Join Waitlist

Be the first to experience holistic care designed to help you keep healthy and active for longer.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Thank you!

Please confirm your newsletter subscription by clicking on the email we have just sent toXXX@XXX

Back to Home

Oops! Something went wrong while submitting the form.
Get in touch.

Reach out if you would like to learn more, have questions, or need support.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Thank you!

We Will Get Back to You Soonest

Close

Oops! Something went wrong while submitting the form.

Privacy Policy

1. Responsible Party

The responsible party within the meaning of Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR) for the processing of your personal data in connection with the use of our website is:

Longtermhealth GmbH
Greifswalder Strasse 22A
15366 Neuenhagen near Berlin
Germany

Email: hello@bluesphere.health

Web: www.bluesphere.health

2. Data protection officer

Our external data protection officer is available to answer any questions you may have and as a contact person for data protection issues. He can be reached at the following email address:   privacy@joonnetwork.com

3. Processing of your personal data

When you visit our website, your personal data is processed. Personal data is any data that can be related to you personally, e.g., name, address, email addresses, user behavior.

3.1 Data processing when contacting us

If you contact us by email, the data you provide (your email address, your name and telephone number, if applicable, and details of your request) will be stored by us in order to answer your questions. 

The purpose of data processing is to process your request.

If the purpose of contacting us is to conclude a contract for the use of our services, or if it concerns an existing contract with you, the legal basis for processing is Art. 6 (1) (b) GDPR. 

In all other cases, the legal basis for processing your personal data is Art. 6 (1) (f) GDPR. The legitimate interest arises from the necessity of processing your data in order to be able to respond to your request.

We only store your data for as long as is necessary for the purpose, i.e. until your request has been fully answered or, if the request is assigned to a contract, until the end of the contract term.

There is no legal obligation to provide your personal data. However, if you do not wish to provide us with your data, it will not be possible to contact you.

3.2 Registration and creation of a user account

You can register for the Bluesphere services on our website. This is a personalized program that offers you scientifically based “well-being interventions.” During registration, we collect the following data:

  • First and last name,
  • Email address, 
  • Username & password

We store the data you enter in order to fulfill the user agreement or to carry out pre-contractual measures in accordance with Art. 6 (1) (b) GDPR. 

We delete your personal data as soon as the purpose or legal basis for storage no longer applies.

There is no legal obligation to provide your personal data. However, if you do not wish to provide us with your data, registration is not possible.

3.3 Newsletter

You have the option of subscribing to our newsletter on our website, which we use to inform you about current developments.

We use the double opt-in procedure for registration for our newsletter. After you have registered for the newsletter, you will receive an email to the email address you provided, in which we ask you to confirm your subscription and confirm that you are the owner of the email address in question. The link provided is valid for 24 hours. If we do not receive confirmation from you within this time, we will block your information and delete it after one month. When you confirm your email address, we store your IP address and the time of registration and confirmation in order to verify your registration and investigate any possible misuse of your personal data.

When you register for our newsletter, we collect, store, and process the following “newsletter data”:

  • the page from which the page was requested (so-called referrer URL),
  • the date and time of the request,
  • the description of the type of web browser used,
  • the IP address of the requesting computer, which is shortened so that it can no longer be traced back to a specific person,
  • the email address,
  • the date and time of registration and confirmation,
  • the country and city (optional)

Please note that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. For the evaluations, we link the above-mentioned data and the web beacons to your email address and an individual ID. Links contained in the newsletter also contain this ID. The data is collected exclusively in pseudonymized form, i.e., the IDs are not linked to your other personal data, and direct personal reference is excluded.

The legal basis for data processing is your consent in accordance with Art. 6 (1) (a) GDPR.

We store your data until you revoke your consent. You can revoke your consent by clicking on the link provided in every newsletter email or by sending an email to hello@bluesphere.health.

There is no legal obligation to provide your data. However, if you do not provide us with your email address, it will not be possible to subscribe to the newsletter.

