Privacy Policy

Last updated: January 2025 ยท iGlutek Ltd. (EU) and iGlutek Inc. (US)

1. Introduction

iGlutek Ltd. ("iGlutek", "we", "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard information in connection with our website (iglutek.com), products, and services. We comply with the General Data Protection Regulation (GDPR) for EU residents and HIPAA for US health data where applicable.

2. Data We Collect

Website visitors: IP address (anonymized), pages visited, session duration, referrer source. Collected via first-party analytics only โ€” no third-party tracking pixels.

Contact form submissions: Name, email, organization, and the content of your message.

Research participants and device users (during active studies): Health data is collected under separate Informed Consent and Data Processing Agreements governed by IRB oversight.

3. How We Use Your Data

We use personal data to: respond to inquiries and demo requests; send requested information and updates (with consent); conduct clinical research under ethical oversight; improve our website and product. We do not sell, rent, or share personal data with third parties for marketing purposes.

4. Cookies

iglutek.com uses only strictly necessary cookies (session management) and optional analytics cookies (first-party only). No advertising cookies are set. You may manage cookie preferences via the cookie banner or your browser settings. Declining analytics cookies does not affect site functionality.

5. Your Rights (GDPR)

EU residents have the right to: access their personal data; correct inaccuracies; request erasure ("right to be forgotten"); restrict or object to processing; data portability; lodge a complaint with a supervisory authority. To exercise any of these rights, contact: privacy@iglutek.com

6. Data Retention

Contact form data is retained for 24 months or until you request deletion. Research data retention periods are defined in the applicable Informed Consent Form. Website analytics data is anonymized and retained for 12 months.

7. Data Security

All personal data is encrypted in transit (TLS 1.3) and at rest (AES-256). Our cloud infrastructure maintains ISO 27001 and SOC 2 Type II certifications. Health data collected during research studies is stored in HIPAA-eligible cloud environments with Business Associate Agreements in place.

8. Contact & Data Controller

Data Controller: iGlutek Ltd., registered in the European Union.
DPO Email: privacy@iglutek.com
General: info@iglutek.com

This policy may be updated periodically. Material changes will be communicated via email to registered users and notice on this page. Continued use of our services after changes constitutes acceptance.