Epic Life Privacy Policy

1. Introduction: Our Commitment to Your Privacy

At Epic Life, we're committed to transparency and clarity, especially in how we handle your personal information. We understand that trusting a company with your data is a significant consideration - particularly when it comes to health and wellness. This policy explains, in plain English, exactly how we use any personal information you provide through our website, mobile application, and other services (collectively our “Service”).

Our promises to you:

  • We will never sell your personal data to anyone
  • We will always be clear about how we use your data
  • We will only keep your data for as long as we need it
  • We will use industry-standard security to protect your information
  • We will make it easy for you to access your data
  • We will respond quickly to any questions or concerns you have
  • If we ever need to change how we use your data, we'll tell you first and ensure you're happy with the changes

We want you to feel confident about sharing your information with us, so we've made this policy as clear and straightforward as possible. If anything isn't clear, please do ask us - we're here to help.

Epic Life ("Epic Life," "we," "us," or "our") is a brand name of trading entity Ampk Labs Limited, a company registered in England under company number 15491223 with registered office at Preston Park House South Road Brighton East Sussex BN1 6SB.

 

2. Summary of Key Points

  • What we collect: Account information, health data from blood tests and wearables, interactions with our AI Health Companion, and service usage information.
  • How we use it: To provide personalized health insights, power our AI Health Companion, improve our service, and communicate with you.
  • How we protect it: We use encryption, access controls, and industry-standard security practices to keep your data safe.
  • Who we share with: Only trusted service providers who help us deliver our service, and never for third-party marketing purposes or training third party AI models.
  • Your data, your control: You can access, correct, or delete your data at any time by contacting us at privacy@epiclife.com.
  • Special category data: We process health data with your explicit consent to provide our core services.
  • Your data rights: You have several rights under UK data protection law, including access, correction, deletion, and data portability.

 

3. What Information We Collect

We collect only what we need to provide and improve our Service:

Account Information
  • Name and contact details (email address, phone number, home address)
  • Password and login information
  • Age, gender, height, weight and other physiological data
  • Health conditions, medications and medical history that you choose to share
  • Health goals and preferences
Health and Wellness Data
  • Blood biomarker test results
  • Wearables data (including activity levels, sleep patterns, heart rate, etc.)
  • Calculated health scores and metrics
AI Health Companion Interactions
  • Conversations between you and our AI Health Intelligence Companion
  • Questions you ask the AI Health Intelligence Companion
  • Recommendations and insights generated for you
  • Your feedback on recommendations and insights
  • Frequency and patterns of your AI Health Intelligence Companion
Service Usage Information
  • How you interact with our application
  • Features you use and content you access
  • Time spent using the Service
  • Technical information about your device and internet connection
Communications
  • Customer service interactions
  • Feedback and survey responses
  • Messages sent through our platform

 

4. How We Use Your Information

We use your personal information to:

Provide Our Core Services
  • Create and manage your account (Member Account Management)
  • Process blood biomarker tests (Blood Test Data Collection and Storage)
  • Integrate with your wearables devices (Wearables Tracker Data Collection and Storage)
  • Calculate health scores and metrics (Health Score Calculation)
  • Generate personalised health insights and visualisations (Data visualisation and Insights)
  • Power our AI Health Intelligence Companion (AI Health Agent Operation)
Improve Our Service
  • Fix bugs and improve performance
  • Understand how members use our Service to develop new features (Analytics and Service Improvement)
  • Train and refine our machine learning models ( Machine Learning Model Development)
Research and Development
  • If you consent, use anonymised data for health and wellness research
Communication and Support
  • Respond to your questions and concerns
  • Send updates about Epic Life
  • Send marketing communications (which you can opt out of at any time)
Legal and Regulatory Compliance
  • Meet our legal obligations

 

5. Third-Party AI Models

No Training of Third-Party Models

We want to be absolutely clear: your personal health and wellness data will not be used to train third-party AI models. When we use third-party AI services (such as Google Cloud's foundation models), we ensure that our contracts with these providers explicitly prohibit the use of your data for training their AI models.

This means your sensitive health information, conversations with our AI Health Companion, and other personal data remain protected and will not be used to improve AI systems beyond our own service.

6. Legal Basis for Processing

We process your personal data on the following legal bases:

Performance of Contract

The primary basis for our processing of your personal data is that it's necessary for the performance of our contract with you - to provide the Epic Life Service you've signed up for. This includes our core account management, blood test data processing, wearables data collection, health score calculation, data visualisation, and AI health agent operations.

Explicit Consent for Health Data

As health data is considered special category data under UK data protection laws, we rely on your explicit consent to process this information. This consent is freely given and can be withdrawn at any time by contacting privacy@epiclife.com.

Important note: The processing of your health data is essential to our Service. Without this data, we cannot provide our personalised health insights or recommendations. If you withdraw consent, we will no longer be able to provide the Service to you, and this will likely result in termination of your membership.