3.4 Technical data

3.4.1 Log files 

When you visit our website, a so-called log file (server log file) is temporarily stored on our web server in anonymized form. This consists of:

  • the page from which the page was requested (so-called referrer URL)
  • the name and URL of the requested page
  • the date and time of the request
  • a description of the type, language, and version of the web browser used
  • the IP address of the requesting computer, which is shortened so that it can no longer be traced back to a specific person
  • the amount of data transferred
  • the operating system used
  • a message indicating whether the request was successful (access status/HTTP status code)
  • time zone difference to Coordinated Universal Time (UTC)

This data is processed for the purpose of technical provision of our website and for statistical evaluations, as well as for the purpose of identifying and tracing unauthorized access to the web server and other criminal offenses. 

The legal basis for data processing is Art. 6 (1) (f) GDPR. Our legitimate interests in the temporary storage of technical access data lie in being able to provide you with a technically functional and user-friendly website and in being able to ensure the security of our systems.

The storage of information on a device you use and its retrieval is carried out independently of the technology used for this purpose (cookies, object storage, pixels, web beacons, etc.) on the basis of your consent in accordance with Section 25 (1) TDDDG, which you declare by opting in. You can revoke your consent at any time via the cookie settings. If storage is absolutely necessary to make the website available, the legal basis for storage is Section 25 (2) No. 2 TDDDG.

The recipients of the data are our hosting service providers.

Log file information is stored for a maximum of 30 days from the end of your website visit and then deleted.

Data processing is necessary for the operation of our website. If you wish to object to data processing, you can do so by not visiting our website.

The provision of personal data is neither required by law nor contractually required, but it is necessary for the functionality of our website. 

3.4.2 General information about cookies

We use cookies on our website. Cookies are small text files that are assigned to and stored on your hard drive by the browser you are using through a characteristic string of characters and through which certain information flows to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer and therefore cannot cause any damage. They serve to make the Internet offering more user-friendly and effective overall, i.e., more pleasant for you.

Cookies may contain data that enables the device used to be recognized. In some cases, however, cookies only contain information about certain settings that are not personally identifiable. Cookies cannot directly identify a user. 

A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. In terms of their function, cookies are divided into: 

  • Technical cookies: These are essential for navigating the website, using basic functions, and ensuring the security of the website; they do not collect information about you for marketing purposes, nor do they store which websites you have visited.
  • Performance cookies: These collect information about how you use our website, which pages you visit, and, for example, whether errors occur when using the website; they do not collect any information that could identify you—all information collected is anonymous and is only used to improve our website and find out what interests our users.
  • Advertising cookies, targeting cookies: These are used to offer website users needs-based advertising on the website or offers from third parties and to measure the effectiveness of these offers; advertising and targeting cookies are stored for a maximum of 13 months;
  • Sharing cookies: These are used to improve the interactivity of our website with other services (e.g., social networks); sharing cookies are stored for a maximum of 13 months.

By using cookies, we ensure the proper functioning of our website. It also allows us to optimize the website experience. These are the purposes of data processing.

Any use of cookies that is not strictly necessary for technical reasons constitutes data processing that is only permitted with your consent in accordance with Art. 6 (1) (a) GDPR. This applies in particular to the use of advertising, targeting, or sharing cookies. Furthermore, we only pass on your personal data processed by cookies to third parties if you have given your consent in accordance with Art. 6 (1) (a) GDPR. Below, we list the legal bases in connection with the respective service.

The storage of cookies on a device you use and their reading is based on your consent in accordance with Section 25 (1) TDDDG, which you declare by opting in. You can revoke your consent at any time via the cookie settings. If storage is absolutely necessary to make the website available, the legal basis for storage is Section 25 (2) No. 2 TDDDG.

We only store your data for as long as it is necessary to fulfill the aforementioned purposes. The cookies are then deleted.

If your consent pursuant to Art. 6 (1) (a) GDPR constitutes the legal basis for data processing, you can revoke it at any time. You can do this by deleting the cookies in your browser.

The provision of your personal data is neither required by law nor contractually required. However, without the provision of this data, the functionality of our website may not be guaranteed. In addition, it is possible that individual services may not be available.

