Privacy Policy Axite

Privacy Policy Axite

Axite B.V. Brain Activity Monitoring Service

Last updated: 1 July 2026


Introduction


At Axite B.V. ("Company," "we," "our," or "us"), your privacy is our priority. We are committed to safeguarding your personal data and ensuring full compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws. This Privacy Policy explains how we collect, use, share, and protect your data when you interact with our brain activity monitoring service ("Service").

This policy is intended for end-users aged 16 and above who use our products and services. If you are under 16, please do not use the Service without parental or guardian consent.


Data We Collect


When you use our Service, we may collect the following types of data:

Android Apps (Neurojournal or Tacet)


Smartphone Usage Data

  • The model of the mobile device on which the app is installed.

  • The timing of each touchscreen interaction, including time zone.

  • The names and launch times of the apps run on the mobile device.

  • The battery log of the mobile device.

  • Usage patterns, and performance and stability indicators of the QuantActions Apps themselves.

  • Motion Usage data from the CoreMotion API (includes raw accelerometer, pedometer, gyroscope, etc), including MotionActivity (such as walking, on a car, on a train, …).


Optional data

Providing this information is entirely at the user's discretion. In research contexts researchers may choose to turn on or off the request of the following information:


Sensor data when using the Muse EEG hardware

  • Brain activity data recorded using EEG device(s).

  • Functional Near-Infrared Spectroscopy (fNIRS)

  • Gyroscope data 

  • Accelerometer data

  • EEG Device type and device ID


Journal Functionalities

  • Tags, labels, or keywords manually created or added via our speech-to-text feature. We do not store your audio data.

  • Check-ins about reported life events

  • Seizure information, including type, frequency, duration, symptoms, and additional notes.

  • Medication information, including type, dosage, and frequency.


Other

  • Cognitive test performance data (if participating for research purposes).

  • Voluntary survey responses related to brain health (if participating for research purposes).

  • Physiological data from optional wearables, including heart rate, sleep patterns, and activity levels.

  • Contact details, including username and email address. First and last name, if a user contacts us with an inquiry or feedback about the app. 

  • Payment details, including bank account number (IBAN), or credit card number.

  • Demographic information such as age and gender. We collect month and year of birth only, not full date of birth. 


Any personal data is retained prior to anonymization to facilitate deletion requests. Once anonymized, data can no longer be linked to an individual and therefore cannot be deleted.


Website (Neurojournal Hub)

  • Login information including email address, password, first and last name and optional username.

  • Information about your projects including name, description and durations. 


How We Use Your Data


We use the collected data for the following purposes:

  • To provide you with personalized insights and reports.

  • To improve and develop our products and services.

  • For research and analytical purposes.

  • Commercial Use: Anonymized data may be used for commercial purposes such as product development, marketing insights, and business analytics.

  • To comply with legal and regulatory requirements.


Who Can Access Your Data


Access to your personal and EEG data is strictly limited to authorised Axite developers and technical staff who need it to operate, maintain, or improve the Service. All such access is protected by confidentiality agreements and role-based permissions. We do not share identifiable data with third parties except trusted EU-based service providers (such as our cloud host, Supabase, EU-West) acting under our instructions and data-processing agreements. Researchers may access your data if you have explicitly consented to participate in a study.


Legal Basis for Processing


We process your personal data based on the following legal grounds:

  • Your explicit consent, which you provide by using the Service.

  • Compliance with legal obligations.

  • Legitimate interests in improving our Service while maintaining privacy safeguards.


Data Storage and Security


  • All collected data is encrypted and stored securely on cloud servers (AWS,Supabase, Azure) with anonymized codes.

  • Data transmission from your device to our servers only occurs over secure networks.

  • We implement industry-standard security measures to prevent unauthorized access, alteration, or loss of your data.

  • If provided personal data is stored securely before anonymization to facilitate deletion requests.


Sharing your data


We may share anonymized data with:

  • Third-party partners for research and development purposes.

  • Regulatory bodies if legally required.


Your Rights Under GDPR


As a data subject under GDPR, you have the following rights:

  • Right to Access: Request access to the data we hold about you.

  • Right to Rectification: Request correction of inaccurate or incomplete data.

  • Right to Erasure: Request deletion of your data (before anonymization).

  • Right to Withdraw Consent: Withdraw your consent at any time and stop using our service.

  • Right to Data Portability: Request transfer of your data in a structured format.

  • Right to Object: Object to data processing based on legitimate interests.


You can send a request for access, rectification, erasure, or data transfer of your personal data or a request to withdraw your consent or object to the processing of your personal data to info@axitetech.com. We will respond as quickly as possible, but within four weeks.

Axite B.V. also wants to inform you that you have the option to file a complaint with the national supervisory authority, the Dutch Data Protection Authority. This can be done via the following link:
https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons


Data Retention


We retain your data for as long as necessary to provide the Service and comply with legal obligations. If you withdraw consent, we will delete your data within 30 days. Personal data will be stored only until it is anonymized. After anonymization, data cannot be traced back to you and therefore cannot be deleted. 


Cookies and Tracking Technologies


Our Service may use cookies and similar technologies to enhance user experience and collect analytical data. You can manage your cookie preferences through your device settings.


Third-Party Services


Our Service may include links to third-party platforms such as QuantActions, Muse, Brainbit, Emotiv, Oura or Garmin. We are not responsible for their privacy practices, and we encourage you to review their respective privacy policies.

How we secure personal data


Axite B.V. takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure, and unauthorized modification.


Encryption: We encrypt your (personal) data both in transit and at rest to prevent unauthorized access.

  • TLS encryption (HTTPS) to protect data during transfer.

  • Access to personal data is limited to authorized personnel and protected with multi-factor authentication.

  • We regularly update our systems and software to fix vulnerabilities and maintain security.

  • We perform regular, encrypted backups of our systems and test recovery procedures to ensure data can be restored if needed.

  • We only collect and store personal data that is necessary for our services. 

  • We integrate data protection measures into all our processes and systems from the start.

  • We maintain clear procedures for the handling, storage, and deletion of personal data, and conduct regular audits to ensure compliance.


Updates to This Privacy Policy


We may update this Privacy Policy periodically to reflect changes in our practices. We will notify you of significant changes through our website or app. If you are participating in a research study you will be informed by the lead researcher of any changes of the privacy policies.


Contact Information


If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:


Axite B.V.
Langegracht 70, 2312 NV Leiden, Netherlands
Email: info@axitetech.com
Phone: +31649972892