Privacy Policy

How Lifespan Solutions collects, uses, shares and protects your personal data — what we actually track, who processes it, and the rights you have under the GDPR and Swiss data protection law.

Effective: 16 June 2026

This Privacy Policy describes how Lifespan Solutions ("we", "us", "our") handles personal data when you use our website, applications and related services (together, the "Platform"). We respect your privacy and collect only what we need to run the Platform. Our Terms of Use govern your use of the Platform, and our Medical Disclaimer explains the limits of the health information we publish.

Who we are (data controller)

Lifespan Solutions is a discovery and booking platform for longevity and preventive health. We connect you to independent clinics, treatments, supplements, science content and events — we are not a healthcare provider.

For data we process about visitors and users of the Platform, Lifespan Solutions is the data controller under the EU/UK General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP). Where you book or order from an independent clinic or brand, that provider is a separate, independent controller for the data it collects to deliver its services (including any medical data).

What data we collect

Data you provide

  • Contact & messages: when you use our contact form or email us, we collect your name, email address and the content of your message.
  • Newsletter: if you subscribe, we collect your email address.
  • Account, bookings & orders: if you create an account or book/order through the Platform, we collect the details needed for that request (e.g. name, contact details, the clinic or product, appointment times and transaction records).
  • Reviews & content: any reviews, ratings or comments you choose to submit.
  • Health-related information: only if you voluntarily share it (e.g. in a message or intake question). We do not require health information to browse the Platform and process it only with your explicit consent.

Data collected automatically

  • Log data: our hosting/CDN provider automatically processes your IP address, browser type, request date/time and similar technical data for delivery and security.
  • Usage & performance data: aggregate information about how the Platform is used and how it performs (see "Analytics and performance" below).

How we use your data and our legal bases

Under the GDPR/FADP we process personal data on the following bases:

  • To provide the Platform — answer your enquiries, manage your account, and process bookings, orders and related confirmations. Legal basis: performance of a contract / pre-contractual steps.
  • To secure and improve the Platform — keep it reliable and safe, prevent fraud and abuse, and understand usage at an aggregate level. Legal basis: our legitimate interests.
  • Marketing & newsletter — send you our newsletter or event updates where you have opted in. Legal basis: your consent (you can withdraw at any time).
  • Health-related information — only where you choose to share it. Legal basis: your explicit consent.
  • Legal compliance — meet accounting, tax and other legal obligations. Legal basis: legal obligation.

Analytics and performance

To understand how the Platform is used and to keep it fast, we use two lightweight, privacy-focused tools that run on every page:

  • Piqo (piqo.app) — website analytics that measure aggregate traffic and usage (such as page views, referrers and device/browser type). We use it to understand which content is useful, not to build profiles of individuals.
  • Core Web Vitals RUM (corewebvitals.io) — real-user performance monitoring that records technical loading and responsiveness metrics (e.g. LCP, INP, CLS) together with a page-type label, so we can find and fix slow pages.

We use this data only in aggregate to operate and improve the Platform, on the basis of our legitimate interests, and we do not sell it.

Cookies, fonts and maps

We aim to keep the Platform privacy-friendly by design. Our fonts are self-hosted (served from our own infrastructure), so loading a page does not send a request to Google Fonts or similar services.

  • Cookies / local storage: we use only what is necessary for the Platform to function (for example to keep your session or preferences). We do not use advertising cookies.
  • Maps: clinic location maps use OpenStreetMap data with CARTO basemap tiles. They are loaded without cookies or an API key, but your IP address is shared with the tile provider in order to deliver the map images.
  • In-browser AI tools (WebMCP): the Platform can expose read-only search tools to AI assistants in your own browser. These call our public API only and do not send additional personal data to third parties.

Who we share data with

We share personal data only as needed to run the Platform, with:

  • Hosting & infrastructure: Cloudflare, which hosts and delivers the Platform and processes technical/log data for delivery and security.
  • Analytics & performance providers: Piqo and Core Web Vitals RUM, as described above.
  • Email / CRM provider: the service used to manage our newsletter and transactional emails.
  • Payment processors: trusted third parties that handle payments for bookings or orders.
  • Independent clinics and brands: the provider you choose to book or order from, so they can fulfil your request.
  • Authorities: where we are legally required to disclose data or to protect our rights, users or the public.

These providers act as our processors and may only use the data to perform services for us. We do not sell your personal data. Note that ratings and reviews shown for clinics are fetched by us from external sources (such as Google) on the server side and displayed as content — this does not involve tracking you.

International data transfers

Some of our providers may process data outside Switzerland, the EEA or the UK (for example in the United States). Where this happens, we rely on a valid transfer mechanism — such as an adequacy decision or the European Commission's Standard Contractual Clauses (with the UK Addendum and Swiss adaptations where relevant) — to ensure your data remains protected.

How long we keep your data

We keep personal data only as long as needed for the purpose it was collected, or as required by law. For example, contact and newsletter data are kept until you ask us to delete them or unsubscribe; transaction records are kept for the periods required by accounting and tax law; analytics and performance data are retained in aggregate. After that, we delete or anonymise the data.

Your rights

Depending on where you live, you have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate or incomplete data;
  • erase your data ("right to be forgotten");
  • restrict or object to certain processing, including direct marketing;
  • data portability;
  • withdraw consent at any time, without affecting earlier processing.

To exercise any of these rights, contact us at hello@lifespan-solutions.com. You also have the right to lodge a complaint with a data protection authority — in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC); in the EEA, your local supervisory authority; in the UK, the Information Commissioner's Office (ICO).

Children

The Platform is intended for adults and is not directed to children. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Security

We use reasonable technical and organisational measures to protect personal data against loss, misuse and unauthorised access. However, no method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version with a new effective date on this page, and provide additional notice where required by law.

Contact

Questions about this policy or your data? Contact us at hello@lifespan-solutions.com or via our contact form.