CLOSED BETA - Invitation Only
We're selecting our first testers. Request access now!

GDPR Compliance

Your data protection rights under the General Data Protection Regulation

BioFrame is committed to GDPR compliance.

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that gives individuals in the European Union enhanced rights over their personal data. We respect these rights and have implemented appropriate measures to ensure compliance.

Your GDPR Rights

Right to Access

Request copies of your personal data that we hold

Right to Rectification

Request correction of inaccurate or incomplete data

Right to Erasure

Request deletion of your personal data ("right to be forgotten")

Right to Restriction

Request restriction of processing of your data

Right to Data Portability

Receive your data in a structured, machine-readable format

Right to Object

Object to processing of your data in certain circumstances

How to Exercise Your Rights

1. Submit a Request

To exercise any of your GDPR rights, please contact our Data Protection Officer at:

Email: gdpr@bioframe.info

Subject: GDPR Data Request

2. Verify Your Identity

To protect your privacy, we need to verify your identity before processing your request. We may ask for additional information to confirm you are the data subject.

3. Response Timeline

We will respond to your request within one month of receipt. In complex cases, we may extend this by two additional months, and we will inform you if this is necessary.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

Contract Performance

Processing necessary to provide our services and fulfill our contractual obligations

Legal Obligation

Processing required to comply with legal and regulatory requirements (e.g., HIPAA)

Legitimate Interest

Processing necessary for our legitimate business interests (e.g., fraud prevention, service improvement)

Consent

Processing based on your explicit consent (e.g., marketing communications)

Our Data Protection Measures

Technical Safeguards

  • • End-to-end encryption (AES-256)
  • • Regular security audits and penetration testing
  • • Multi-factor authentication
  • • Secure data centers with ISO 27001 certification
  • • Automated backup and disaster recovery

Organizational Measures

  • • Staff training on data protection
  • • Data Processing Agreements with vendors
  • • Privacy by Design principles
  • • Regular privacy impact assessments
  • • Incident response procedures

International Data Transfers

We may transfer your personal data outside the European Economic Area (EEA) to provide our services. When we do, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs): EU-approved contract terms
  • Adequacy Decisions: Transfers to countries deemed adequate by the EU
  • Binding Corporate Rules: Internal data protection policies
  • Your Explicit Consent: When appropriate and necessary

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Inform affected individuals without undue delay
  • Provide clear information about the nature of the breach
  • Describe the measures taken to address the breach
  • Advise on steps you can take to protect yourself

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority.

EU Supervisory Authorities

You can contact your local data protection authority. A list of EU supervisory authorities is available at:

European Data Protection Board - Member List

Contact Our Data Protection Officer

Data Protection Officer

Email: dpo@bioframe.it

Email (GDPR requests): gdpr@bioframe.it

Address: BioFrame, Carpi, Mo

Last Updated: November 20, 2025

This GDPR policy may be updated from time to time. We will notify you of any significant changes via email or through the Service.