Legal

Privacy Policy

Last updated: 18 April 2026

This Privacy Policy explains how Haelo (“we”, “us”, “our”) collects, uses and protects your personal data when you visit haelo.life, join our waitlist, or contact us. We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Please read this policy carefully. If you have any questions, contact us at privacy@haelo.life.

1. Who we are

Haelo is operated by Haelo Life Ltd (“the Company”), registered in England and Wales. Our registered address is 4 Folly Lane, Bramham, Leeds, LS23 6RZ. We are the data controller for personal data collected through this website.

If you have questions about how we handle your data, you can contact us at: privacy@haelo.life.

2. What data we collect

We currently collect the following personal data:

  • Email address — when you join our waitlist. We use this to notify you when Haelo launches and to send you relevant product updates.
  • Name, email address, and message content — when you submit a contact form enquiry. We use this to respond to your enquiry.
  • Usage data — standard web server logs including your IP address, browser type, pages visited and time of access. This is collected automatically when you visit our website.

Health data: This website does not currently collect health or symptom data. When the Haelo app launches, a separate privacy notice specific to the app will be provided, covering the collection and processing of health-related data in accordance with UK GDPR Article 9.

3. How we use your data

We use your personal data for the following purposes:

  • Waitlist management: To contact you when Haelo becomes available and to send you relevant updates about the product. Lawful basis: legitimate interest (you have expressed interest in our product) and consent.
  • Responding to enquiries: To respond to messages you send us via the contact form. Lawful basis: legitimate interest (responding to a direct enquiry).
  • Website improvement: To understand how people use our website and improve it. Lawful basis: legitimate interest.
  • Legal compliance: To comply with legal obligations where required. Lawful basis: legal obligation.

4. How long we keep your data

  • Waitlist email addresses: Until you unsubscribe, or 24 months from the date of registration if we have had no meaningful contact, whichever is sooner.
  • Contact form messages: 12 months from the date of receipt, unless there is an ongoing correspondence or legal reason to retain them longer.
  • Server logs: Up to 90 days.

5. Who we share your data with

We do not sell your personal data. We share data only with trusted third-party service providers who process it on our behalf, and only to the extent necessary:

  • Resend (resend.com) — email delivery and contact management. Resend acts as a data processor and is contractually bound to process data only on our instructions. Data is stored in the EU/EEA.
  • Vercel (vercel.com) — website hosting and infrastructure.

We may disclose your data if required to do so by law or in response to valid requests by public authorities.

6. International transfers

Our service providers may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place — such as UK adequacy regulations, standard contractual clauses, or the UK’s International Data Transfer Agreement (IDTA).

7. Your rights

Under UK GDPR, you have the following rights:

  • Right of access — to request a copy of the personal data we hold about you.
  • Right to rectification — to request correction of inaccurate data.
  • Right to erasure — to request deletion of your data in certain circumstances.
  • Right to restrict processing — to request that we limit how we use your data.
  • Right to data portability — to receive your data in a structured, machine-readable format.
  • Right to object — to object to processing based on legitimate interests. If you object to marketing, we will stop immediately.

To exercise any of these rights, email us at privacy@haelo.life. We will respond within one month. We may need to verify your identity before processing a request.

8. Cookies

Our website uses cookies. Please see our Cookie Policy for full details on what we use and how to manage your preferences.

9. Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or destruction. All data transmission is encrypted via HTTPS.

10. Children

Our website is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. For significant changes, we will notify waitlist members by email where appropriate.

12. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the UK’s supervisory authority:

Information Commissioner’s Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113

We would always appreciate the opportunity to address your concerns directly before you approach the ICO — please contact us first at privacy@haelo.life.