BioNova Health (referred to as “” “we,” “our,” or “us”), we are fully committed to safeguarding the personal data of our clients, website visitors, and any individuals whose information we collect, use, transfer, or process. Protecting your privacy and data rights is a top priority for us.
This Privacy Policy outlines how we handle your personal data in accordance with the
General Data Protection Regulation (GDPR), which came into force on
May 25, 2018. As a data controller, we are legally obligated to ensure that the personal data of EU citizens is processed in full compliance with GDPR principles.
We have created this Privacy Policy to clearly explain what personal data we collect, how we process it, and the steps we take to keep it secure.
1. Key Definitions●
Personal data: Any information that identifies you directly or indirectly, such as your name, ID, IP address, phone number, or location.
●
Sensitive data: Categories of personal data revealing racial or ethnic origin, religious beliefs, health information, or biometric data.
●
Processing: Any operation involving personal data—such as collection, use, storage, or transmission.
●
Consent: Your freely given, specific, and informed agreement to process your data.
●
Controller: BioNova Health, which determines the purposes and means of processing personal data.
●
Processor: Third parties that process data on our behalf, based on our instructions.
2. Scope of This Privacy PolicyThis Privacy Policy applies to personal data collected from:
- Visitors to our website: http://bionova.health/
- Clients and individuals inquiring about our services
- Former clients who have used our services in the past
3. Data Controller and Contact DetailsBioNova Health acts as the
data controller, meaning we determine the purpose and manner of processing your personal data.
For any questions regarding this policy or your personal data, you can contact us at:
BioNova Health
Hemingvejeva 6, Beograd 11080
Email: info@
bionova.healthOur
Data Protection Officer (DPO) is
Ivan Lisin, who can also be reached at the above email address for matters related to your data rights (see Section 8).
4. Data ProcessorsWe collaborate with several third-party service providers that process personal data on our behalf:
●
Facebook Pixel –
facebook.com/business●
Google Analytics –
analytics.google.com●
amoCRM –
amocrm.com●
AdriaHost –
adriahost.rs●
Tilda Publishing –
tilda.ws●
Mailchimp –
mailchimp.com●
Jivosite –
jivosite.ruEach processor operates under a contract that complies with
Article 28 of the GDPR and follows our data protection requirements.
5. How We Collect Your DataWe collect your personal data through the following means:
Website Visitors:
- Anonymous browsing data (via Google Analytics and Facebook Pixel)
- Contact form submissions (name, email, phone number, country, inquiry details)
Clients & Inquiries:
- Information you voluntarily provide when inquiring about our services
Referrals:
- Data provided by third parties (e.g., a family member contacting us on your behalf)
6. Purpose of Data CollectionWe process your personal data to:
● Respond to inquiries and provide requested services
● Improve our website and user experience
● Meet legal obligations and ensure system security
7. Data RetentionWe retain personal data only for as long as needed to fulfill the purposes for which it was collected. In some cases, data may be retained for up to
three years for legal, administrative, or research purposes.
You may request the deletion of your data at any time (see Section 8).
8. Your Rights Under GDPRAs a data subject, you have the following rights:
●
Access – Request information about what data we hold about you
●
Correction – Request updates to incorrect or outdated data
●
Erasure – Request deletion of your personal data
●
Restriction – Limit how we process your data
●
Data Portability – Receive your data in a structured, readable format
●
Objection – Object to processing for specific purposes, such as marketing
●
No Automated Decisions – Refuse profiling or automated decisions that affect you
●
Withdraw Consent – Withdraw your consent at any time
To exercise these rights, email us at info@
bionova.health9. Data SecurityWe implement appropriate security measures to protect your data, including:
● Encryption of personal data
● Restricted access to servers and databases
● Regular system and software updates
10. Sharing and Legal DisclosureWe do
not sell or share your data without your consent, except in specific cases:
● To comply with legal obligations (e.g., court orders)
● To protect vital interests in emergencies
● To meet insurance or regulatory requirements
● In the event of a business transfer or acquisition
11. International Data TransfersBioNova Health operates in
Serbia, and plans to expand globally. Before transferring your personal data to Serbia or other countries, we will:
● Inform you of the transfer
● Request your
explicit consent● Ensure data is handled securely and in compliance with GDPR
12. Automated Decision-MakingWe do not engage in automated decision-making that significantly affects you. All important decisions are made with human oversight unless otherwise required by law and clearly communicated.
13. Policy UpdatesIf we plan to use your data for any new purposes not outlined in this Privacy Policy, we will notify you and, where necessary, seek your consent.
We may update this Privacy Policy from time to time. Any changes will be published on our website, along with a visible notice highlighting the update.