Privacy Policy

Last updated: August 5, 2025

Scope

This privacy policy applies to all services of Lifechaingers Holding B.V. and its licensees. It describes how we collect, use, and protect your personal data. Different sections apply depending on how you use our services.

🌐 Website Visitors

Sections 1-3 apply to all website visitors

📱 Bobbai App Users

All sections apply, including app-specific provisions

🌐1. Website Privacy (all visitors)

1.1 Data we collect via the website

  • Contact form data (name, email, phone number)
  • Website analytics (anonymized)
  • Cookies and similar technologies
  • IP address and browser information

1.2 How we use website data

  • Responding to contact requests
  • Improving website functionality
  • Analyzing website usage (anonymized)
  • Sending requested information

1.3 Cookies

We use cookies for website functionality and analytics. You can find more information in our Cookie Policy for more details.

📱2. Bobbai App Privacy (app users)

🔒 Privacy-first approach

Bobbai does NOT store medical data. We are a communication tool, not a medical system.

2.1 What data do we collect:

  • Name and contact details for app account
  • Email address for app communication and authentication
  • User preferences and app settings
  • User Profile (personal biography and communication preferences/style)
  • Subscription information and payment data
  • App analytics (anonymized)
  • Monitoring data for support and ensuring continuity
  • Transcribed conversations (text only, no audio)

2.2 Voluntary Profile Creation

App users can voluntarily create a user profile to receive better AI suggestions. This profile consists of, for example:

  • Personal biography (background, interests, important events)
  • Communication Preferences (short/long, formal/informal, B1/B2/C1)
  • Cultural context (Dutch/Turkish/Moroccan expressions)
  • Conversation topics (family, work, faith, sports)

Important

  • This profile is completely optional
  • You can always delete it
  • It contains no medical information

2.3 GDPR-compliant Data Processing & Product Innovation

Legal basis for processing

  • Contractual obligation (Art. 6.1.b GDPR): For delivering the app service
  • Legitimate interest (Art. 6.1.f GDPR): For app improvement, technical support, and transcription (in some cases)
  • Consent (Art. 6.1.a GDPR): For user profile, transcription, and marketing

Use of anonymized data for innovation

Developing innovative technology like Bobbai requires continuous investment in research and improvement. By using Bobbai, you consent to us using anonymized and aggregated data for:

  • Analysis of trends and patterns for scientific insights
  • Improvement of AI models and algorithms
  • Development of new products and services
  • Marketing analysis based on anonymous statistics

Belangrijk: This consent only applies to fully anonymized data where your identity cannot be traced. Your personal data is never shared or sold.

This consent is connected to the intellectual property rights of Lifechaingers Holding B.V. and its licensees. The use of anonymized data is a condition for making Bobbai available.

Retention periods

  • Account data: As long as account is active + 1 year after cancellation
  • Analytics: Maximum 2 years (anonymized)
  • User profile: Until user deletes it
  • Monitoring data: Maximum 90 days for technical support
  • Transcribed conversations: As long as account is active, unless deleted earlier by user
  • Payment data: 7 years (legal obligation)

2.4 What We Do Not Store

  • No medical diagnoses or medical history
  • No symptoms or medical complaints
  • No medication or treatment information
  • No speech recordings
  • No automatic inference of medical conditions

🔄4. How we use data

🌐 Website data

  • Responding to contact requests
  • Sending requested information
  • Website functionality and analytics
  • Improving user experience

📱 App data

  • Delivering the app service
  • Generating AI suggestions
  • Improving app functionality
  • Technical support
  • Billing and payment processing

🔒5. Data Protection & Your Rights

5.1 Data Sharing

We only share your personal data in the following cases:

  • With trusted service providers who help us deliver our services
  • When legally required or to protect our rights
  • In case of business acquisition or merger (with prior notice)

Technical and organizational measures:

🔐 Authentication

Strong authentication via trusted providers with Multi-Factor Authentication (MFA) support

🔒 Encryption

End-to-end encryption of all data, both stored and during transmission via TLS

📊 Data Minimization

We only process the strictly necessary data for our service delivery

🤖 AI Safeguards

Human oversight for all important decisions - never fully automated

🌍 Data Location

All personal data remains within the European Economic Area (EEA)

🏢 Supplier Management

Collaboration only with suppliers having ISO 27001, SOC 2 or HIPAA certification

🛡️ Infrastructure

Protection by advanced Web Application Firewall (WAF) against known threats

💾 Backup

Daily backups with maximum 24-hour data loss (RPO)

🔀 Environment Separation

Strictly separated development, test, and production environments

🔓 Open-source Technology

Use of robust open-source technologies for continuity and independent management

Confidentiality and Non-Disclosure

We treat all information we receive from you as strictly confidential. This includes all non-public information about your use of Bobbai, your business operations, processes, and personal data.

  • We never share personal information with third parties without your explicit consent
  • Confidential information is only used for the purposes of our service delivery
  • Disclosure only when legally required
  • We inform you in advance if we are required to share information (unless legally prohibited)

8.1 Data return

Upon your request or termination of your account, we will return or destroy all your confidential information and personal data (subject to legal retention obligations). This does not apply to already anonymized datasets.

5.5 Your Rights

Under GDPR you have the following rights:

  • Right to access your personal data
  • Right to rectification of incorrect data
  • Right to erasure of your data
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing

📋6. Data Processing Agreement (DPA)

For organizations that need a formal data processing agreement, we offer a fully GDPR-compliant Data Processing Agreement (DPA). Contact us for more information.

7. Changes

We may update this privacy policy from time to time. We will notify you of important changes in advance via email or a notification in the app.

8. Contact Us

For questions about this privacy policy or your rights, you can contact us:

Lifechaingers B.V.
Email: support@lifechaingers.com
Phone: +31 6 12873843