3.5 Analysis and tracking

We use the following analysis and tracking tools:

Google Analytics 

We use Google Analytics, a web tracking service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The purpose of our use of this tool is to enable the analysis of your user interactions on websites and in apps and to improve our offering and make it more interesting for you as a user based on the statistics and reports obtained. We primarily collect information about the interactions between you as a user of the website and our website using cookies, device/browser data, IP addresses, and website or app activities. Google Analytics also collects your anonymized IP addresses to ensure the security of the service and to provide information about the region of the respective user (so-called “IP location determination”). With the anonymization function (“IP masking”), Google truncates the IP addresses within the EU/EEA by the last octet.

Google acts as a processor and we have entered into a corresponding contract with Google. The information obtained about your use of this website and the anonymized IP addresses are usually transferred to a Google server in the USA and processed there. In these cases, Google has submitted to the EU-U.S. Privacy Framework, which is based on an adequacy decision by the European Commission and ensures compliance with European data protection standards.

The legal basis for the processing of the information is your consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing until revocation. The easiest way to revoke your consent is via our Analytics settings or by installing the Google browser add-on, which is available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

Further information on data processing can be found at: https://www.google.de/intl/de/policies/privacy/

Google Tag Manager

We use Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Tag Manager is used to manage website tags via an interface. The tool itself (which implements the tags) is a cookie-free domain and does not process any personal data of users. The tool triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data.

The legal basis is Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TDDDG, provided that a tracking tool is integrated via Tag Manager for which consent is required. You can revoke your consent at any time in the cookie settings.

Further information about Google Tag Manager can be found at: https://support.google.com/tagmanager/answer/9323295?hl=en

Microsoft Clarity

We use Microsoft Clarity, a web analytics service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Clarity enables the analysis of the use of our website (e.g. mouse movements, clicks, scrolling behavior) to improve user-friendliness. Cookies may be set and information such as IP address, device information, and page views may be collected.

The legal basis for the use of Clarity is your consent in accordance with Art. 6 (1) (a) GDPR and § 25 (1) TDDDG. You can revoke your consent at any time via the cookie settings. Microsoft processes the data on our behalf. Microsoft is certified under the EU-U.S. Data Privacy Framework.

Further information on data processing by Microsoft can be found at: https://www.microsoft.com/en-gb/privacy/privacystatement

Meta Pixel (formerly Facebook Pixel)

On our website, we use the Meta Pixel from Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The pixel enables us to track the behavior of visitors after they have been redirected to our website by clicking on a Facebook or Instagram advertisement. This serves to measure the success of advertising campaigns and to display targeted advertising on Meta's platforms.

In doing so, personal data (e.g., IP address, browser information, cookie ID, information on user behavior) may be transmitted to Meta and processed on servers in the USA. Meta is certified under the EU-U.S. Data Privacy Framework.

The legal basis is your consent in accordance with Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TDDDG. You can revoke your consent at any time via the cookie settings.

Further information on data processing by Meta can be found at: https://www.facebook.com/privacy/policy

4. Transfer of personal data to external service providers

For some functions on our website, we engage external service providers to whom we transfer personal data. All third-party providers commissioned by us act as processors on our behalf in accordance with our instructions and are integrated in compliance with data protection regulations in accordance with Art. 28 GDPR. The contractual agreement stipulates, among other things, that processors undertake to comply with data protection regulations, which includes securing your personal data through appropriate technical and organizational measures, in particular through encryption technologies.

4.1. Calendly

You can make appointments with us on our website. We use the “Calendly” tool provided by Calendly, Inc. 115 E Main St., Ste A1B, Buford, GA 30518 USA (hereinafter “Calendly”) to book appointments. 

To book an appointment, enter your preferred date and blood collection location in the form provided. The data entered will be used for planning, carrying out, and, if necessary, following up on the appointment. The legal basis for processing the necessary data is Art. 6 (1) lit. f. The website operator has a legitimate interest in making it as easy as possible to make appointments with interested parties and customers. 

The legal basis for the storage of cookies or access to information on your end device is consent in accordance with Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG. 

You can give your consent in accordance with Section 25 (1) TDDDG and Article 6 (1) (a) GDPR by simply clicking the corresponding button in our cookie banner. 

You can revoke your consent in the cookie settings. A subsequent revocation has no effect on the permissibility of data processing up to that point in time. 

