Back to Home

Privacy Policy

Datenschutzerklärung

1. Introduction

We are pleased that you are visiting our website and thank you for your interest in our company and services. The protection of your personal data is very important to us. Below we inform you in detail about how we handle your data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Responsible Party / Controller

Biohacker Alliance

Tautenhofer Str. 9

88299 Leutkirch

Germany

Email: hello@biohackeralliance.com

Website: biohackeralliance.com

3. Data Collection Overview

What data do we collect?

We collect the following types of data:

  • Data you provide directly (e.g., through contact forms, expert applications)
  • Automatically collected technical data (IP address, browser type, device information)
  • Usage data through analytics tools (Google Analytics, Google Search Console)
  • Cookie data (with your consent)

How do we use your data?

We use your data to:

  • Operate and improve our website
  • Process expert applications and partnership inquiries
  • Communicate with you about services and opportunities
  • Analyze website traffic and user behavior
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. Hosting & Infrastructure

Vercel (Website Hosting)

Our website is hosted by Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. Vercel automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes:

  • Browser type and version
  • Operating system used
  • Referrer URL (the previously visited page)
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR (legitimate interest in providing a functional and secure website).

More information: Vercel Privacy Policy

Supabase (Database & Backend)

We use Supabase (Supabase Inc., USA) for database storage and backend services. When you submit forms or applications, your data is stored on Supabase servers. Supabase is GDPR-compliant and uses encryption for data protection.

More information: Supabase Privacy Policy

5. Data Collection on Our Website

Expert Application Forms

When you apply to become an expert on our platform, we collect:

  • Personal information (name, email, phone number)
  • Professional information (specialization, credentials, experience, languages)
  • Location data (country, city)
  • Service delivery preferences
  • Professional bio and website URL

Legal basis: Art. 6 para. 1 lit. b GDPR (processing necessary for contract fulfillment) and Art. 6 para. 1 lit. a GDPR (consent via checkbox).

Data retention: Your application data is retained for review and, if approved, displayed in our expert directory. You can request deletion at any time by contacting us.

Partnership Application Forms

When you apply for a partnership opportunity, we collect:

  • Name and contact information
  • Availability for video calls
  • Optional message/introduction
  • Language preference

Legal basis: Art. 6 para. 1 lit. b GDPR (pre-contractual measures) and Art. 6 para. 1 lit. a GDPR (consent).

Contact Forms

If you send us inquiries via contact forms, your data from the inquiry form, including the contact data you provided, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. f GDPR (legitimate interest in responding to inquiries).

6. Analytics & Tracking Tools

Google Analytics 4

This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses cookies to help analyze how users use the site.

Data collected by Google Analytics:

  • Pages visited and time spent on pages
  • Click behavior and user interactions
  • Geographic location (country, city)
  • Device information (browser, operating system, screen resolution)
  • Traffic sources (how you found our website)
  • Demographic data (age range, gender - if available)

IP Anonymization: We have activated IP anonymization on this website. Your IP address will be shortened by Google within member states of the European Union or other parties to the Agreement on the European Economic Area before transmission to the United States.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent via cookie banner) and Art. 6 para. 1 lit. f GDPR (legitimate interest in website optimization and understanding user behavior).

Data retention: Google Analytics data is automatically deleted after 14 months.

Opt-out: You can prevent Google Analytics from collecting your data by:

More information: Google Privacy Policy

Google Search Console

We use Google Search Console to monitor and maintain our website's presence in Google Search results. Google Search Console collects data about:

  • Search queries that led users to our site
  • Click-through rates from search results
  • Website indexing status and errors
  • Performance metrics in search results

This data is aggregated and anonymized. Google Search Console does not collect personal data from individual users.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in improving our website's search visibility and user experience).

Vercel Analytics

We use Vercel Analytics for basic website performance monitoring. Vercel Analytics does not use cookies and collects only anonymized, aggregated data about page views and performance metrics.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in monitoring website performance).

7. Cookies

Our website uses cookies. Cookies are small text files that are stored on your device and saved by your browser. They do not cause any damage to your device.

