, sign up to participate in a study, or use our products and services we may collect personal data, such as your name, address, email address and telephone number. This information is necessary for managing our customer relationships, processing orders and returns, generating statistics, complying with legal accounting requirements, promoting our products to you, and contacting you when necessary. 

Additionally, we may obtain certain personal data from external sources, such as credit reports and address updates, to ensure the accuracy and completeness of our records.
‍

‍Legal Basis for Processing:

‍When you provide us with your personal data during a purchase and registration, we utilise this information to facilitate these specific processes. We also use the data to communicate with you and fulfil our obligations to you. Therefore, we consider the processing of personal data as necessary for the performance of our contractual relationship with you as a customer, establishing a legal basis for such processing.

In the course of our business activities, we may contact you for marketing purposes through emails unless you have explicitly notified us of your preference not to be contacted. We believe that there is a legitimate interest in communicating with you about our products, which outweighs the need for personal data protection when balancing interests.

Any further processing of personal data beyond the stated objectives will be carried out in compliance with legal requirements or with your explicit consent.

‍

‍Processing of Personal Data and Purpose:

‍As required by applicable legislation, Alba Health AB (with Swedish organisation number 559445-0198), is obligated to process certain personal data for accounting and auditing purposes. In accordance with the Swedish Bookkeeping Act, we are legally required to retain specific data, such as payment transaction information, for a period of seven years from the end of the accounting year.

Your personal data may also be utilised for account statements, invoicing and auditing, payment verification, administrative and legal matters, statistical and marketing analysis to improve our services, website accessibility, system development and maintenance.

If you are under the age of 18 and wish to make a purchase, you must obtain consent from your legal guardian before providing us with your personal data and proceeding with the purchase.

Please note that if you voluntarily provide us with your personal data during a purchase or registration process, we will use this information solely for the purpose of facilitating these specific processes. However, you have the right to withdraw your consent for personal data processing at any time.

It is important to emphasise that we do not request or process sensitive information from our customers. Therefore, please refrain from disclosing such information (such as details about ethnic background, political views, religious beliefs, trade union membership, health status, or sexual activity) to us, as it is not necessary for our services.
‍

Data Collection and Processing:

‍The personal data processed by Alba Health AB (with Swedish organisation no 516413-0691) has been obtained from you during the buying process or the sign-up process, as mentioned above. Additionally, we may collect personal data from external sources, such as credit reports and address updates. When you contact us via email, we assess the need for follow-up based on legal or service-related reasons, such as initiating a complaints procedure or tracking lost shipments. In cases where follow-up is not required, we delete the email after providing a response. Any information disclosed via email is not transferred to other databases unless specifically requested by you.
‍

Card Payments:

‍To process payment for your products on our website, our payment services provider requires information about your payment card. This information is solely processed by our service provider, in compliance with our personal data processor agreement. We only process your payment information, excluding the credit card number, when necessary to ensure effective handling of issues related to charges, purchase cancellations, and refunds.
‍

‍Transfer of Personal Data to Third Parties:

‍In certain cases, we may engage personal data processors located outside the EU/EEA to handle the collected personal data. Before transferring personal data to these third parties, we implement appropriate protective measures to ensure they have adequate security measures in place. We do not transfer your personal data to third parties in any other manner than described above.
‍

‍Direct Marketing via Electronic Communication:

‍As mentioned in point  above, we may utilise your personal data to send newsletters and offers regarding our products that we believe may be of interest to you. We provide all our customers with the option to receive marketing materials about our products. We strive to customise such information to suit your preferences. If you prefer not to receive any marketing materials from us, you can opt-out through our marketing preferences. Alternatively, you can contact us via email (see below) to request exclusion from marketing communications.
‍

‍Security and Protection of Your Personal Data:

All personal data is processed in a secure environment, and our website utilises SSL encryption to ensure the protection of your information.
‍

Understanding Cookies and Their Usage:

Cookies are text files that contain alphanumeric characters and are sent from our web server to your web browser or device. Alba Health AB uses cookies to enhance and streamline your browsing experience. We do not use cookies to store personal data or share information with third parties. Third-party cookies may be used for statistical purposes, such as collecting aggregated data in analytical tools like Google Analytics and Meta. These cookies can be either permanent or temporary (session cookies). Permanent cookies are stored on your computer or mobile device for a maximum of 24 months, while temporary cookies are deleted when you close your web browser. You have the ability to manage cookies by configuring your web browser, including blocking or deleting them. However, please note that certain services may not function properly if cookies are erased.
‍