Calendly acts as a processor for us on a contractual basis and processes the data on the basis of our documented instructions. The data processed via Calendly is transferred to the USA for processing. Calendly has submitted to the EU-U.S. Privacy Framework, which is based on an adequacy decision by the European Commission and ensures compliance with European data protection standards.

Further information on data processing by Calendly can be found at: https://calendly.com/legal/privacy-notice

4.2. Microsoft Azure Cloud

We use Microsoft Azure Cloud to host our website. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, represented by Microsoft Deutschland GmbH (“Microsoft”). When you visit our website, your personal data is processed on Microsoft's servers. The legal basis for the collection of this data is Art. 6 (1) lit. f GDPR. We have a legitimate interest in ensuring that our app is as reliable as possible. 

The data is stored on servers managed by Microsoft in the EU or the EEA. However, it should be noted that Microsoft is a US company. It cannot therefore be ruled out that your personal data may also be stored on servers located outside the EEA in the USA. In this case, Microsoft has submitted to the EU-US Privacy Framework, which is based on an adequacy decision by the European Commission and ensures compliance with European data protection standards.

Microsoft acts as a processor for us on a contractual basis and processes the data on the basis of our documented instructions.

Further information can be found in Microsoft's privacy policy: https://www.microsoft.com/en-gb/privacy/privacystatement

4.3. Stripe

We have integrated Stripe into our website. The provider is Stripe Payments Europe, Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Stripe enables us to process online payments securely and efficiently. The following data entered by you in our Stripe payment forms is stored on Stripe's servers:

  • Email address
  • Payment information (e.g., credit card number, bank details)
  • First and last name
  • Billing address
  • Information about your device
  • IP address

The data is collected for the purpose of processing online payments, preventing fraud, and complying with legal obligations. The legal basis for the storage and processing of your personal data is the fulfillment of a contract in accordance with Art. 6 (1) lit. b GDPR and, in the case of health data, your consent in accordance with Art. 9 (2) lit. a GDPR. You can revoke your consent to the processing of your personal data at any time with future effect by sending an email to: privacy@bluesphere.health. A revocation has no effect on the permissibility of data processing up to that point.

The legal basis for the storage of cookies or access to information on your end device is consent in accordance with Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG. 

You can declare your consent in accordance with Section 25 (1) TDDDG and Art. 6 (1) (a) GDPR by simply clicking the corresponding button in our cookie banner. 

You can revoke your consent in the cookie settings. A subsequent revocation has no effect on the permissibility of data processing up to that point.   

Stripe acts as a processor for us on a contractual basis and processes the data on the basis of our documented instructions.

Further information on data processing by Stripe can be found at  https://stripe.com/privacy

4.4. Twilio Sendgrid

Our email newsletters are sent via the provider Twilio Inc., 101 Spear Street, Fifth Floor, San Francisco, California, 94105 USA. In order to ensure effective and user-friendly newsletter delivery, we pass on the data collected during newsletter registration (see section 3.3) to SendGrid with your express consent in accordance with Art. 6 (1) lit. a GDPR.

You can revoke your consent by clicking on the link provided in each newsletter email or by sending an email to privacy@bluesphere.health. You can revoke your consent to newsletter tracking at any time with effect for the future.

The legal basis for storing cookies or accessing information on your device is consent in accordance with Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG. 

You can give your consent in accordance with Section 25 (1) TDDDG and Art. 6 (1) (a) GDPR by simply clicking the corresponding button in our cookie banner. 

You can revoke your consent in the cookie settings. A subsequent revocation has no effect on the permissibility of data processing up to that point in time.  

Sendgrid acts as a processor for us on a contractual basis and processes the data on the basis of our documented instructions.

For data transfers to the USA, SendGrid has joined the EU-US Data Privacy Framework, which is based on an adequacy decision by the European Commission and ensures compliance with European data protection standards.

Further information can be found in Sendgrid's privacy policy: https://www.twilio.com/en-us/legal/privacy

5. Data deletion and storage period

For each of the processing operations we carry out, we specify how long the data will be stored by us and when it will be deleted or blocked. Unless an explicit storage period is specified, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies. Your data is generally only stored on our servers in Germany, subject to any transfer that may be specified elsewhere.

