Privacy policy
Last updated:: November 15, 2025
This Privacy Policy explains how we collect, use, process, store, protect, and share data when you access or use our website, applications, and services ("Services"). By using the Services, you agree to this Policy.
Complementary Methods Disclaimer
EKA Balance services are complementary wellness services. They are not medical diagnosis or treatment and do not replace care from licensed medical or mental-health professionals.
- Do not stop prescribed medication or medical care based on website content.
- Consult your physician for medical decisions, symptoms, or health emergencies.
- If you are in immediate danger, call emergency services right away.
Data Controller
Data Protection Officer (DPO)
You may contact our DPO directly for any privacy-related inquiries, complaints, or to exercise your data protection rights.
1. Data We Collect
We collect all types of personal, technical, behavioral, and sensitive data, including but not limited to the following:
1.1 Personal Identification Data
- Full name
- Username
- Email address
- Phone number
- Postal address
- Date of birth
1.2 Sensitive & Special Category Data
We may collect special categories of personal data where permitted by law, including:
- Health information
- Physical condition, pain indicators, wellness data
- Biometric identifiers
- Mental and emotional health insights
2. Legal Basis for Processing (GDPR Article 6)
We process personal data based on the following legal grounds:
2.1 Consent (Article 6(1)(a))
We rely on your explicit consent for:
- • Marketing communications
- • Non-essential cookies
- • Processing of special categories of health data
- • Automated decision-making
2.2 Contractual Necessity
Processing is necessary for:
- • Providing services
- • Processing payments
- • Managing your account
- • Customer support
2.3 Legal Obligations
Processing is necessary to comply with:
- • Tax and accounting regulations
- • Health and safety requirements
- • Consumer protection laws
- • Data retention obligations
2.4 Legitimate Interests
We process data based on our legitimate interests:
- • Improving services
- • Fraud prevention
- • Direct marketing (soft opt-in)
- • Statistical analysis
3. Your Rights Under GDPR (Articles 12-22)
As a data subject, you have the following rights under the GDPR:
3.1 Right of Access (Article 15)
You have the right to obtain:
- Confirmation of whether we process your personal data
- Access to your personal data and information about processing purposes, categories, recipients, retention periods, and your rights
Response Time: We will respond within 30 days of receiving your request.
3.2 Right to Erasure (Article 17)
You have the right to obtain the erasure of personal data concerning you where one of the following grounds applies:
- The personal data is no longer necessary
- You withdraw consent and there is no other legal ground
- You object to processing and there are no overriding legitimate grounds
- The personal data has been unlawfully processed
3.3 Right to Data Portability (Article 20)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
Contact Information and Complaints
Data Protection Officer (DPO)
Supervisory Authority
If you are not satisfied with our response or believe your data protection rights have been violated, you have the right to lodge a complaint with the supervisory authority:
This Privacy Policy is provided in compliance with the General Data Protection Regulation (EU) 2016/679.