Skip to main content
BioMedli
BioMedli
How it WorksFeaturesPrivacyPricing
Log in

Legal and Compliance

Privacy Notice

This notice explains how BioMedli handles personal and health-related data across consumer and business use cases.

Last updated: February 27, 2026

On this page

  1. Overview
  2. Data We Collect
  3. How We Use Data
  4. GDPR Lawful Bases
  5. US State Privacy Rights
  6. UK Privacy Wording
  7. Data Sharing and Processors
  8. Retention and Deletion
  9. Security and HIPAA Controls
  10. International Transfers
  11. Your Rights
  12. Children's Privacy
  13. Policy Changes
  14. Contact

Overview

BioMedli is operated by Terramedici LifeSciences LLP ("BioMedli," "we," "our," or "us"). We are committed to privacy by design, data minimization, and accountable processing. This Privacy Notice applies to our websites, applications, and support channels.

Data We Collect

Depending on usage, we may collect:

  • Account data: name, email, authentication identifiers, and organization details.
  • Health-related data: uploaded reports, extracted biomarkers, trend data, and user-entered health notes.
  • Technical data: IP address, device/browser metadata, logs, diagnostics, and usage analytics.
  • Support data: inquiries, attachments, and communication history.
  • Billing data: subscription metadata via payment processors (we do not store full card numbers).

How We Use Data

  • Provide, maintain, and improve the Service.
  • Parse and normalize reports, generate trend views, and return analysis results.
  • Authenticate users and secure accounts.
  • Respond to support, legal, and compliance requests.
  • Monitor abuse, fraud, threats, and policy violations.
  • Comply with legal obligations and enforce our agreements.

GDPR Lawful Bases

For EEA/UK users, we process personal data on one or more of the following bases:

  • Performance of a contract with you.
  • Consent, where legally required (including certain analytics/cookie use).
  • Legitimate interests (for security, product quality, and service reliability).
  • Compliance with legal obligations.

US State Privacy Rights

Residents of certain US states (including California, Colorado, Connecticut, Utah, Virginia, and other states with similar laws) may have rights to access, correct, delete, and port personal data, and to opt out of certain processing such as targeted advertising, sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects.

  • Right to know/access categories and specific pieces of personal data we process.
  • Right to correct inaccurate personal data.
  • Right to request deletion, subject to legal exceptions.
  • Right to data portability for data you provided to us.
  • Right to non-discrimination for exercising privacy rights.
  • Right to appeal certain denied requests where required by state law.

We do not sell personal data and do not share personal data for cross-context behavioral advertising as defined under California law. To submit or appeal a request, contact support@biomedli.com.

UK Privacy Wording

For UK users, personal data is processed in accordance with UK GDPR and the Data Protection Act 2018. You may exercise rights of access, rectification, erasure, restriction, data portability, and objection, subject to legal limitations.

If you have unresolved concerns, you may lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint.

Data Sharing and Processors

We share data only when necessary with vetted providers, such as:

  • Cloud hosting and storage providers.
  • Authentication, logging, and security monitoring providers.
  • Customer support and communications providers.
  • Payment processors for subscriptions.
  • AI and document-processing subprocessors under contractual privacy restrictions.

We do not sell personal data. We do not share identifiable health data for third-party advertising. We may disclose information where required by law, court order, or valid legal process.

Retention and Deletion

We retain data only for as long as necessary to provide the Service, comply with legal requirements, resolve disputes, and enforce agreements. You may request account deletion and data erasure via the application controls or by contacting support.

After account deletion, primary records are removed according to our deletion workflows. Limited encrypted backups may persist for a short retention window before automated purge.

Security and HIPAA Controls

BioMedli uses layered administrative, technical, and physical safeguards, including:

  • Encryption in transit (TLS) and at rest.
  • Access controls and least-privilege permissions.
  • Segregated environments, logging, and incident response processes.
  • Data minimization and pseudonymization where feasible.

We support HIPAA-aligned operating practices. If your use requires HIPAA-regulated processing as a covered entity or business associate, you may need a signed BAA before uploading regulated PHI.

International Transfers

Where personal data is transferred across borders, we apply appropriate safeguards, including contractual commitments such as standard contractual clauses (where applicable) and security controls designed to protect data in transit and at rest.

Your Rights

Subject to local law, you may request:

  • Access to personal data we hold about you.
  • Correction of inaccurate or incomplete data.
  • Deletion of personal data.
  • Restriction or objection to certain processing.
  • Data portability for data provided by you.
  • Withdrawal of consent where processing relies on consent.

To submit a request, email support@biomedli.com. You may also have a right to lodge a complaint with your local supervisory authority.

Children's Privacy

The Service is not directed to children under 13 (or higher age thresholds where required by local law). If you believe a child provided personal data without proper authorization, contact us so we can review and remove the data where appropriate.

Policy Changes

We may update this Privacy Notice periodically. Material updates will be posted on this page and, where required by law, notified through in-product communication or email.

Contact

For privacy, security, or compliance questions, contact support@biomedli.com.

Related pages: Terms of Service, Conditions of Use, and Cookie Policy.

BioMedli
BioMedli

Turning scattered lab reports into a unified health timeline. Private by default. User-owned data.

All Systems Operational

Product

  • How It Works
  • Features
  • Pricing
  • Upload Guide
  • Changelog

Support

  • Help Center
  • Safety
  • Contact
  • Upload Guide

Legal

  • Privacy
  • Terms
  • Conditions
  • Cookie Policy

© 2026 Terramedici LifeSciences LLP. All rights reserved.

BioMedli is an educational tool, not a diagnostic device or emergency service. Always consult with a qualified healthcare professional.