Privacy Policy

Last Updated: Dec 9, 2025

This Privacy Policy ("Policy") explains how Bloodwork.org ("Bloodwork.org," "we," "our," or "us") collects, uses, discloses, and protects your personal information when you use our website, platform, mobile applications, and any related services (collectively, the "Services").

This Policy applies to all users located anywhere in the world, with a primary focus on compliance with U.S. privacy requirements and general global privacy expectations. This Policy works alongside our Health Data Privacy Notice, which governs our handling of health-related data specifically.

By using the Services, you agree to the collection and use of information as described in this Policy.

If you do not agree, you must stop using the Services.

1. Information We Collect

We may collect the following categories of information:

A. Information You Provide Directly

  • Email address and account details
  • Lab results and health data (governed by the Health Data Privacy Notice)
  • Survey or questionnaire responses
  • Optional profile information
  • Messages you send to support
  • Payment information (processed by PCI-compliant third-party providers)

B. Automatically Collected Information

  • IP address
  • Device identifiers
  • Browser type
  • Operating system
  • Usage logs
  • Clickstream data
  • Session details
  • Error and crash reports
  • Cookies, tags, pixels, beacons, and similar tracking technologies

C. Information From Integrations

With your authorization, we may receive data from:

  • Wearable devices
  • Health applications
  • Third-party fitness or wellness services
  • Connected accounts

All such data is processed according to your permissions.

D. Aggregated & De-identified Data

We may create aggregated, anonymized, or de-identified datasets that cannot identify you. We may use or share these for analytics, research, or improvement.

2. How We Use Your Information

We use personal information to:

  • Provide and operate the Services
  • Deliver personalized recommendations
  • Analyze and interpret lab results
  • Maintain and secure the platform
  • Develop new features
  • Respond to customer support requests
  • Send administrative notifications
  • Process purchases and subscriptions
  • Improve user experience
  • Conduct analytics and research
  • Prevent fraud or misuse
  • Comply with legal obligations

We may also use aggregated or de-identified data for research, analytics, and product development.

3. How We Share Information

We do not sell your personal information.

We may share personal information with:

A. Service Providers

Including:

  • Cloud hosting
  • Data storage
  • Analytics
  • Customer support platforms
  • Email and notifications
  • Payment processors
  • Security providers

These providers are contractually required to protect your information.

B. At Your Direction

Such as when:

  • You export data
  • You connect third-party integrations
  • You authorize data sharing

C. Legal, Compliance, and Safety Reasons

We may disclose information:

  • To comply with laws or legal process
  • To enforce our Terms of Use
  • To investigate fraud
  • To protect public safety or the rights of Bloodwork.org or others

D. Corporate Transactions

Your information may be transferred as part of:

  • Mergers
  • Acquisitions
  • Sales of assets
  • Bankruptcy
  • Financing transactions

E. Aggregated or De-identified Data

Used for research, analytics, publications, and statistical insights.

4. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Authenticate users
  • Maintain sessions
  • Analyze usage
  • Improve performance
  • Personalize content
  • Provide certain functionality

You may manage cookies through your browser settings. However, disabling cookies may limit functionality.

5. Your Rights and Choices

Depending on your jurisdiction, you may have rights such as:

  • Access your personal data
  • Correction of inaccurate data
  • Deletion of your data
  • Withdrawal of consent
  • Data export / portability
  • Opt-out of marketing emails
  • Appeal a denied request

To exercise rights, email: support@bloodwork.org

We may require identity verification.

6. Data Retention

We retain personal information:

  • As long as needed to provide the Services
  • As required by law
  • As needed for fraud prevention or security
  • As necessary to resolve disputes

When data is no longer required, we delete or anonymize it.

7. Data Security

We use industry-standard security measures, including:

  • Encryption in transit and at rest
  • Secure hosting
  • Access controls
  • Network protections
  • Monitoring and threat detection
  • Regular security audits

No method of transmission or storage is 100% secure. We cannot guarantee absolute security.

8. International Users

Bloodwork.org is operated from the United States. If you access the Services from elsewhere, your data will be transferred to and processed in the U.S.

By using the Services, you consent to this transfer.

9. Children's Privacy

The Services are not intended for children under 18 without parental consent. We do not knowingly collect personal data from children under 13 (or 16 where applicable).

If we discover such information, we will delete it promptly.

10. Third-Party Links

The Services may contain links to third-party sites or services that we do not control. This Policy does not apply to those third-party sites.

You are responsible for reviewing their privacy policies.

11. Changes to This Policy

We may update this Policy from time to time.

Material changes may be communicated via email or in-app notices.

Continued use of the Services constitutes acceptance of the updated Policy.

12. Contact Us

For privacy questions, rights requests, or complaints:

Bloodwork.org – Privacy Department
Email: support@bloodwork.org