Privacy Policy-Axite

Last Updated: 27-10-2025

Introduction

At Axite B.V. ("Company," "we," "our," or "us"), your privacy is our priority. We are committed to safeguarding your personal data and ensuring full compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws. This Privacy Policy explains how we collect, use, share, and protect your data when you interact with our brain activity monitoring service ("Service").

This policy is intended for end-users aged 16 and above who use our products and services. If you are under 16, please do not use the Service without parental or guardian consent.

Data We Collect

When you use our Service, we may collect the following types of data:

Electroencephalography (EEG)

  • Brain activity data recorded using EEG device(s).

Smartphone Usage Data

  • Touchscreen interaction timestamps.

  • App usage data.

  • Optional Global Positioning System (GPS) location (city-level only).

  • Device model and battery status.

Personal Data

  • Contact details including username and email address, we do not require using a full name or giving your first or last name unless desired.

  • Demographic information such as age and gender. We do not collect the date of birth, only month and year. While date of birth is not required, sharing this data helps us better personalize your app experience because age and gender may impact your scores.

  • Personal data will be stored prior to anonymization to facilitate the deletion of your data upon request. Once anonymized, data cannot be linked back to an individual and therefore cannot be deleted.

Optional Information

  • Cognitive test performance data (if participating for research purposes).

  • Any voluntary survey responses related to brain health (if participating for research purposes).

  • Physiological data from optional wearables, including heart rate, sleep patterns, and activity levels.

How We Use Your Data

We use the collected data for the following purposes:

  • To provide you with personalized insights and reports.

  • To improve and develop our products and services.

  • For research and analytical purposes.

  • Commercial Use: Anonymized data may be used for commercial purposes such as product development, marketing insights, and business analytics.

  • To comply with legal and regulatory requirements.

Who Can Access Your Data

Access to your personal and EEG data is strictly limited to authorised Axite developers and technical staff who need it to operate, maintain, or improve the Service. All such access is protected by confidentiality agreements and role-based permissions. We do not share identifiable data with third parties except trusted EU-based service providers (such as our cloud host, Supabase, EU-West) acting under our instructions and data-processing agreements. Researchers may access only pseudonymised data if you have explicitly consented to participate in a study.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Your explicit consent, which you provide by using the Service.

  • Compliance with legal obligations.

  • Legitimate interests in improving our Service while maintaining privacy safeguards.

Data Storage and Security

  • All collected data is encrypted and stored securely on cloud servers (IBM/Azure) with anonymized codes.

  • Data transmission from your device to our servers only occurs over secure networks.

  • We implement industry-standard security measures to prevent unauthorized access, alteration, or loss of your data.

  • Personal data is stored securely before anonymization to facilitate deletion requests.

Sharing your data

We do not sell or rent your personal data. We may share anonymized data with:

  • Third-party partners for research and development purposes.

  • Regulatory bodies if legally required.

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

  • Right to Access: Request access to the data we hold about you.

  • Right to Rectification: Request correction of inaccurate or incomplete data.

  • Right to Erasure: Request deletion of your data (before anonymization).

  • Right to Withdraw Consent: Withdraw your consent at any time and stop using our service.

  • Right to Data Portability: Request transfer of your data in a structured format.

  • Right to Object: Object to data processing based on legitimate interests.

You can send a request for access, rectification, erasure, or data transfer of your personal data or a request to withdraw your consent or object to the processing of your personal data to info@axitetech.com. We will respond as quickly as possible, but within four weeks.

Axite B.V. also wants to inform you that you have the option to file a complaint with the national supervisory authority, the Dutch Data Protection Authority. This can be done via the following link:
https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons

Data Retention

We retain your data for as long as necessary to provide the Service and comply with legal obligations. If you withdraw consent, we will delete your data within two weeks. Personal data will be stored only until it is anonymized. After anonymization, data cannot be traced back to you and therefore cannot be deleted.

Cookies and Tracking Technologies

Our Service uses cookies and similar technologies to enhance user experience and collect analytical data. You can manage your cookie preferences through your device settings.

Third-Party Services

Our Service may include links to third-party platforms such as QuantActions, Muse, Brainbit, Emotiv, Oura or Garmin. We are not responsible for their privacy practices, and we encourage you to review their respective privacy policies.

How we secure personal data

Axite B.V. takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure, and unauthorized modification.

Encryption: We encrypt your (personal) data both in transit and at rest to prevent unauthorized access.

  • TLS encryption (HTTPS) to protect data during transfer.

  • Access to personal data is limited to authorized personnel and protected with multi-factor authentication.

  • We regularly update our systems and software to fix vulnerabilities and maintain security.

  • We perform regular, encrypted backups of our systems and test recovery procedures to ensure data can be restored if needed.

  • We only collect and store personal data that is necessary for our services.

  • We integrate data protection measures into all our processes and systems from the start.

  • We maintain clear procedures for the handling, storage, and deletion of personal data, and conduct regular audits to ensure compliance.

Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices. We will notify you of significant changes through our website or app.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Axite B.V.
Langegracht 70, 2312 NV Leiden, Netherlands
Email: info@axitetech.com
Phone: +31649972892

© 2025. All rights reserved.

Follow Axite on Linkedin

Make the invisible visible

Sign up to explore the world's first neurojournal and receive company updates and neuroscience-backed content.

Contact
Policies

info@axitetech.com

Langegracht 70

2312 NV, Leiden

The Netherlands

K.v.k. 93757395

Privacy policy

Terms and conditions

Te gast bij BNR Zaken Doen

Privacy Statement