Privacy policy

Last updated:November 15, 2025

This Privacy Policy explains how we collect, use, process, store, protect, and share data when you access or use our website, applications, and services ("Services"). By using the Services, you agree to this Policy.

Data Controller

Name:Olena Kucherova Dryzhak (EKA Balance)
Address:Calle Plata 1, 08191 Rubí, Barcelona, Spain
Phone:+34 658 867 133
Email:legal@ekabalance.com

Data Protection Officer (DPO)

Name:Olena Kucherova Dryzhak
Address:Calle Plata 1, 08191 Rubí, Barcelona, Spain
Email:dpo@ekabalance.com
Phone:+34 658 867 133

You may contact our DPO directly for any privacy-related inquiries, complaints, or to exercise your data protection rights.

1. Data We Collect

We collect all types of personal, technical, behavioral, and sensitive data, including but not limited to the following:

1.1 Personal Identification Data

  • Full name
  • Username
  • Email address
  • Phone number
  • Postal address
  • Date of birth

1.2 Sensitive & Special Category Data

We may collect special categories of personal data where permitted by law, including:

  • Health information
  • Physical condition, pain indicators, wellness data
  • Biometric identifiers
  • Mental and emotional health insights

2. Legal Basis for Processing (GDPR Article 6)

We process personal data based on the following legal grounds:

2.1 Consent (Article 6(1)(a))

We rely on your explicit consent for:

  • • Marketing communications (emails, newsletters, promotional offers)
  • • Non-essential cookies and tracking technologies
  • • Processing of special categories of health data (Article 9(2)(a))
  • • Automated decision-making and profiling activities

You may withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

2.2 Contractual Necessity (Article 6(1)(b))

Processing is necessary for:

  • • Providing our wellness services as requested
  • • Processing payments and managing bookings
  • • Creating and managing your user account
  • • Delivering customer support and responding to inquiries

2.3 Legal Obligations (Article 6(1)(c))

Processing is necessary to comply with:

  • • Tax and accounting regulations
  • • Health and safety requirements
  • • Consumer protection laws
  • • Data retention obligations

2.4 Legitimate Interests (Article 6(1)(f))

We process data based on our legitimate interests, which include:

  • • Improving and optimizing our services and website performance
  • • Preventing fraud and ensuring network security
  • • Direct marketing to existing customers (soft opt-in)
  • • Statistical analysis and service improvement

We conduct balancing tests to ensure our legitimate interests do not override your fundamental rights and freedoms.

3. Your Rights Under GDPR (Articles 12-22)

As a data subject, you have the following rights under the GDPR:

3.1 Right of Access (Article 15)

You have the right to obtain:

  • • Confirmation of whether we process your personal data
  • • Access to your personal data and information about processing purposes, categories, recipients, retention periods, and your rights

Response Time: We will respond within 30 days of receiving your request.

3.2 Right to Erasure ('Right to be Forgotten') (Article 17)

You have the right to obtain the erasure of personal data concerning you where one of the following grounds applies:

  • • The personal data is no longer necessary for the purposes for which it was collected
  • • You withdraw consent and there is no other legal ground for processing
  • • You object to processing and there are no overriding legitimate grounds
  • • The personal data has been unlawfully processed

3.3 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller where:

  • • The processing is based on consent or contractual necessity
  • • The processing is carried out by automated means

Exercising Your Rights

To exercise any of your rights, please contact us:

Email:dpo@ekabalance.com
Mail:Data Protection Officer, Calle Plata 1, 08191 Rubí, Barcelona, Spain
Phone:+34 658 867 133

Verification: We may request additional information to verify your identity before processing your request. This is to protect your personal data from unauthorized access.

Contact Information and Complaints

For privacy inquiries, exercising your rights, or making complaints:

Data Protection Officer (DPO)

Name:Olena Kucherova Dryzhak
Email:dpo@ekabalance.com
Phone:+34 658 867 133
Address:Calle Plata 1, 08191 Rubí, Barcelona, Spain

The DPO is your primary contact for all data protection matters and will respond to your inquiry within 30 days.

Supervisory Authority

If you are not satisfied with our response or believe your data protection rights have been violated, you have the right to lodge a complaint with the supervisory authority:

Agencia Española de Protección de Datos (AEPD)
C/ Jorge Juan, 6, 28001 Madrid, Spain
Website: www.aepd.es
Phone: +34 901 100 099 / +34 91 266 35 17

You may also contact the supervisory authority in your country of habitual residence or place of work.

This Privacy Policy is provided in compliance with the General Data Protection Regulation (EU) 2016/679.

Book now