Legal

Privacy Policy

Effective date: June 12, 2026

biohacker.digital — César Arce

01.Purpose of This Policy

This Privacy Policy informs users of biohacker.digital about the personal data we collect, how we use it, who has access to it, your rights as a user, and our cookie practices. This policy applies to all visitors and users of our website, regardless of their location.

02.Applicable Laws

  • Quebec — Law 25 (Act to modernize legislative provisions as regards the protection of personal information): As biohacker.digital may collect data from Quebec residents, we comply with Law 25, which imposes strict obligations regarding consent, transparency, data subject rights (access, rectification, deletion), breach notification to the Commission d'accès à l'information (CAI), and privacy impact assessments for cross-border transfers.
  • Canada — PIPEDA (Personal Information Protection and Electronic Documents Act): We comply with Canada's federal privacy law governing the collection, use, and disclosure of personal information in the course of commercial activities.
  • European Union — GDPR (General Data Protection Regulation): For users in EU/EEA countries, GDPR applies. Where there is any inconsistency between this policy and GDPR, GDPR shall prevail.
  • United States — California CCPA (California Consumer Privacy Act): For California residents, we aim to comply with CCPA. Where inconsistencies exist, California law shall prevail.

03.Consent

  • By using our site, you consent to: (1) the terms of this Privacy Policy; and (2) the collection, use, and storage of the data listed herein.
  • Quebec residents: Consent is obtained expressly before collecting sensitive data. Consent for minors under 14 requires parental or guardian authorization.
  • You may withdraw your consent at any time by contacting us at the address below.

04.Personal Data We Collect

  • Automatically collected data: IP address, approximate location (country/region), pages visited, content viewed, session duration, browser type and version, device type.
  • Data collected through forms and interactions: First and last name, email address, preferred language (locale), community forum messages and questions, newsletter subscription preferences.
  • We collect only the data necessary to fulfill the purposes stated in this policy. We will not collect additional data without prior notice.

05.How We Use Personal Data

  • Automatically collected data is used for: anonymous traffic statistics, site performance optimization, and content improvement.
  • Data collected through forms is used for: sending requested magic-link sign-in emails, delivering our newsletter, enabling community forum participation, and responding to user inquiries.
  • We do not use your data for purposes beyond those disclosed here.

06.Who Has Access to Your Data

  • Internal access: Only the site owner and authorized personnel have access to user data, limited to what is necessary for the stated purposes.
  • Third-party service providers: We use the following sub-processors who may handle your data on our behalf — Supabase (database and authentication, servers in the United States), Vercel (website hosting, servers in the United States and other regions), Resend (transactional email delivery), Google Analytics (anonymous analytics, United States), Meta Pixel (anonymous advertising analytics, United States).
  • Third parties are contractually bound to use your data only for the specific purpose for which it was shared.
  • We do not sell your personal data. We may disclose your data only if required by law, for legal proceedings, or to protect our legal rights.

07.International Data Transfers

  • Your data may be processed or stored in the following countries: Canada, United States, France (EU).
  • For Quebec residents: Any transfer of personal information outside Quebec is subject to a privacy impact assessment (PIA) as required by Law 25, and is only permitted when the data receives equivalent protection.
  • For EU/EEA residents: International transfers are conducted using appropriate safeguards (Standard Contractual Clauses) as required by GDPR.

08.Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Newsletter subscriber data is retained until you unsubscribe. Forum content may be retained for the life of the community unless you request deletion. Analytics data is retained in anonymized, aggregated form.

09.How We Protect Your Data

  • HTTPS/TLS encryption on all data in transit.
  • Row-level security (RLS) on our Supabase database — no unauthorized access between users.
  • Magic-link authentication — no passwords stored.
  • Periodic security updates to platform dependencies.
  • Restricted access controls — only authorized personnel can access raw user data.
  • While we take all reasonable precautions, no Internet-based system can guarantee absolute security. We cannot guarantee the security of data beyond what is reasonably practicable.

10.Minors

Our website is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. For Quebec residents: in accordance with Law 25, the consent of a parent or legal guardian is required to collect data from persons under 14 years of age. If you believe we have inadvertently collected such data, please contact us immediately so we can delete it.

11.Your Rights as a User

  • Right of access: You may request a copy of all personal data we hold about you.
  • Right of rectification: You may request correction of inaccurate or incomplete data.
  • Right of erasure ("right to be forgotten"): You may request deletion of your personal data, subject to legal retention obligations.
  • Right to data portability: You may request your data in a structured, machine-readable format.
  • Right to withdraw consent: You may withdraw consent for data processing at any time.
  • Right to object: You may object to certain types of processing, including direct marketing.
  • Right to file a complaint: Quebec residents may file a complaint with the Commission d'accès à l'information (CAI) at www.cai.gouv.qc.ca. Canadian residents may contact the Office of the Privacy Commissioner of Canada at www.priv.gc.ca. EU residents may contact their national Data Protection Authority.
  • To exercise any of these rights, please contact our Privacy Officer listed at the bottom of this policy.

12.Security Breach Notification

In the event of a data breach that poses a risk of serious harm to users, we will notify affected users and the applicable regulatory authority (Quebec CAI, or the Office of the Privacy Commissioner of Canada) as soon as possible and within the timeframes required by applicable law.

13.Cookie Policy

  • A cookie is a small file stored on your device by our website. We use the following types of cookies:
  • Functional cookies: Remember your language preference and session state so you don't need to re-select them on each visit.
  • Analytical cookies: Google Analytics — used to collect anonymous statistics about site usage to improve content and performance.
  • Targeting cookies: Meta Pixel — used to measure the effectiveness of advertising campaigns and improve targeting. These cookies are only loaded after you consent.
  • You can browse in private/incognito mode to prevent cookies from persisting. You may also disable cookies entirely in your browser settings, though this may reduce your experience on our site.
  • We do not use cookies to collect personally identifiable information without your consent.

14.Affiliate Links

Our website contains Amazon affiliate links. When you click an affiliate link and make a purchase on Amazon, we may earn a small commission at no additional cost to you. Amazon collects data through its own systems when you visit their site; please refer to Amazon's Privacy Policy for details.

15.Changes to This Policy

We may update this Privacy Policy from time to time to remain compliant with applicable law or to reflect changes in our data practices. We will notify users by email when significant changes are made. We recommend reviewing this policy periodically.

16.Contact — Privacy Officer

For any questions, requests to access, modify, or delete your data, or to file a complaint, please contact our Privacy Officer: César Arce cesararceauthor@gmail.com

Privacy Officer

César Arce

cesararceauthor@gmail.com
Privacy Policy | The Biohacker's Guide