Privacy Policy

1. Controller and General Information

This Privacy Policy describes how Vitastiq d.o.o. (“Vitastiq”, “we”, “us”, “our”) processes personal data in connection with the use of:

  • the Vitastiq measurement device,
  • the Vitastiq mobile application, and
  • the Vitastiq website

(collectively, the “Services”).

Vitastiq processes personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and applicable national data protection laws.

Data Controller:
Vitastiq d.o.o.
Ulica grada Vukovara 271, Zagreb. Croatia
Email: gdpr@vitastiq.com

2. Scope of Application

This Privacy Policy applies primarily to personal data generated through the use of the Vitastiq device for measurement purposes, including the storage, display, and analysis of such measurements via the mobile application.

Where applicable, this policy also governs personal data processed through the Vitastiq website, including support-related and informational interactions.

3. Categories of Personal Data

3.1 Data Provided by the User

Vitastiq may process the following personal data provided directly by users:

  • Name or chosen identifier
  • Email address
  • Age or age range
  • Gender (optional)
  • Country or region
  • Communications with customer support

3.2 Measurement and Usage Data

When using the Vitastiq device and application, the following data is processed:

  • Measurement results related to vitamins and minerals
  • Measurement timestamps
  • Longitudinal measurement history and trends
  • Application usage data associated with measurements

The measurement data generated by the Vitastiq device is not medical data and does not constitute medical diagnosis, treatment, or clinical assessment. The Vitastiq device is intended exclusively for informational and lifestyle purposes.

3.3 Technical and Website Data

Vitastiq may also process:

  • Device type, operating system, and application version
  • Anonymous identifiers
  • IP address (which may be anonymized)
  • Website interaction and log data

4. Legal Basis for Processing

Personal data is processed on the basis of the following legal grounds under GDPR:

  • Explicit consent of the user (Article 6(1)(a) and Article 9(2)(a))
  • Performance of a contract (Article 6(1)(b))
  • Legitimate interests of Vitastiq (Article 6(1)(f)), including service improvement and security
  • Compliance with legal obligations (Article 6(1)(c))

Users may withdraw their consent at any time, without affecting the lawfulness of processing prior to withdrawal.

5. Purposes of Processing

Vitastiq processes personal data for the following purposes:

  • Enabling the functionality of the Vitastiq device and mobile application
  • Displaying, storing, and analyzing measurement results and trends
  • Improving the performance, reliability, and usability of the Services
  • Providing customer support
  • Ensuring system security and preventing misuse
  • Complying with applicable legal and regulatory requirements

Vitastiq does not perform automated decision-making or profiling producing legal or similarly significant effects.

6. Data Storage and Hosting

All personal data is stored on secure servers operated by Amazon Web Services (AWS) – US EAST.

AWS acts as a data processor on behalf of Vitastiq and processes personal data solely in accordance with Vitastiq’s documented instructions and applicable data protection laws. Appropriate technical and organizational security measures are implemented.

7. International Data Transfers

Personal data may be processed on AWS infrastructure located within the European Union/European Economic Area (EU/EEA) or, where necessary, in third countries.

Where personal data is transferred outside the EU/EEA, Vitastiq ensures that appropriate safeguards are in place, including:

  • EU Standard Contractual Clauses (SCCs)
  • Supplementary technical and organizational measures

8. Data Retention

Vitastiq retains personal data for an indefinite period in order to:

  • Allow users continuous access to historical measurement data
  • Enable long-term trend analysis

Personal data is retained until:

  • The user requests deletion, or
  • Deletion is required pursuant to applicable law

9. Deletion Requests and Account Termination

Users may request the deletion of their personal data at any time.

Deletion requests must be submitted by email from the address associated with the user account to: gdpr@vitastiq.com

Following verification of the request, Vitastiq will delete or irreversibly anonymize personal data from its active systems within a reasonable timeframe, and no later than 30 days, unless a longer retention period is required by law.

Once deleted, personal data cannot be restored.

10. Disclosure of Personal Data

Vitastiq does not sell personal data.

Personal data may be disclosed only to:

  • Cloud hosting and infrastructure providers (AWS)
  • Technical, maintenance, and analytics service providers
  • Competent public authorities where required by law

All recipients are subject to appropriate confidentiality and data protection obligations.

11. Data Security

Vitastiq implements appropriate technical and organizational measures to protect personal data, including:

  • Encryption
  • Access control mechanisms
  • Secure infrastructure and monitoring

Despite these measures, no data transmission or storage system can be guaranteed to be completely secure.

12. Children’s Data

The Services are not intended for individuals under the age of 16. Vitastiq does not knowingly process personal data relating to children.

13. Data Subject Rights

Under GDPR, users have the right to:

  • Access their personal data
  • Rectify inaccurate or incomplete data
  • Request erasure of personal data
  • Restrict processing
  • Receive their data in a portable format
  • Object to processing
  • Withdraw consent at any time

Requests may be submitted to: gdpr@vitastiq.com

Users also have the right to lodge a complaint with the competent supervisory authority.

14. Amendments to This Policy

Vitastiq reserves the right to amend this Privacy Policy as necessary. Material changes will be communicated via the application, website, or other appropriate means.

15. Contact

For any questions or requests relating to data protection and privacy: gdpr@vitastiq.com

Dr. Reinhold Voll (1909–1989), a German physician and researcher, revolutionized holistic medicine by introducing Electroacupuncture according to Voll (EAV) and Electro-Dermal Screening (EDS). These innovative methods merge traditional acupuncture principles with electrical measurements to assess the body's energetic imbalances, emphasizing a holistic approach to health.