However, storage may continue beyond the specified period in the event of an (imminent) legal dispute with you or other legal proceedings, or if storage is required by legal regulations to which we are subject as the controller (e.g., Section 257 of the German Commercial Code (HGB), Section 147 of the German Fiscal Code (AO)). When the storage period prescribed by law expires, the personal data will be blocked or deleted, unless further storage by us is necessary and there is a legal basis for this.

6. Data security

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties (e.g., TLS encryption for our website), taking into account the state of the art, implementation costs, and the nature, scope, context, and purpose of the processing, as well as the existing risks of a data breach (including its likelihood and impact) for the data subject. Our security measures are continuously improved in line with technological developments. 

7. Data transfer to a so-called third country

Within the scope of our business relationships, your personal data may be passed on or disclosed to third-party companies. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing is carried out exclusively for the purpose of fulfilling contractual and business obligations and maintaining your business relationship with us. We will inform you of the respective details of the transfer at the relevant points.

The European Commission certifies that some third countries have data protection standards comparable to those of the EEA through so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. Where this is the case, we ensure that data protection is adequately guaranteed. This is possible through binding corporate rules, standard contractual clauses of the European Commission for the protection of personal data, certificates, or recognized codes of conduct. With regard to the individual services, we will inform you at the appropriate point about the requirements for data transfer to third countries. 

8. No obligation to provide personal data

We do not make the provision of our website offers contingent upon you first providing us with personal data. As a customer, you are generally under no legal or contractual obligation to provide us with your personal data; however, we may only be able to provide certain offers to a limited extent or not at all if you do not provide the necessary data. If this is the case, you will be notified separately in this privacy policy. 

9. Your rights

You can assert your rights as a data subject regarding the processing of your personal data at any time by contacting us using the contact details provided at the beginning of this privacy policy. As a data subject, you have the right:

  • to request information about your data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the purposes of processing, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data if it was not collected by us, and the existence of automated decision-making, including profiling and, where applicable, meaningful information about its details;
  • to request the immediate correction of inaccurate data or the completion of your data stored with us in accordance with Art. 16 GDPR;
  • to request the erasure of your data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
  • to request the restriction of the processing of your data in accordance with Art. 18 GDPR, unless the accuracy of the data is disputed by you or the processing is unlawful;
  • to receive your data that you have provided to us in a structured, commonly used and machine-readable format or to request its transfer to another controller (“data portability”) in accordance with Art. 20 GDPR;
  • to object to the processing pursuant to Art. 21 GDPR, provided that the processing is based on Art. 6 (1) (e) or (f) GDPR. This is particularly the case if the processing is not necessary for the performance of a contract with you. Unless it is an objection to direct marketing, we ask you to explain the reasons why we should not process your data as we have done when exercising such an objection. In the event of your justified objection, we will examine the situation and either stop or adjust the data processing or point out to you our compelling legitimate reasons for continuing the processing;
  • pursuant to Art. 7 (3) GDPR, to revoke your consent at any time – i.e., your voluntary, informed, and unambiguous declaration of intent, made clear through a statement or other unequivocal confirmatory action, that you agree to the processing of the relevant personal data for one or more specific purposes – if you have given such consent. As a result, we will no longer be allowed to continue processing the data based on this consent in the future; and
  • in accordance with Art. 77 GDPR, to lodge a complaint with a data protection supervisory authority about the processing of your personal data by LTH. 

10. Updating the privacy policy

Due to changes in legal or regulatory requirements, as well as the further development of technical standards and our offerings, adjustments to this privacy policy may be necessary, which is why it is regularly reviewed for changes or additions. The privacy policy can therefore be changed at any time with effect for the future. 

This privacy policy is current as of June 2025.

Legal Validity

This English version of our Privacy Policy is for informational purposes only. In the event of discrepancies or legal relevance, the German version shall prevail.

Join Waitlist

Be the first to experience holistic care designed to help you keep healthy and active for longer.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Thank you!

Please confirm your newsletter subscription by clicking on the email we have just sent toXXX@XXX

Back to Home

Oops! Something went wrong while submitting the form.
Get in touch.

Reach out if you would like to learn more, have questions, or need support.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Please fill out this field.

Thank you!

We Will Get Back to You Soonest

Close

Oops! Something went wrong while submitting the form.