Types of Cookies We Use:

Essential Cookies (Required)

These cookies are necessary for the website to function properly. They cannot be disabled.

  • Session management
  • Security and authentication
  • Cookie consent preferences

Analytics Cookies (Optional)

These cookies help us understand how visitors interact with our website.

  • Google Analytics (_ga, _gid, _gat)
  • Vercel Analytics (anonymous)

Functional Cookies (Optional)

These cookies enable enhanced functionality and personalization.

  • Language preferences
  • User interface settings

Managing Cookies: You can configure your browser to inform you about the setting of cookies and decide individually whether to accept them, or to exclude the acceptance of cookies for certain cases or in general. Please note that restricting cookies may limit the functionality of our website.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent for optional cookies) and Art. 6 para. 1 lit. f GDPR (legitimate interest for essential cookies).

8. Third-Party Services

Email Service (Resend)

We use Resend for sending transactional emails (application confirmations, notifications). When you submit a form, Resend processes your email address to deliver notifications. Resend is GDPR-compliant.

More information: Resend Privacy Policy

Content Delivery Network (CDN)

We use CDN services to deliver website content efficiently. CDNs may temporarily cache your IP address and request data for performance optimization.

9. Data Security

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security measures include:

  • SSL/TLS encryption for all data transmission (HTTPS)
  • Encrypted database storage
  • Regular security updates and patches
  • Access controls and authentication
  • Regular backups
  • Secure hosting infrastructure

Our security measures are continuously improved in line with technological developments.

10. Your Rights Under GDPR

As a data subject, you have the following rights:

Right to Information (Art. 15 GDPR)

You have the right to request information about your personal data that we process.

Right to Rectification (Art. 16 GDPR)

You have the right to request the correction of inaccurate personal data.

Right to Erasure (Art. 17 GDPR)

You have the right to request the deletion of your personal data under certain conditions.

Right to Restriction (Art. 18 GDPR)

You have the right to request the restriction of processing of your personal data.

Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used format.

Right to Object (Art. 21 GDPR)

You have the right to object to the processing of your personal data based on legitimate interests.

Right to Withdraw Consent (Art. 7 GDPR)

You can withdraw your consent at any time. The withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.

To exercise these rights, please contact us at: hello@biohackeralliance.com

11. Data Retention

We store your personal data only as long as necessary for the purposes for which it was collected:

  • Expert profiles: For the duration of your listing on our platform, plus 3 months after removal
  • Partnership applications: Until processing is complete, then archived for 1 year
  • Contact form inquiries: Until the inquiry is resolved, then deleted after 6 months
  • Analytics data: Automatically deleted by Google Analytics after 14 months
  • Server logs: Deleted after 30 days
  • Cookies: Vary by type (see cookie policy), typically 1-24 months

Legal retention periods (e.g., tax law, commercial law) remain unaffected. After these periods expire, the corresponding data is routinely deleted.

12. International Data Transfers

Some of our service providers (Google, Vercel, Supabase) are based in the United States or other countries outside the European Economic Area (EEA). Data transfers to these countries are secured through:

  • Standard Contractual Clauses (SCCs) approved by the EU Commission
  • Adequacy decisions by the EU Commission
  • Privacy Shield certification (where applicable)
  • Additional technical and organizational measures

We ensure that all international data transfers comply with GDPR requirements and provide adequate protection for your personal data.

13. Children's Privacy

Our website and services are not directed to children under the age of 16. We do not knowingly collect personal data from children. If you believe that we have inadvertently collected information from a child, please contact us immediately, and we will delete such information.

14. Changes to This Privacy Policy

We reserve the right to update this privacy policy to reflect changes in our practices or for legal, operational, or regulatory reasons. The current version is always available on this page. Material changes will be communicated through a prominent notice on our website.

We encourage you to review this privacy policy periodically to stay informed about how we protect your data.

15. Contact & Questions

If you have questions about this privacy policy, how we handle your data, or wish to exercise your rights, please contact us:

Biohacker Alliance

Tautenhofer Str. 9

88299 Leutkirch, Germany

Email: hello@biohackeralliance.com

Last updated: February 24, 2026

Version: 2.0