Legal & Data Protection

Welcome to Zaffire's Privacy and Legal Center.

We take your privacy seriously and want you to feel confident in how we collect, use and protect your personal health data.

1. Data Usage Overview

Zaffire collects and processes a limited set of personal data to enable core functionality and support your health experience. This includes:

  • Account information (e.g., name, email)
  • Uploaded files (e.g., blood test PDFs)
  • Technical and usage data (e.g., page views, device type)

We do not sell personal data. All processing is purpose-limited and compliant with EU law.

2. GDPR and Your Rights

As a user based in the European Union, you have specific rights under the General Data Protection Regulation (GDPR), including:

  • The right to access the personal data we store
  • The right to correct or update inaccurate information
  • The right to delete your account and associated data
  • The right to restrict or object to certain types of processing
  • The right to request a copy of your data in a transferable format

To exercise any of these rights, contact us at: support@zaffire.com.

3. Data Security Measures

Zaffire applies industry-standard security protocols to protect your data, including:

  • Encrypted data storage
  • Secure authentication and access control
  • Regular security audits and compliance checks
  • Role-based permissions for internal access

Only authorized personnel have access to sensitive data, and only when required.

4. Cookies and Consent

We use a minimal set of cookies to ensure platform stability, understand user behavior, and support security. Cookie categories:

  • Essential: required for the application to function
  • Functional: remembers your settings and preferences
  • Analytics: helps us improve the product through anonymous usage data

You can manage cookie preferences at any time from the [Cookie Settings] page.

5. Third-Party Services

Zaffire works with selected processors to deliver and maintain our platform. These services are GDPR-compliant and contractually limited in data use.

Examples include:

  • Identity and login management (e.g., Auth0)
  • Hosting infrastructure
  • Optional analytics tools (disabled by default unless consent is given)

A full list of sub-processors is available upon request.

6. Legal Contact

If you have legal questions or require documentation, please contact our data protection team:

legal@zaffire.comor use the general support address: support@zaffire.com

7. Last Update

This notice was last reviewed on 10 September 2025.

Substantive updates will be reflected here and communicated when necessary.