Privacy Policy

Effective Date: 

We value your privacy and are committed to protecting your health and personal information in compliance with GDPR and EHDS.

I-Remi (“we,” “our,” or “us”) provides a mobile application (“App”) used by patients and healthcare professionals. This Privacy Policy explains how we collect, use, store, and share information. By using I-Remi, you consent to this Policy.

1. Purposes of Processing

Your data is processed strictly for healthcare-related purposes:

  • Treatment tracking and recovery monitoring
  • Facilitating patient–doctor communication
  • Delivering questionnaires, exercises, and educational videos
  • Improving healthcare service quality and compliance

2. Information We Collect

We do not collect or use location data.

  • Personal Data: First name, email, patient ID (assigned by your clinician).
  • Medical Data: Diagnosis, pain area, treatment, surgery details, questionnaire responses, and exercise progress.
  • Technical Data: Device info, app version, crash logs (via Sentry).

4. Secondary Use & AI Development

In compliance with EHDS, we may use anonymized or pseudonymized health data for secondary purposes, such as:

  • Training and improving artificial intelligence (AI) models
  • Developing healthcare, nutrition, and exercise-related applications
  • Scientific research and innovation in public health

No directly identifying information (such as your name, email, or patient ID) is ever used for these purposes. You may opt out of secondary use at any time by contacting us.

5. Data Sharing & Transfers

  • Your data is stored in the EU/EEA (Google Cloud Firebase – region europe-west/europe-west3).
  • We do not sell or trade your data.
  • We do not transfer data outside the EU unless required (e.g., Firebase Push Notifications, Sentry). In such cases, Standard Contractual Clauses (SCCs) are applied.

6. Data Security

We implement industry-standard protections:

  • Encryption in transit (TLS 1.2/1.3) and at rest (AES-256)
  • Role-based access and least-privilege controls
  • Regular security audits

7. Your GDPR Rights

  • Right of access, rectification, and erasure
  • Right to restrict or pause processing (without deleting your account)
  • Right to data portability in standard formats (FHIR, HL7)
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your supervisory authority

8. Data Retention

Data is retained as long as necessary for healthcare purposes or legal requirements. Data used for secondary purposes is anonymized or pseudonymized and may be retained longer for research and innovation.

9. EHDS Compliance

  • Health data is stored/exported in standardized formats (FHIR, HL7)
  • Patients can transfer their health data between providers and apps upon request

10. Children’s Privacy

The App is not directed to children under 13. For minors, processing must be supervised by a guardian or healthcare professional.

11. Contact & Data Protection Officer (DPO)

If you have questions about this Policy or your data rights:

Data Protection Officer (DPO): dpo@i-remi.com

EU Representative: privacy@i-remi.com

Email: support@i-remi.com