Privacy Policy

HealthX360 Solutions OÜ (“HealthX360”) respects your privacy. This Privacy Policy explains what personal data we collect (if any), why we collect it, and how we use and protect it. We emphasize that our platform is strictly educational and not a medical or clinical service. Accordingly, we do not collect any health or medical data about you. Only the minimum contact and booking information needed to provide the service is collected. This policy describes our practices in compliance with European (GDPR) and Estonian data protection laws.

Information Collected

We collect only the personal data you provide when contacting us or booking a session. This typically includes your name, email address, phone number, and any details about your topic of interest (e.g. specific questions or health condition descriptions that you share voluntarily). We do not request or record any special-category data (e.g. health status, medical history, or genetic information).

Use of Information

We use your contact details solely to arrange and conduct the session. Personal data may also be used for billing or invoicing purposes if applicable. We do not use your personal data for marketing or profiling. Any service-related emails are only about your session. We do not have a newsletter or send unrelated advertising.

Lawful Basis

The processing of your personal data is based on contractual necessity. Collecting your name and contact info is required to fulfill your session. Processing is justified under Article 6(1)(b) GDPR.

No Sensitive Data

We explicitly do not collect or store any health-related or special category data unless you voluntarily share it. We avoid processing such data altogether.

Third-Party Services

• Google Analytics: Used for anonymous usage stats. Cookies are first-party and non-identifying.
• YouCanBookMe: Used for booking. Name/email you enter is collected on our behalf. Calendly sets its own functional cookies.
• Google Ads (optional): May be used for promotional purposes with cookies for targeting. No personal data is shared.

Cookies

We only use cookies required by Google Analytics, Calendly, and cookie consent. No tracking or ad cookies are placed by us directly.

No User Account

We do not have a login or registration system. Sessions are arranged via direct contact only.

Data Retention

We keep your data only as long as necessary. You may request deletion at any time. We follow GDPR's “storage limitation” principle.

Your Rights

• Access: Request a copy of your data (Art. 15).
• Rectification: Correct inaccurate data.
• Erasure: Request deletion (right to be forgotten).
• Restriction/Objection: Limit or stop processing.
• Portability: Ask for a machine-readable export.
• Complaint: File with Estonian DPA if needed.

Data Security

We use secure email and encrypted storage. Access is limited to authorized HealthX360 personnel only. We never sell or rent your data.

Jurisdiction and Compliance

HealthX360 is based in Estonia (EU) and complies fully with GDPR and the Estonian Personal Data Protection Act. For concerns, contact us or the Estonian Data Protection Inspectorate.