Privacy Policy and Data Protection – TMA eCardio App

Personal data collected through the Application is processed with the user’s explicit consent. ECG measurements and related data are securely transferred and stored at Hetzner Online GmbH’s data center in Germany. TMA has signed a Data Processing Agreement with Hetzner to ensure compliance with the General Data Protection Regulation (GDPR) and all applicable data protection regulations.

TMA is a Greek company, registered under General Commercial Registry No. 007904401000, with Tax Identification Number 998889850, headquartered at 151 Al. Papanastasiou Avenue, Piraeus, Attica, P.C. 18533.
For inquiries, users can contact TMA by phone at +30 211 1165330-2 or via email at [email protected]

If you have questions regarding the storage or protection of your personal data, or wish to exercise your rights, you may contact TMA’s Data Protection Officer (DPO):

• Address: 151 Al. Papanastasiou Avenue, Piraeus, 18533
• Email: [email protected]

By installing and using the Application, you acknowledge that you have read and understood this Privacy Policy, and you give explicit consent for the collection and processing of your personal data as described herein.

You may withdraw your consent at any time through the account settings menu, by deleting your account, or by uninstalling the Application.

1. ECG Measurements
   • ECG data collected via Mintti Heartbook.
   • Displayed as live graphs and stored in your personal measurement history.
     
     
2. User Profile Information (Optional)
   • Basic information such as name, date of birth, gender may be requested to personalize your experience.
     
     
3. Device Data
   • Technical data such as device model, operating system version, and IP address (for security and support purposes).

Data collected through the Application is used exclusively to:

• Provide Bluetooth connectivity with the Mintti Heartbook,
• Record and display ECG data in graphs,
• Maintain a history of ECG measurements for the user,
• Ensure proper functioning and security of the Application.

No data is used for marketing purposes or shared with unauthorized third parties.

Your personal data is stored securely as long as you maintain an active account. Upon deletion of your account or uninstallation of the Application, your data will be erased unless retention is required by applicable laws.

TMA will not share your ECG data with third parties except:

• When explicitly authorized by you,
• When required by law or regulatory authorities.

No data is transferred outside the EU unless explicitly approved by the user.

TMA applies strong encryption and security standards:

• AES-256 encryption for data at rest,
• TLS/HTTPS encryption for data in transit,
• Role-based access controls (RBAC) to prevent unauthorized access.

You have the right to:

• Access your personal data,
• Correct or update your information,
• Request deletion of your data,
• Withdraw your consent at any time.

You may also contact the Hellenic Data Protection Authority (HDPA) regarding concerns:

• Tel: +30-210 6475600
• Address: Kifisias 1-3 Ave., Athens, 115 23
• Email: [email protected]

TMA may update this Privacy Policy to comply with legal or regulatory changes. Updates will be published within the Application, and continued use of the Application after such updates constitutes acceptance of the revised policy.