Live Long Lab Privacy Policy

Effective date: August 3, 2025

Live Long Lab, Inc. (“Live Long Lab,” “we,” “our,” or “us”) respects your privacy and is committed to protecting it through this Privacy Policy (“Policy”). This Policy explains how we collect, use, disclose, and safeguard your information when you visit livelonglab.com, use our mobile or web applications, purchase our testing services, or otherwise interact with us (collectively, the “Services”).

Note: This Policy is for informational purposes and does not constitute legal advice.

1. Scope

This Policy applies to information we collect:

Through the Services;

In email, text, and other electronic messages between you and Live Long Lab;

Through mobile and desktop applications you download that provide dedicated interaction between you and Live Long Lab; and

When you engage with us offline (e.g., at events) and we direct you to this Policy.

It does not apply to third‑party websites or services that may link to or be accessible from the Services.

HIPAA Note: While Live Long Lab and its corporate affiliates may operate as a “business associate” as the Health Insurance Portability and Accountability Act (“HIPAA”) defines that term, HIPAA does not apply to all personal information that we process.

2. Information We Collect

2.1 Information You Provide

Account & contact details (name, email, mailing address, phone number, password).

Payment information (card details, billing address) collected and processed by our payment processor (Stripe).

Health‑related information (e.g., biomarker results, questionnaires) you choose to share when using our testing services.

Communications (inquiries, survey responses, support chats, social‑media messages).

2.2 Information Collected Automatically

Device & usage data (IP address, browser type, device identifiers, pages visited, referring/exit URLs, timestamps).

Location data (approximate location from IP address; precise location only with your explicit permission).

Cookies & similar technologies (see Section 8).

2.3 Information from Third Parties

Laboratory & diagnostics partners (e.g., Labcorp) provide test results.

Wearable & health‑app integrations when you connect them to your account.

Advertising & analytics partners supply campaign performance metrics.

3. How We Use Information

We use the information we collect to:

Provide the Services (process orders, deliver lab results, maintain your account);

Personalize your experience (display biomarker trends, recommend add‑on tests);

Communicate with you about your account, purchases, and promotional offers (you may opt out of marketing at any time);

Improve and develop the Services (debug, conduct analytics, train algorithms);

Conduct research and create statistical or de‑identified insights (see Section 6);

Detect, prevent, and respond to fraud, abuse, security risks, and technical issues; and

Comply with legal obligations and enforce our Terms of Service.

Our legal bases for processing under the GDPR (where applicable) include contract performance, legitimate interests, consent, and compliance with legal obligations.

4. Interest‑Based Advertising & Analytics (Ad Carve‑Out)

We partner with third‑party advertising and analytics providers (e.g., Meta, Google) that use cookies and device identifiers to help us measure campaign performance and serve ads about our Services on other sites. We do not allow these partners to use any laboratory results, health metrics, or genetic information you provide for targeted advertising. They may receive general usage or purchase information (e.g., event timestamps, order value) that is not linked to your detailed health data.

You can manage interest‑based advertising preferences via industry opt‑out pages (e.g., youradchoices.com) or by adjusting your browser/cookie settings. See Section 8 for more detail.

5. How We Share Information

Recipient Category

Purpose

Service providers (labs, payment processors, hosting, analytics, customer‑support platforms)

Operate the Services on our behalf under confidentiality & security obligations

Medical professionals who review your results

Provide clinical interpretation and recommendations

Business partners (e.g., employer wellness programs)

Only with your consent and never your individual test results or genetic data

Corporate affiliates & successors

In connection with a merger, acquisition, or asset sale

Law enforcement / regulators

When required by law or to protect rights, safety, or property

We do not sell your personal information for monetary consideration.

6. De‑Identified & Aggregated Data

We may create, use, and share data that cannot reasonably be linked to an identified or identifiable individual (“De‑Identified Data”) by removing direct identifiers and applying technical safeguards. We may use De‑Identified Data for research, analytics, product development, marketing insights, and other commercial purposes and will not attempt to re‑identify such data.

7. Your Choices & Rights

Marketing communications: Opt out via the unsubscribe link in our emails or by contacting us.

Cookie controls: See Section 8 for how to manage cookies and analytics tools.

Access, deletion, correction (U.S. state laws): Residents of California, Colorado, Connecticut, Utah, Virginia, and other states may request to access, delete, or correct personal data, subject to verification. Submit requests to privacy@livelonglab.com.

Consumer health data (WA, NV, CT): If you reside in Washington, Nevada, or Connecticut, you may exercise additional rights regarding “consumer health data” as defined by state law, including the right to appeal a denial of your request.

GDPR/UK GDPR: EEA/UK residents have rights to access, rectify, erase, restrict, or port personal data and object to certain processing.

We will not discriminate against you for exercising any privacy rights.

8. Cookies & Similar Technologies

We and our partners use cookies, pixels, and local storage to recognize your browser or device and collect usage data (Section 2.2).

Strictly necessary cookies enable core functionality such as security and checkout.

Analytics cookies help us understand how visitors interact with the Services.

Advertising cookies personalize ads without using laboratory or genetic data (see Section 4).

Most browsers allow you to remove or reject cookies; certain features may not function without them.

9. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Policy, comply with legal obligations, resolve disputes, and enforce agreements. De‑Identified Data may be retained indefinitely.

10. Security

We employ administrative, technical, and physical safeguards designed to protect personal information. No internet transmission or storage system is completely secure, but we continuously work to protect your data.

11. International Data Transfers

We are headquartered in the United States and process data in the U.S. and other countries. If you are located outside the U.S., your information will be transferred to, stored, and processed in the United States, where privacy laws may differ. We rely on appropriate safeguards (e.g., Standard Contractual Clauses) for cross‑border transfers where required.

12. Children’s Privacy

The Services are not directed to individuals under 18, and we do not knowingly collect personal information from children under 18. If you believe we have collected such information, contact us and we will delete it.

13. Changes to This Policy

We may update this Policy from time to time. We will post the revised version with an updated “Effective date.” Material changes will be communicated via the Services or email.

14. Contact Us

If you have questions about this Policy or our privacy practices, please contact us:

Maxon LLC
30 N Gould St..
Sheridan, WY 82801 USA
Email: privacy@livelonglab.com