Legitimate Interests

We process some data based on our legitimate interests, such as improving and securing our Service, developing new features and marketing our services to existing members.

 

7. Our Commitment to Data Protection

Epic Life (Ampk Labs Limited) is registered with the Information Commissioner's Office (ICO) with registration number ZB790117. Epic Life operates under UK data protection law and process your data in accordance with the UK GDPR and Data Protection Act 2018.

As the data controller, we are responsible for ensuring that all personal data processing activities comply with these regulations. Given the sensitive nature of the health data we process, we take data protection extremely seriously. We have implemented comprehensive risk assessment processes that:

  • Identify and minimize data protection risks
  • Ensure we only collect data that is necessary for our stated purposes
  • Establish appropriate safeguards for special category health data
  • Document our compliance with data protection principles

We regularly review and update our data protection measures to reflect changes in our processing activities or regulatory requirements.

 

8. How We Keep Your Information Secure

We take appropriate technical and organisational measures to secure your information:

  • Encryption of data in transit and at rest
  • Robust access controls and authentication requirements
  • Regular security assessments and monitoring
  • Staff training on data protection and security
  • Industry-standard hosting infrastructure with advanced security features
  • Strict data access policies within our organisation
  • Incident response procedures and data breach notification protocols

However, no method of electronic transmission or storage is 100% secure. While we strive to protect your personal information using commercially acceptable means, we cannot guarantee its absolute security.

 

9. How Long We Keep Your Information

We retain your information only as long as necessary for the purposes for which it was collected:

  • Account information: For the duration of your membership plus up to 18 months after termination (to facilitate account reactivation if requested)
  • Health and wellness data (including blood test results and fitness tracker data): For a rolling 36-month period to enable long-term trend analysis and provide meaningful insights about your health progress
  • Service usage information, AI messaging data and analytics data: For a rolling 36-month period to support service improvements and troubleshooting
  • Communications: For up to 6 years from the date of communication to support customer service inquiries and comply with legal requirements related to contractual claims

 

10. Who Has Access to Your Data

We restrict access to your data based on role and necessity:

  • Customer support team: Can access your account information and health data to provide assistance
  • Development team: Has limited access to account data and anonymised health information for system maintenance and improvement
  • AI and Data science team: Can access anonymised data for model training and service improvement

 

11. Who We Share Your Information With

We do not sell your personal data. We may share your information with:

Service Providers and Third Parties
  • Cloud hosting providers (e.g., Google Cloud Platform)
  • Blood testing laboratory partners (for processing samples and test results)
  • Wearables device integrators (for integration purposes only)
  • Analytics and machine learning infrastructure providers
  • Email and communication service providers
  • Payment processors
  • Other third party providers such as lawyers, auditors when necessary

All our service providers are bound by strict data processing agreements and will only process your data according to our instructions. While we carefully select these partners and require appropriate security measures through our agreements, these third parties use their own systems and security protocols to process your data. For laboratory testing services specifically, we necessarily share personal details such as your name, date of birth, address, and test requests to facilitate sample collection and processing.

 

12. Your Rights

Under UK data protection law, you have several rights regarding your personal data:

  • Access: Request copies of your personal data we hold
  • Rectification: Ask us to correct inaccurate information
  • Erasure: Request deletion of your data in certain circumstances
  • Restriction: Ask us to limit how we use your data temporarily
  • Portability: Request your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests or for direct marketing
  • Automated decisions: Contest decisions made solely by automated means

To exercise any of these rights, email privacy@epiclife.com. We'll respond within one month. If you're unhappy with our response, you can complain to the Information Commissioner's Office at ico.org.uk.

 

13. International Transfers

Our operations are based in the UK. However, some of our service providers may process personal information outside of the UK/EEA. When this occurs, we ensure appropriate safeguards are in place, including:

  • Using Standard Contractual Clauses approved by the UK Information Commissioner's Office
  • Ensuring service providers are located in countries with adequate data protection as determined by the UK
  • Implementing additional technical and organisational measures as required

 

14. Cookies and Similar Technologies

We use cookies and similar technologies to enhance your experience, improve our Service, and understand how it is used. For detailed information about the specific cookies we use, their purposes, and how to control them, please see our Cookie Policy.

 

15. Children's Privacy

Our Service is not directed to children under the age of 18, and we do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

 

16. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. The latest version will always be available on our website and within our application. Substantial changes will be notified to you via email.

 

17. Getting in Touch

For any questions about this privacy policy or our privacy practices:

Email: privacy@epiclife.com Post: Epic Life, Salisbury House, 29 Finsbury Circus, London, EC2M 5SQ

If you have any concerns about how we handle your personal data, you have the right to make a complaint to the Information Commissioner's Office (ICO).

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy.