Privacy Policy

Last updated: 13 June 2026

Unless stated otherwise, capitalized terms not defined in this Privacy Policy shall have the meaning attributed to them in the Terms and Conditions.

HDS stands for Health Data Safe Foundation, a non-profit foundation incorporated under Swiss private law (articles 80 ff. of the Swiss Civil Code), with its registered seat in Morges, Canton de Vaud, Switzerland.

The Foundation’s purpose is to act for public health, quality of care, and scientific progress, placing the fundamental rights of patients at the center of its action. The Foundation has no lucrative purpose. In case of dissolution, all personal data entrusted to the Foundation must be destroyed or migrated to a service offering similar guarantees, personal data is never considered an asset of the Foundation.

1. Purpose

HDS provides this Privacy Policy to describe its procedures regarding the collection, use, and disclosure of Personal Data collected or received from Users of the HDS Platform (including the HDS mobile application “Health Data Safe”, available on iOS and Android, and the HDS web application). Personal Data has the meaning set forth in the Swiss Federal Act on Data Protection (FADP/nDSG) and, according to your place of residence, additional data protection laws and regulations (including the EU GDPR) may be applicable.

Health Data Safe Foundation, Morges, Switzerland, shall be the data controller.

This Privacy Policy does not apply to services provided by third parties, including when said services are provided as part of, or are integrated in, the HDS Platform.

2. Acceptance

By using the HDS Platform, you agree to this Privacy Policy.

In case of a modification, you will be informed by your registration e-mail and the new Privacy Policy will be available on this website. You have the right to accept or decline the changes. If you decline, you may back up and export your data; your account will then be deleted. Without any action from you within 30 days, the Privacy Policy will be considered as accepted.

3. Hosting Location and International Transfer

By default, Personal Data you submit to HDS is hosted on servers located in Switzerland and processed under Swiss data protection law (FADP/nDSG).

Where the HDS Platform offers a choice of hosting location, you may select a region other than Switzerland, for example, within the European Union or the United States. The applicable data residency and data protection rules for the storage and processing of your data follow your hosting choice: if you select an EU hosting location, your data will be subject to the EU General Data Protection Regulation (GDPR); if you select a United States hosting location, applicable United States federal and state data protection laws will apply. These rules apply in addition to the commitments HDS makes in this Privacy Policy.

You may change your hosting location at any time where the Service offers that choice. In some cases, switching location may require exporting and re-importing your data. HDS may also transfer your data between hosting providers within the jurisdiction you have selected.

Accessing or sharing your data necessarily requires transfer via the Internet. Depending on the network configuration, your data may transit through other countries on its way to or from the chosen hosting location. All transfers are encrypted with TLS/SSL.

4. What Data We Collect and How We Use It

We identify a user only with a serial ID, an e-mail address, and a username. You will not be identified if you are not a registered user.

Metrics we collect from your account:

Your amount of network usage
Your last connection date
The apps connected to your HDS account
The number of API requests made

What we do NOT collect, access, or share without your explicit request:

The content of your health data
Any statistical information not listed above

To improve the quality and ergonomics of the HDS Platform, we may collect information about your device, such as your IP address, operating system, browser, and device type. We use server-side and client-side cookies that may carry personal information and identifiers.

We may collect anonymized user-interface usage metrics (e.g., how often a feature is used).

4.2 Mobile Application Data

When you use the HDS mobile application, we may additionally collect:

Push notification tokens, device identifiers used to deliver notifications. These tokens are stored on our servers and associated with your account. You can disable notifications at any time in your device settings or the app’s settings page.
Health platform data (with your explicit permission), if you grant the app access to Apple HealthKit or Android Health Connect, the app reads health data (such as body temperature, menstrual flow, weight, and other supported types) and syncs it to your HDS account. This data is transmitted directly to your personal HDS storage and is never shared with third parties unless you explicitly request it.

The HDS app does not use health data for advertising, data mining, or any purpose other than storing it in your personal health record.

You are the sole owner of your Personal Data, and HDS processes it on behalf of your explicit requests. When you store, provide, or otherwise use content on the HDS Platform, you may provide Personal Data in the form of the content itself. You are the sole data controller for said Personal Data.

4.4 Other Uses of Personal Data

HDS will collect, use, and communicate such data to and from third parties only on your explicit request.

5. Interactions with Other Users and Services

When you share data with healthcare professionals or other users through the HDS Platform, only the data you explicitly authorize is shared. You can revoke access at any time from the app’s Connections page.

We may share aggregated information that does not include Personal Data with third parties for analysis. Any aggregated information shared will not contain Personal Data.

At your explicit request, we may transfer your Personal Data to a third party for hosting or processing.

7. Right to Access Your Personal Information

You may at any time:

Request access to your Personal Data collected by HDS
Request that inaccurate information be amended
Request that your Personal Data be erased
Export your data — see Download All My Data for the self-service tool

Some actions may be taken directly with tools provided by the HDS Platform. Requests can also be sent to support@healthdatasafe.org.

8. How to Delete Your Account

See our Data Deletion page for detailed instructions.

All users may review, update, correct, export, or delete their Personal Data within their account. Information in back-up storage may remain for a limited period after your deletion request. Any content you have shared with a third party may also persist according to their own data retention policies.

9. Links to Other Services

If any part of the HDS Platform links to or integrates with third-party services, those services operate under their own privacy policies. We do not exercise control over third-party services and recommend you review their privacy statements.

10. Security

We make our best effort to ensure that your Personal Data is protected and under your sole control. All data is encrypted in transit (TLS/SSL) and at rest.

11. Compliance with Laws

HDS cooperates with government and law enforcement officials as required by law. We will only disclose Personal Data if required to respond to legal process, protect the rights of HDS, protect public safety, or prevent illegal activity. You will be informed of any such disclosure to the extent HDS is not prohibited from doing so.

12. Applicable Law and Jurisdiction

This Privacy Policy shall be governed by the substantive laws of Switzerland. Any dispute shall be subject to the exclusive jurisdiction of the ordinary courts at the seat of HDS Foundation.

13. Contact

If you have any questions about this Privacy Policy, please contact us at support@healthdatasafe.org.