‍Rectification or Erasure of Personal Data:

We take the responsibility to rectify or erase incorrect, incomplete, or unlawfully processed personal data. At the Company's own initiative or upon your request, we will promptly correct or delete such data. In such cases, please contact Alba Health (contact details below). Any personal data that is no longer required for the purposes stated above will be erased.
‍

‍Data Retention Period:

Your personal data is stored for as long as it is necessary to fulfil the objectives mentioned above.
‍

‍Your Rights and Information on the Regulatory Authority:

You have the right to access information about the personal data we process, request rectification, erasure, or transfer of your personal data, and request restriction of processing. Additionally, you have the right to request an extract of the data register containing information about you. If you have any questions or wish to exercise your rights, please contact us using the contact details provided below.
‍

Contact Details of the Data Controller:

‍The data controller for your personal data is Alba Health AB (org. No 559445-0198) located in Nybrogatan 8, 114 36 Stockholm, Sweden. If you need to update or amend your disclosed information, have any questions, or wish to express your opinions about our products or the information we process, please feel free to contact us via email: hello@albahealth.co
‍

‍Updates to the Personal Data Policy:

‍We may update this personal data policy to align with changes in applicable legislation, address commercial needs, or meet the requirements of our customers, marketing partners, and service providers. Any updated versions of the policy will be published on our website, clearly indicating the date of the last update.

‍

Validity of Terms:

These terms outline the procedures governing the collection, storage, and processing of health data related to users of Alba Health’s products and services. These terms are provided for informational purposes at the point of purchase. However, prior to utilising Alba Health’s products and services, it is required that all legal guardians of the child give their consent in writing, as per the instructions provided by Alba Health from time to time. Without the requisite consent from the legal guardians, we regret to inform you that we are unable to proceed with the processing and storage of your health data.

‍

General:

These terms apply to users of the products and services of Alba Health AB (‘The Company’) with Swedish registration number 559445-0198, address Nybrogatan 8, 114 36, Stockholm, Sweden. In these terms, you will receive information about the use of our product and services and how we process and store your data. 

By giving your consent, you agree to these terms, and confirm that you have read and agreed to our Privacy Policy for personal data. We are unable to change the terms, unless confirmed in writing. 

By giving your consent, you also confirm that you are legally capable of entering into a binding contract, are at least 18 years old and are the legal guardian of the child for whom you are registering. You also confirm that all information you provide is true and correct.

‍

Before you start:

If you, your child or your partner (if applicable) are being treated for any chronic medical conditions, you should discuss these study procedures with your treating physician to ensure that your physician agrees that using our products and services is appropriate for you. 

This product and service is not intended to have diagnostic value and will not contain any clinical diagnosis. Alba Health is a wellness product. It is not intended to diagnose or treat disease and it does not substitute for medical consultation.

‍

How Does the Product and Service Work?

1. Provide consent

All users will need to read this consent form and provide their consent to these terms. All legal guardians of the participating child(ren) must carefully read and sign this consent form. For children, both guardians must sign the consent form.

2. Answer questionnaire about lifestyle, diet and health

You will be asked to register and provide answers to a questionnaire about you, your baby and family. This data is required for us to analyse your results.  We may collect other types of information, including but not limited to images, video recordings, audio recordings, daily tracking questions.

3. Test kit and stool sample

If you have ordered a test kit for taking a stool sample from your baby, it will be sent to your home. Instruction manuals and all components are included in the kit. The kit must be used as described in the instruction manual and in no other way. After taking the sample you will send it back as instructed in the manual.

4. Sample processing

The stool samples taken using the product will be shipped from your home to our contract laboratory directly (in Germany) and will be processed within one month of being received. After analysis, the samples will be destroyed and no material from the samples will be kept. The contract laboratory will delete all data generated from the samples.

All mentioned samples will be processed by Zymo Research (laboratory contractor) at Mülhauser Str. 9, 79110 Freiburg im Breisgau, Germany. The received samples are coded, meaning they cannot be directly linked to you as an individual. The key to the code will be stored by Alba Health and will only be accessible by restricted personnel at Alba Health.

