Proviscera Privacy Policy

Effective Date: June 2025
Last Updated: 4 August 2025

Proviscera (“we,” “our,” or “us”) values your trust and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and safeguard your information when you use our website (www.proviscera.com), make purchases, or engage with our Health Assessment Assessment and related services.

By using our Site or services, you consent to the practices described in this Privacy Policy.

1. Changes to This Privacy Policy

We may update this policy from time to time to reflect changes in legal requirements or business operations. Material changes will be communicated via email (if applicable), and the “Last Updated” date will be updated. Continued use of our services constitutes your acceptance of the updated policy.

2. Information We Collect

We collect personal data through direct interactions, automated technologies, and third-party services.

2.1 Information You Provide Directly

- Full name and contact details (email, phone, address)

- Billing and shipping information

- Order and payment confirmation details (via Shopify or PayPal)

- Account details if you create one (username, password)

- Customer support messages

2.2 Health Information (If Using the Assessment)

To provide personalised supplement recommendations, we collect health data through our Health Assessment:

- Bowel movements, blood in stool, abdominal pain, urgency, night-time bathroom visits

- General wellbeing and age range

- Current medications (e.g., biologics, immunosuppressants, blood thinners)

- Liver conditions, pregnancy or breastfeeding status, previous surgeries

- Supplement usage (especially Qing Dai), duration, and recent antibiotic use

- Calprotectin test results

2.3 Technical and Interaction Data

- IP address, location data, browser type, device details

- Interaction data with our quiz and website

- Cookies, pixels, and tracking technologies (Google Analytics, Facebook Pixel)

3. How We Use Your Information

We use your personal and health-related data for the following purposes:

3.1 Primary Uses

- To fulfil and manage your orders

- To provide personalised supplement protocol recommendations

- To ensure product safety and appropriateness based on your health data

- To manage your customer account and communicate with you

- To respond to support requests

3.2 Secondary Uses

- To improve our Site, services, and quiz design

- For anonymised product research and development

- For legally compliant marketing (with consent)

- To detect, investigate, or prevent fraud and security issues

-To comply with legal obligations

4. Legal Basis for Processing

4.1 Consent

We process sensitive health data via explicit consent (checkboxes) before you take the assessment or submit information.

4.2 Legitimate Interest

We rely on our legitimate interest in delivering effective, safe, and appropriate supplement recommendations, improving services, and communicating essential product information.

5. Data Sharing and Third Parties

We only share your data with trusted partners necessary to provide our services.

5.1 Operational Partners

- Shopify: Website and e-commerce platform

- Shopify Payments, PayPal: Secure payment processing

- Manufacturing & logistics partners: To fulfil and deliver orders

- Shipping providers: UPS (US), Aramex (SA), others as required

- Omnisend: Email communications and quiz follow-ups (GDPR compliant)

- Google Cloud Platform (BigQuery): Secure data storage and analytics

5.2 Legal Obligations

We may share your data to comply with applicable laws, regulatory requirements, legal processes, or enforce our Terms of Service.

5.3 No Sale of Data

We do not sell, rent, or trade your personal or health information to third parties.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to optimise site performance, improve user experience, and deliver targeted content.

6.1 Types of Cookies

- Essential Cookies: Required for core website and quiz functionality

- Analytics Cookies: Monitor quiz and website usage

- Marketing Cookies: Used with consent for personalised ads

6.2 Management

You may manage cookie preferences via your browser or through our cookie banner. For more info, see Shopify’s cookie policy: https://www.shopify.com/legal/cookies

7. Data Security

We take data protection seriously.

7.1 Security Measures

- Data encryption in transit and at rest

- Strict access control and authentication

- Ongoing audits and monitoring

- Principle of data minimisation

7.2 Data Breaches

In the event of a breach:

- Affected individuals will be notified within 72 hours (where legally required)

- Authorities will be informed where applicable

- Rapid containment and remediation will follow

8. Data Retention and Deletion

We retain your data only as long as needed for its intended purpose, or as legally required.

- You may request deletion of your personal or health data at any time

- Anonymised, non-identifiable data may be retained for analysis

- We will confirm all deletion requests in writing within 30 days

9. Your Rights (POPIA, GDPR, CCPA)

Depending on your jurisdiction, you may have the right to:

- Access and receive a copy of your personal data

- Correct inaccurate or outdated information

- Request deletion (“right to be forgotten”)

- Object to processing

- Restrict processing under certain conditions

- Withdraw consent at any time

- Data portability (receive your data in a structured format)

- Opt out of marketing communications

To exercise your rights, contact: support@proviscera.com

10. International Data Transfers

Your data may be stored or processed in:

- United States: Google Cloud Platform

- European Union: Omnisend

- South Africa: Fulfilment operations

We use:

- Standard Contractual Clauses (SCCs)

- Adequacy decisions where applicable

- Binding corporate rules and third-party certifications to ensure compliance

11. Children's Privacy

Our services are intended for:

- General website and product use: Adults 18+

- Assessment use: Individuals aged 8+ with parental guidance

We do not knowingly collect personal data from users under 8. If you believe such data has been collected, please contact us immediately for deletion.

12. Governing Law

This Privacy Policy is governed by:

- South African law for POPIA

- European Union law for GDPR

- Other applicable local laws depending on your location

13. Contact Information

13.1 General Inquiries

Email: support@proviscera.com
Website: www.proviscera.com

13.2 Data Protection Officer (DPO)

Email: support@proviscera.com

13.3 Information Officer (for South Africa)

Email: support@proviscera.com

13.4 Customer Support

Email: support@proviscera.com

14. Complaints and Dispute Resolution

We encourage direct contact if you have any concerns. If unresolved, you may lodge a complaint with:

- South Africa: Information Regulator (POPIA)

- EU: Your local data protection authority

- US: Federal Trade Commission (FTC)