This Privacy Policy explains how Biohacking Academy (operated by Bojan Matić, based in Serbia) collects, uses, and protects your personal data when you visit biohackingacademy.comor use our services (the “Service”).
We aim to comply with the EU General Data Protection Regulation (GDPR) and the Serbian Law on Personal Data Protection. By using the Service, you agree to the practices described here.
1. Who we are
Data controller: Bojan Matić, trading as Biohacking Academy, Serbia.
Contact: bojan@biohacking-retreat.com
2. What we collect
Information you give us
- Contact form / email: your name, email address, and the content of your message.
- Newsletter / marketing (if you opt in): email address.
Information we collect automatically
- Log data: IP address, browser, device, referring URL, pages viewed, and timestamps - collected by our hosting provider (Vercel) for security and operations.
- Cookies and similar technologies: see our Cookie Policy.
3. Why we use your data and the legal basis
| Purpose | Legal basis (GDPR) |
|---|---|
| Reply to your inquiries and provide the Service | Performance of a contract / pre-contractual steps |
| Send marketing emails | Your consent (you can unsubscribe at any time) |
| Security, fraud prevention, and basic analytics | Legitimate interests |
| Comply with tax, accounting, and other legal duties | Legal obligation |
4. Who we share data with
We do not sell your personal data. We share it only with the processors we need to run the Service. Each is contractually bound to protect your data:
| Provider | Purpose | Data shared |
|---|---|---|
| Vercel (US/EU) | Hosting | IP address, request logs |
| Sanity (EU/US) | Content management | No end-user PII (editorial content only) |
We may also disclose data when required by law, to enforce our Terms, or to protect our rights or the safety of others.
5. International transfers
Some of our providers (such as Vercel) may process data in the United States. Where data leaves the EEA, we rely on the European Commission’s Standard Contractual Clauses or other approved safeguards.
6. How long we keep your data
- Contact-form messages: up to 24 months.
- Invoices and tax records: 10 years (Serbian tax law).
- Newsletter list: until you unsubscribe.
- Server logs: typically 30–90 days.
7. Your rights
Under GDPR you have the right to:
- Access the personal data we hold about you
- Ask us to correct inaccurate data
- Ask us to delete your data (“right to be forgotten”)
- Restrict or object to certain processing
- Receive your data in a portable format
- Withdraw consent at any time (without affecting prior processing)
- Lodge a complaint with the Serbian Commissioner for Information of Public Importance and Personal Data Protection (poverenik.rs) or your local EU data protection authority
To exercise any of these rights, email bojan@biohacking-retreat.com. We respond within 30 days.
8. Security
We use HTTPS everywhere and limit access to the personal data we hold. No system is perfectly secure, so we cannot guarantee absolute protection.
9. Children
The Service is for adults (18+). We do not knowingly collect data from anyone under 18.
10. Changes to this policy
We may update this policy from time to time. We will update the “Last updated” date above and, for material changes, give reasonable notice.
11. Contact
Questions? Email bojan@biohacking-retreat.com.