From the stool samples, DNA will be extracted and sequenced. We will only analyse microbial DNA and we do not analyse human DNA. The raw data will be stored in a GDPR-compliant and secure way and it will be transferred from the laboratory to Alba Health within 5 days from processing. Alba Health will store this data as previously described.

5. Receive your data and results

You can always access your submitted questionnaire data, please contact Alba Health. After we have analysed your sample results and data, you will receive a report with your sample processing results. The report will be delivered as instructed by Alba Health. This report will not have diagnostic value and will not contain any clinical diagnosis.

‍

Possible Consequences and Risks

We do not expect you, your partner nor your child(ren) to experience any discomforts nor side effects. The sample collection does not require invasive procedures, nor any discomfort. The study kit must be used as described in the instruction manual and in no other way. In case questions or any problems might arise you can always contact us directly.

‍

What Data is Collected?

We will collect and record several types of information about you, your baby and family. The data collected is listed below and necessary for us to fulfil our commitments to you as users and customers in delivering the product and services.

• Personal information about you, your baby and family.
• Questionnaire data that includes questions about gender, ethnicity, lifestyle, household and health about you, your child and your partner if applicable. Collected via the App or as instructed.
• Potential photos of your child’s stool
• Potential audio recordings of your child’s crying
• Stool sample data (bacterial DNA from the baby’s stool)

‍

Data Storage and Handling

Data collected will be stored with necessary safety measures taken to protect the data processed. This will be done in accordance with GDPR and applicable regulations to ensure that only Alba Health, our representatives and collaborators will have access. Your personal identifiable data will be completely separated from your questionnaire & health data and will not be shared with external collaborators outside of Alba Health. We store the data in the EU. In certain cases, we may engage personal data processors located outside the EU/EEA to handle the collected personal data. Before transferring personal data to these third parties, we implement appropriate protective measures to ensure they have adequate security measures in place.

The stool samples taken using the product will be shipped from your home to our contract laboratory directly (in Germany) and will be processed within one month of being received. After analysis, the samples will be destroyed and no material from the samples will be kept. The contract laboratory will delete all data generated from the samples. 

From the stool samples, DNA will be extracted and sequenced. We will only analyse microbial DNA and we do not analyse human DNA. The raw data will be stored in a GDPR-compliant and secure way and it will be transferred from the laboratory to Alba Health within 5 days from processing. Alba Health will store this data as previously described.

We are unable to set any particular time limit on the storage of your personal data, but we will keep it under regular review and ensure that it is not kept longer than is necessary.

For the purposes of the GDPR, Alba Health will be a data controller. The GDPR requires that we have a lawful basis for processing personal data about you. For this product, you have given your consent. 

According to the GDPR you have a number of rights. You have the right to access the data about you free of charge, and you can request corrections if needed. You can also ask for the deletion of your data or restrict its processing. For further info about your rights, see: https://www.imy.se/en/organisations/data-protection/this-applies-accordning-to-gdpr/the-data-subjects-rights/ 

If you want to exercise your rights or have any questions related to your rights, please contact Alba Health. The Data Protection Officer can be reached via email (see contact details below). If you are dissatisfied with how your personal data is handled, you have the right to file a complaint with the Swedish Data Protection Authority, which is the supervisory authority. The Swedish Authority for Privacy Protection can be contacted at: Address: Integritetsskyddsmyndigheten, Box 8114, 104 20 Stockholm. Phone: 08-657 61 00. Email: imy@imy.se. Website: www.imy.se

‍

What Happens to my Samples and Data?

You have the right to refuse the storage of raw bioinformatic data from your samples without providing any explanation. If you consent to the storage initially, you can later withdraw (revoke) your consent without giving a reason. In that case, your raw data will be deleted or de-identified. If you want to revoke your consent, please contact Alba Health (details below). You always have access to the submitted data, please contact Alba Health staff. You have the option not to receive any analysis results if you prefer. If you wish so, please contact Alba Health (details below).

‍

Insurance and Compensation

No insurance nor compensation is applicable for this product. 

‍

Contact Information

For inquiries related to purchases and deliveries, please contact us at hello@albahealth.co

‍