Privacy policy

Last updated: December 15th, 2025

Overview
BioSpectral Systems, we, us, our, respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website, purchase our products or services, interact with our content, or communicate with us. It also explains choices and rights you may have regarding your information.

Scope
This Privacy Policy applies to personal information we collect through:
A. Our website and any pages that link to this Privacy Policy
B. Purchases and transactions for products and services
C. Email and other marketing communications you opt into or otherwise receive as permitted by law
D. Customer support and business communications, including virtual meetings and calls

This Privacy Policy does not apply to third party websites, apps, or services that we do not control, even if they are linked on our site.

Personal information we collect
We collect personal information in three main ways: information you provide, information collected automatically, and information from third parties.

• Information you provide to us
  Depending on how you interact with us, you may provide:
  A. Contact details: name, email address, phone number, shipping and billing address
  B. Account details: login information if you create an account
  C. Order and transaction details: products purchased, order history, shipping details, and customer service interactions related to your order
  D. Payment related details: payment method and transaction metadata. Payment card details are typically processed by payment processors, not stored directly by us, unless you explicitly provide them through a supported payment flow
  E. Communications: messages you send through forms, email, chat, social media, SMS, or other channels
  F. Consultation, partnership, and service details: information you share when discussing services, wholesale, partnerships, audits, or other professional engagements
  G. Audio and video recordings: if we record a call or meeting, we may collect the recording and any related transcript or notes, as described in Section 8

Sensitive information will only be collected with your explicit consent and handled in accordance with applicable privacy laws. Please avoid sharing sensitive data unless necessary for the requested service. Please avoid sharing sensitive information in web forms unless it is necessary for the specific purpose of your request.

• Information collected automatically
  When you visit our site, we and our service providers may collect certain information automatically, such as:
  A. Device and usage data: IP address, browser type, device identifiers, operating system, referring URLs, pages viewed, clicks, and time spent on pages
  B. Approximate location: derived from IP address
  C. Cookie and similar technology data: as described in Section 6

This type of collection is common for ecommerce sites for security, analytics, and performance.

• Information from third parties
  We may receive information from third parties such as:
  A. Ecommerce and hosting platforms that help us operate our store and fulfill orders, for example Shopify if your purchase is made on a Shopify powered checkout
  B. Payment processors that confirm transactions and help prevent fraud
  C. Shipping and logistics providers
  D. Email and marketing platforms you interact with through signups, campaigns, and preference management
  E. Advertising and analytics providers, depending on how our site is configured
  F. Anti fraud and security providers, including form protection tools. For example, some sites use tools like hCaptcha on forms, in which case the provider may collect information to help prevent spam and abuse 

We use trusted third-party providers such as hCaptcha and Shopify. For more details, please review their privacy policies: https://www.hcaptcha.com/privacy and https://www.shopify.com/au/legal/privacy 

How we use personal information
We use personal information for purposes such as:
A. To provide products and services, including processing orders, payments, shipping, returns, and customer support
B. To communicate with you about your purchases, account, requests, or inquiries
C. To provide consultations, service engagements, and partnership discussions you request
D. To send marketing communications, product updates, and promotions where you have opted in, where an existing customer relationship supports it, or where otherwise permitted by law, and to manage your communication preferences
E. To personalize content, improve our site, and understand how our site is used through analytics and performance measurement
F. To detect, prevent, and investigate fraud, abuse, security incidents, and technical issues
G. To comply with legal obligations and enforce our terms, agreements, and policies
H. To maintain business records, including call recording records where applicable

How we disclose personal information
We may disclose personal information in the following situations:
A. Service providers: we share information with vendors who perform services for us, such as ecommerce hosting, payment processing, shipping, email delivery, analytics, customer support tools, and security, they are authorized to use information only as needed to provide services to us
B. Business transfers: if we are involved in a merger, acquisition, financing, reorganization, or sale of all or part of our business, information may be transferred as part of that transaction
C. Legal and safety: we may disclose information to comply with law, respond to lawful requests, protect rights and safety, investigate fraud, or enforce agreements
D. With your direction: we may disclose information when you ask us to, for example, if you request introductions to a partner or ask us to coordinate shipping with a specific party

We do not sell personal information in the traditional sense. If applicable law defines some sharing as a sale or sharing, you may have opt out rights as described in Section 7. 

