Image

Contact us

Please contact us using the form below or by sending an email to info@evogenom.com.
We are happy to answer any questions you may have!
You can reach us at

info@evogenom.com

Address:
Kauppakatu 39  40100 Jyväskylä

Business ID:
2786426-3

Our customer service will be closed during the Christmas week, from December 22nd to December 28th. You can leave your message through the form, and we’ll get back to you as soon as possible.

Contact us
Privacy Policy
Evogenom Privacy Policy

Effective Date: 15 September 2025
 Last Updated: 15 September 2025

Introduction

At Evogenom Oy (“Evogenom”, “we”, “us”, “our”), your privacy and trust are central to everything we do. We know you are sharing some of your most personal information with us – including genetic and wellness data – and we take that responsibility very seriously.

This Privacy Policy explains what data we collect, why we collect it, how long we keep it, who we share it with, and what rights you have.

In short: we only collect the information we need to provide you with our services, improve them, and meet legal obligations. We never sell your personal data to advertisers, insurers, or employers.

1. Who We Are

Evogenom Oy is the controller of your personal data under the General Data Protection Regulation (GDPR).

Contact:
 Evogenom Oy
 Kauppakatu 39, 40100 Jyväskylä, Finland
 Email: privacy@evogenom.com

If you have any questions or requests about your data, please contact us. You also have the right to contact the Finnish Data Protection Ombudsman (Tietosuojavaltuutetun toimisto, tietosuoja@om.fi, PL 800, 00531 Helsinki, Finland).

We are a Finnish company, and your data is protected under some of the strictest privacy laws in the world.

2. What This Policy Covers

This Privacy Policy applies to:

  • Our website and webshop
  • Our DNA testing kits and laboratories
  • Our app and EvoCoach AI
  • Any related services where this policy is shown

This Privacy Policy does not cover third-party websites linked from our services.

If you click on a link that takes you to another company’s website, their privacy practices apply, not ours.

3. What Data We Collect and Why

We collect different categories of data depending on how you use our services.

Identification data
 Examples: name, email, postal address, account details

  • Why: to deliver services, handle your orders, and communicate with you
  • Legal basis: contract (GDPR 6(1)(b))
  • How long: deleted after your account is closed, unless law requires longer retention

Genetic data
 Examples: genotyping results from your saliva sample

  • Why: to generate your DNA reports
  • Legal basis: explicit consent (GDPR 9(2)(a))
  • How long: stored for up to 5 years so you can access reports or order add-ons. Before this period ends, we will contact you to ask if you wish to extend consent for continued storage. If you renew consent, your data will be kept for another 5 years (and so on). If you do not respond or withdraw consent, your data will be deleted.
  • Your control: you can ask us to delete your genetic data at any time

Biological samples
 Examples: saliva samples

  • Why: to perform the test
  • Legal basis: explicit consent (GDPR 9(2)(a))
  • How long: destroyed within 4 months after analysis

Payment data
 Examples: card and transaction info

  • Why: to process payments
  • Legal basis: contract and legal obligation (GDPR 6(1)(b),(c))
  • How long: stored up to 10 years (Finnish bookkeeping law)

Lifestyle & wellness data
 Examples: survey responses, inputs in EvoCoach

  • Why: to provide personalised recommendations
  • Legal basis: consent or legitimate interest (GDPR 6(1)(a),(f))
  • How long: stored while your account is active

Technical data
 Examples: IP address, device details, logs

  • Why: to ensure service security and improve our app and website
  • Legal basis: legitimate interest (GDPR 6(1)(f))
  • How long: typically up to 12 months

Marketing & communication data
 Examples: email address, communication preferences

  • Why: to send you news, offers, and updates (only with your consent)
  • Legal basis: consent (GDPR 6(1)(a))
  • How long: until you withdraw consent (unsubscribe link in every email)

We never collect more than necessary and you are always in control of your consents.

4. How We Collect Data

  • Directly from you (orders, account setup, app usage)
  • From your sample (analysis in certified labs)
  • Automatically (cookies, analytics, app interactions)

You decide what to share. We explain each step clearly before you give consent.

5. How We Use Your Data

We use your data to:

  • Deliver DNA testing services and genetic reports
  • Provide personalised coaching and app features
  • Support you and respond to inquiries
  • Improve our services (with anonymised or aggregated data)
  • Send marketing (only with your consent — unsubscribe anytime)
  • Meet legal obligations (e.g. accounting, consumer protection, law enforcement)

No surprises your data is used only for the purposes you agreed to.

6. Sensitive Genetic Data & Consent

Genetic data is considered “special category” data under GDPR.

  • We only process it with your explicit opt-in consent when you register your kit.
  • You can withdraw consent at any time. Withdrawing consent stops further processing and we delete your genetic data (unless legal obligations require us to keep certain records).

Your DNA belongs to you. You are always in control.

