Exia Bio logo EXIA BIO
Privacy & Data Protection Notice

How Exia Bio protects biomarker data.

This notice explains how Exia Bio Pte. Ltd. collects, uses, protects, retains, and manages personal data submitted through our website, intake forms, dashboards, and support channels.

Exia Bio handles uploaded screening reports, biomarker values, selected Sentinel pathways, dashboard records, and related support messages in accordance with Singapore’s Personal Data Protection Act 2012.

Important: This page is a practical PDPA-aligned notice for Exia Bio’s launch phase. It should be reviewed by a qualified Singapore legal professional or PDPA advisor before heavy paid acquisition, corporate partnerships, or scale-up.

01

Data we collect

  • Name, email address, contact details, and account identifiers
  • Uploaded blood screening reports, laboratory report images, or PDF files
  • Biomarker values, units, reference intervals, report dates, and extracted report metadata
  • Selected Sentinel pathways: Corporate Athletes & High Performers, Gym Goers, Slimmer, and Longevity
  • Health goals, lifestyle context, consent confirmations, and intake-form answers voluntarily submitted by you
  • Payment status, transaction references, dashboard access records, support requests, and service communications
02

Why we collect and use your data

  • To provide Exia Bio services and generate your Sentinel dashboard
  • To extract and structure biomarkers from uploaded reports
  • To perform biomarker audit, performance-friction mapping, missing-marker analysis, and dashboard quality control
  • To personalize interpretation based on your selected pathway or pathways
  • To provide support, follow-up clarification, and service updates
  • To maintain security, audit logs, payment records, and compliance documentation
  • To improve service reliability, dashboard functionality, and the Sentinel Engine using anonymized or aggregated data where appropriate
04

How biomarker data is used

  • Sentinel Efficiency Score
  • Biomarker category review and cross-marker signal mapping
  • Performance-friction summaries and pathway-specific interpretation
  • Missing-marker gap analysis and upgrade recommendations where relevant
  • Dashboard trend comparison if future reports or re-tests are uploaded
  • Safety flags where clinically significant thresholds may require review by a licensed healthcare professional
05

What we do not do

  • We do not sell your identifiable biomarker data to advertisers.
  • We do not provide medical diagnosis, treatment, medication prescription, or emergency medical review.
  • We do not use your biomarker data for unrelated marketing without separate consent.
  • We do not disclose identifiable data to unrelated third parties except as required to provide the service, comply with law, protect safety, or enforce our rights.
06

Cloud services and third-party processors

  • Google Cloud and Vertex AI or related document-intelligence infrastructure
  • Payment gateway providers for transaction processing
  • Secure intake form and dashboard hosting providers
  • Email, support, security, analytics, and operational service providers
  • Where personal data is transferred outside Singapore, Exia Bio will take reasonable steps to ensure appropriate protection consistent with applicable law.
07

Data retention and deletion

  • Exia Bio retains uploaded reports, biomarker records, and generated dashboard data while your dashboard or account remains active, or as needed for legal, security, audit, operational, or dispute-resolution purposes.
  • You may request deletion of your account and associated personal data.
  • Deletion requests may be subject to lawful retention requirements, security records, payment records, or unresolved disputes.
  • Aggregated or anonymized data that no longer identifies you may be retained to improve service reliability and analytical logic.
08

Access, correction, and withdrawal

  • You may request access to, correction of, or withdrawal of consent for continued use of your personal data by contacting the Data Protection Officer. We may need to verify your identity before processing such requests.
09

Data incidents and breach notification

  • If a data incident occurs, Exia Bio will assess the incident and take appropriate containment, investigation, remediation, and notification steps. Where a data breach is notifiable under applicable law, Exia Bio will notify affected individuals and/or relevant regulators where required.
10

Contact the Data Protection Officer

For privacy requests, access or correction requests, consent withdrawal, deletion requests, or questions about this notice, contact:

Chin Guan Ho

Data Protection Officer

Exia Bio Pte. Ltd.

[email protected]