Cookies and similar technologies
We use cookies and similar technologies to help operate our site, understand usage, remember preferences, enable ecommerce functionality, and support security. Cookies may be set by us and by third party service providers integrated into our site. You can control cookies through your browser settings and, where available, our cookie banner or preference tools. 

Some browsers offer a Do Not Track signal, but our site does not currently respond to Do Not Track signals. However, you can manage tracking preferences through our cookie banner or browser settings.

• Marketing, advertising, and your choices
  Email marketing and campaigns
  If you opt in to marketing emails, we may send you product information, educational content, and promotional offers. You can unsubscribe at any time by using the unsubscribe link in emails. You may also contact us to update your preferences. We rely on your consent for marketing communications where required by law. You can withdraw consent at any time using the unsubscribe link or by contacting us.
• Targeted advertising and analytics choices
  Depending on how our site is configured, we may use analytics and advertising tools to measure performance and help deliver more relevant ads. Where required, we provide choices through a cookie banner or opt out mechanism. Shopify also provides merchant tools for privacy settings and consent banners, if enabled on our store.
• SMS Marketing and campaigns
  If you opt in to marketing SMS', You can unsubscribe at any time by using the unsubscribe link in the SMS. You may also contact us to update your preferences.

Call recordings, virtual meetings, and transcripts
We may record calls or virtual meetings, including Zoom style calls, for purposes such as quality assurance, training, documentation of partnership discussions, customer support accuracy, and internal note taking.
A. Notice and consent: when required by law, we will provide notice or request consent before recording
B. What is collected: audio, video if applicable, shared screens if captured by the meeting platform, chat messages, and potential transcripts generated by the platform or by us
C. How used: to deliver services you requested, to maintain accurate records, and to improve our processes
D. Retention: we retain recordings for the period described in Section 11, unless a longer period is required for legal reasons or a shorter period is appropriate for the purpose
E. We store recordings on our private CRM, and sometimes on our secure Google Drive.

If you prefer not to be recorded, you may tell us at the start of the call. We will attempt to offer an alternative where practical, such as continuing without recording or moving to email.

Legal bases for processing for EEA and UK visitors
If you are located in the EEA or UK, we process your personal information when we have a legal basis, such as:
A. Performance of a contract, for example fulfilling your order
B. Legitimate interests, for example securing our site, preventing fraud, improving services, and some marketing activities where permitted
C. Consent, for example certain marketing and certain cookies
D. Legal obligation

Your privacy rights
Depending on where you live, you may have rights to:
A. Access your personal information
B. Correct inaccurate personal information
C. Delete certain personal information
D. Receive a copy of your personal information in a portable format
E. Object to or restrict certain processing
F. Opt out of certain sharing, including targeted advertising where applicable
G. Appeal decisions about your request where applicable

To exercise rights, contact us using the details in Section 14. We may need to verify your identity and your request

California notice: California residents may have additional rights under laws such as the CCPA and CPRA, including the right to know, delete, correct, and opt out of certain sharing, and the right not to be discriminated against for exercising privacy rights.

We sometimes offer loyalty programs and incentives for signing up with us. We also offer an affiliate program and any information collected in any of these ways are kept absolutely secure and you can contact us to unsubscribe anytime.

Data retention
We keep personal information as long as needed for the purposes described in this Privacy Policy, including to fulfill orders, provide services, maintain business records, comply with legal obligations, resolve disputes, and enforce agreements. We retain personal information for as long as necessary to fulfill the purposes outlined in this policy, typically no longer than 7 years, unless a longer period is required by law.

Security
We use reasonable administrative, technical, and physical safeguards designed to protect personal information. No security method is perfect, and we cannot guarantee absolute security

International transfers
If you access our site from outside the country where we operate, your information may be transferred and processed in other countries where we or our service providers operate. We take steps intended to ensure appropriate protections for such transfers where required by law.

Children
Our website and offerings are not intended for children under 13 years of age (or the age required by applicable law). We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact us so we can take appropriate steps.

Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The effective date at the top indicates when it was last updated. If changes are material, we will provide notice as required by law, for example by posting an update on our site or sending an email.

For privacy-related inquiries, please contact our Data Protection Officer at support@biospectralsystems.com

Address: 36 Windward Isle, Palm Beach Gardens, FL 33418
Phone: 800 123 4567

If you are contacting us to exercise privacy rights, please include the email address you used with our store and a description of your request.