7. How We Share Data

We do not sell your data.

We may share it with:

  • Laboratories – only with coded IDs, never your name
  • Service providers – e.g. secure hosting (Azure in Finland/EU), app infrastructure
  • Payment providers – e.g. Stripe
  • Marketing/email tools – e.g. MailChimp, Meta, Stape, Zapier (minimal data)
  • Research partners – only with your explicit, separate consent
  • Legal authorities – only if required by law

Even when we share data with trusted partners, we limit it to the minimum necessary and bind them to strict confidentiality contracts.

8. International Transfers

  • We aim to process all sensitive genetic data within the EU/EEA.
  • If data must be transferred outside (e.g. to a US service provider), we use EU-approved safeguards such as Standard Contractual Clauses.

In plain terms: your data stays in the EU unless there is no other option — and even then, it is protected by strict legal contracts.

9. Data Retention

  • Account data: while your account is active
  • Genetic data: up to 5 years, unless deleted earlier by you
  • Saliva samples: destroyed within 4 months after analysis
  • Financial/accounting data: up to 10 years (Finnish law)
  • Backups/logs: only as long as needed for security

Once anonymised (so it can no longer be linked to you), data may be used for scientific or statistical purposes. GDPR no longer applies to anonymised data.

You can always ask us to delete your identifiable data. What remains may only be anonymised statistics, with no link back to you.

10. Your Rights

You have the right to:

  • Access the data we hold about you
  • Request correction or deletion
  • Restrict or object to processing
  • Withdraw consent at any time
  • Request data portability
  • Opt out of marketing
  • File a complaint (in Finland: Data Protection Ombudsman)

We will respond to your requests promptly and fairly. To exercise your rights, contact privacy@evogenom.com.

11. Children’s Privacy

  • Our services are not directed at individuals under 18.
  • We do not knowingly collect personal data from minors.
  • If we learn that data was collected from someone under 18 without consent, we delete it immediately.

12. Cookies & Tracking

We use cookies and similar technologies to:

  • Operate our website
  • Analyse usage and improve performance
  • Personalise your experience

You can manage cookies via our Cookie Banner or your browser settings.

13. Advertising and Analytics

We use advertising and analytics tools to understand how visitors use our website and to improve the relevance of our advertising. These tools help us measure campaign performance, develop our services, and provide you with a better experience. Processing is based on your consent (Article 6(1)(a) GDPR), which you can give or withdraw at any time through our cookie banner or browser settings.

Meta Platforms

When you consent, Meta’s advertising tools (such as the Meta Pixel and Conversions API) allow Meta Platforms Ireland Ltd. to receive event data from interactions on our website, for example, when you view a page or complete a purchase. We may also share pseudonymised purchase or event data with Meta to measure the effectiveness of our advertising. This information is pseudonymised before transfer (for example, hashed identifiers such as name, email address, or phone number) and used only for aggregated measurement and ad optimisation. Meta may combine this information with other data it holds about you to display relevant advertising on Meta services. Learn more at facebook.com/privacy/policy.

Google Tools and Platforms

With your consent, we use Google Analytics and Google Ads (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland) to analyse website usage and measure the performance of our advertising. Google Analytics collects pseudonymised information such as device type, pages visited, and browsing duration. IP anonymisation is enabled, meaning your IP address is shortened within the European Economic Area before being processed or transferred. You can change or withdraw your consent at any time through our cookie settings. Learn more at policies.google.com/privacy.

International Transfers

Data processed by Meta or Google may be transferred to the United States. Such transfers take place under the EU–U.S. Data Privacy Framework or the European Commission’s Standard Contractual Clauses, which ensure data protection.

U.S. Residents

If you are a resident of the United States, you may exercise your right to opt out of the sharing of personal information for cross-context behavioural advertising by adjusting your cookie preferences or contacting privacy@evogenom.com.

14. Security

We use strong technical and organisational measures, including:

  • Encryption in transit and at rest
  • Secure lab handling and coded identifiers
  • Strict access controls
  • Regular reviews and staff confidentiality obligations

15. Automated Decisions & AI

Our EvoCoach AI provides personalised suggestions based on your genetic and lifestyle data.

  • EvoCoach is for informational and wellness purposes only.
  • Accuracy is less than 100%, and results are not medical advice.
  • We do not make automated decisions with legal or financial effects.

AI helps make your data useful day-to-day, but the final choices are always yours.

16. Changes to This Policy

We may update this Privacy Policy to reflect new laws, services, or practices.

  • Updates will be posted on our website.
  • Significant changes will be communicated directly via email or in-app notification.

17. Contact Us

Evogenom Oy
 Kauppakatu 39, 40100 Jyväskylä, Finland
 Email: privacy@evogenom.com

Data Protection Authority:
 Tietosuojavaltuutetun toimisto
 tietosuoja@om.fi
 PL 800, 00531 Helsinki, Finland