Auth Debug

Loading: Yes

Auth User: None

Session: None

Direct Supabase User: None

Cookies: No Supabase cookies

Skip to main content
healthspan.fund
Join

PRIVACY POLICY

1. Who we are

This website is operated by 199 Longevity Ltd (trading as healthspan.fund), a company registered in England and Wales under number 16267409.
Registered office: 199 Gloucester Terrace, London, W2 6LD, United Kingdom.
For all privacy matters you can contact us at join@healthspan.fund.

2. Scope of this Policy

This Privacy Policy explains how we collect, use, store and share personal information when you:

  • visit healthspan.fund or any sub-domain we control;
  • join the wait-list, subscribe to updates, or otherwise provide your data to us;
  • interact with us on email, X (Twitter) or GitHub in connection with the fund.

It applies to all visitors, users and others who access the site (“you”).

3. What data we collect

CategoryTypical itemsSource
Contact dataemail address, nameinput forms, emails
Account data (when the platform launches)hashed password, pledge history, project preferencesregistration forms, in-app activity
Technical dataIP address, browser type, time-zone, device ID, cookiesanalytics scripts, server logs
Communicationsmessages, comments, support ticketsdirect correspondence
Marketing preferencesopt-in / opt-out choicessettings, email links

We do not collect special category data (health, biometrics, etc.) from backers unless you voluntarily include such information in open comments.

4. Why we process your data & legal grounds

PurposeLegal basis under UK GDPR
Provide wait-list confirmations, newsletters and platform invitationsConsent (Article 6 (1)(a))
Operate and secure the website, diagnose faultsLegitimate interests (Article 6 (1)(f)) — keeping our services functional and secure
Create and manage your future user account, record pledges, process paymentsPerformance of a contract (Article 6 (1)(b))
Respond to enquiries or support requestsLegitimate interests
Send product or feature updates, surveys, promotional contentConsent (you may withdraw anytime)
Comply with legal obligations (e.g., anti-fraud, accounting)Legal obligation (Article 6 (1)(c))

5. Cookies & analytics

We use first-party cookies for session management and to remember your preferences.

We also employ privacy-focused analytics (currently Plausible) that aggregate visitor behaviour without setting tracking cookies or collecting personal identifiers. You can disable cookies via your browser; essential site functions will remain available.

6. How we share data

  • Service providers – vetted partners who host servers, email our newsletters, or process payments. They receive only the information necessary to perform their function and must follow our security instructions.
  • Legal or regulatory bodies – where required to comply with the law, court order or regulator.
  • Corporate events – if we merge, sell assets or undergo restructuring, data may transfer to the new entity under the same protections.

We never sell your personal information.

7. International transfers

Our main servers are located in the United Kingdom. Some providers may operate in countries outside the UK or EEA. Whenever data leaves the UK/EEA we rely on an adequacy decision or on Standard Contractual Clauses approved by the UK ICO and European Commission.

8. Data retention

We keep personal data only as long as needed for the purposes set out above:

  • Wait-list emails: until you unsubscribe or 24 months after last interaction, whichever is earlier.
  • Account and pledge records: seven years after your last transaction (for tax/audit reasons).
  • Technical logs: up to 12 months, unless required for security investigations.

Data scheduled for deletion is permanently erased or fully anonymised.

9. Security measures

We use industry-standard TLS encryption in transit, role-based access controls, periodic penetration testing and encrypted backups. No transmission method is 100 % secure; if we detect a breach that poses a high risk to you, we will notify you and the relevant authority without undue delay.

10. Your rights

Under UK GDPR you can:

  1. Access the personal data we hold about you.
  2. Rectify inaccurate or incomplete data.
  3. Erase your data (“right to be forgotten”) in certain circumstances.
  4. Restrict or object to processing where we rely on legitimate interests.
  5. Port data to another controller.
  6. Withdraw consent at any time where processing is based on consent.

To exercise these rights, email join@healthspan.fund. We will respond within one month. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ico.org.uk).

11. Children

healthspan.fund is not directed at individuals under 18. We do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

12. Changes to this Policy

We may update this Privacy Policy to reflect operational, legal or regulatory changes. New versions will be posted on this page and, where changes are material, we will notify you by email.

13. Contact

For any questions about this Policy or your personal data, please write to:

Data Protection Officer
199 Longevity Ltd
199 Gloucester Terrace
London, W2 6LD
United Kingdom
Email: join@healthspan.fund