Telematic Medical Applications LTD (“TMA”) has developed the “ePokratis MedAiConnect” application (the “Application”). Through the Application, users can choose to receive and automatically record vital signs using compatible Bluetooth medical devices, perform AI-based measurements via the mobile camera, manually log data from non-compatible medical devices, upload digital files or test results, communicate with doctors affiliated with TMA, and receive medical advice, as detailed in the General Terms of Use.
Personal data provided by users, with their explicit consent, through the Application will be securely transferred to and stored at TMA’s data center. TMA is a Greek company, registered under General Commercial Registry No. 007904401000, with Tax Identification Number 998889850, headquartered at 151 Al. Papanastasiou Avenue, Piraeus, Attica, P.C. 18533. For inquiries, users can contact TMA by phone at +30 211 1165330-2 or via email at info@tma.gr. This data will be processed solely by TMA in accordance with this Privacy Policy and for the stated purposes.
If you have questions regarding the storage or protection of your personal data, wish to exercise your rights, or file a complaint, you may contact TMA’s Data Protection Officer (DPO) by sending a letter to 151 Al. Papanastasiou Avenue, P.C. 18533, or via email at info@tma.gr. Detailed information on TMA’s data protection practices can be found at https://tma.gr/epokratis-privacy-policy/.
TMA has appointed a DPO to ensure compliance with data protection regulations. You can reach the DPO at dpo@tma.gr.
By submitting your personal data through the Application, you acknowledge that you have read, understood, and explicitly accepted this Privacy Policy. You provide your informed consent for the collection, and storage of your personal, medical, and demographic data as detailed in this Privacy Policy and the Application’s Terms of Use. Consent is gathered through an opt-in checkbox or similar user action during the sign-up process where the users are explicitly prompted to actively agree to this policy before proceeding to use the Application, ensuring transparency and user control.
You may withdraw your consent at any time through the settings menu, by uninstalling or ceasing to use the Application. Upon withdrawal, no further data will be shared for the services you request, and the functionality of the Application may be impacted.
Users are responsible for ensuring the accuracy and currency of the information they provide through the Application. Users must maintain updated data that reflects their true situation. TMA holds users accountable for any false or inaccurate information provided and any resulting damages to TMA or third parties.
The storage of your personal data is legitimized by your registration in the Application and the use of its services, during which you provide explicit, clear, and informed consent. The legal basis for storing your data is the necessity for the execution of a contract, as users must agree to the Terms of Use before accessing the Application. Alternatively, if you do not consent to these terms, you may choose not to install the Application.
For special categories of data, such as health information and data of national origin, the legal basis is your explicit consent, which is required for their storage and processing.
The provision and granting of access to special category personal data during doctor support via video call is based on the necessity of processing such data to provide teleconsultation services effectively.
TMA protects the data you provide with your consent through the Application, whether in text, video, image, or audio format, for the purpose of assessing your health condition. Data is only collected when explicitly provided by the user or during interactions involving service use; no data is collected during general visits or navigation within the Application.
This may include gender, date of birth, allergies, medical history, hospital care history, surgical history, and current medications. Providing this information is optional and helps improve service quality, such as enhancing the accuracy of symptom assessments. When using the video call service, you consent to sharing text, audio, video, or photos with the selected health specialist.
This includes user-reported symptoms and vital sign measurements taken via compatible Bluetooth medical devices (e.g., blood pressure monitor, oximeter, thermometer, scale, electrocardiograph, multi-parameter device), entered manually when using non-compatible devices, or gathered through the mobile camera using AI technology (e.g., heart rate, respiration, oximetry, blood pressure, stress levels). All AI-based assessments within the Application are designed solely for informational purposes and are not intended for medical diagnosis or treatment. These assessments should not be used as a substitute for professional healthcare advice, diagnosis, or treatment. Any health-related data generated through AI-based measurements is for user information only. No images or video files are saved on our servers, ensuring full privacy and confidentiality during and after the AI-based measurement.
Users may also upload medical test results or other relevant files in digital form. All recorded measurements are presented in graph format within the Application for user access.
This encompasses appointment details (date, time, specialty, and doctor's name) scheduled by the user.
TMA collects and stores real-time location data from the user's mobile device only with the user's explicit consent, which is requested when the user activates the Emergency assistance feature in the Application. At that time, a clear usage description is provided to explain how the location data will be utilized (e.g., “Your location helps coordinate emergency assistance to your current position”). By default, location sharing is disabled and requires user activation through a specific mobile device setting. This data is collected exclusively for the purpose of delivering immediate emergency assistance. Location data is stored only when the user selects the Send Location button within the Application, maintaining full transparency and ensuring user control over when and how their location is shared.
Information related to the diagnosis provided by the health specialist, including prescribed treatments and dosage, is collected.
Users can purchase compatible medical devices through TMA’s online store and acquire redemption units for AI measurement sessions as described above.
This includes the IP address used by the user (along with the date and time of connection) to access the Internet through their mobile device.
TMA may collect information or personal data from third parties only if the user has authorized these third parties to share such information. For example, if the user registers on the Application using their Facebook, Google, or Microsoft account, these platforms may share relevant personal data included in the user’s profile with TMA, contingent on user consent.
Your data is used exclusively for the following purposes:
TMA will only use personal data for the purposes described above. Under no circumstances will personal data be used for any other purpose unless the user has been informed in advance and has consented or failed to object within a reasonable time.
Your personal data is stored securely and will be retained for as long as you remain registered and have not requested deletion. If you withdraw consent, all personal data will be deleted from all involved servers unless legal obligations require longer retention.
TMA will not share your data except in the following circumstances:
TMA may transfer users' personal data, including sensitive information, to contracted healthcare professionals solely for the purpose of providing services related to the Application’s functionalities, such as telemedicine consultations. This data transfer occurs through a TMA-owned teleconsultation platform that complies with applicable privacy laws. All contracted healthcare professionals engaged by TMA are based in Greece, and all user data will be transferred exclusively within Greece, where the Application will be launched and operated. TMA does not transfer user data to any other countries outside Greece. No user data will be transferred outside of Greece unless explicitly authorized by the user, in compliance with applicable laws: if any future international data transfer is necessary, TMA will ensure full compliance with relevant data protection regulations and will notify users accordingly to obtain their explicit consent.
For example, if you choose to use the video call service for medical consultation, we may share your personal data with the healthcare professional who is providing the consultation. This transfer is essential for ensuring that the service is provided in a complete and accurate manner.
TMA may transfer users' personal data, including sensitive information, to contracted healthcare professionals solely for the purpose of providing services related to the Application’s functionalities, such as telemedicine consultations. This data transfer occurs through a TMA-owned teleconsultation platform that complies with applicable privacy laws. All contracted healthcare professionals engaged by TMA are based in Greece, and all user data will be transferred exclusively within Greece, where the Application will be launched and operated. TMA does not transfer user data to any other countries outside Greece. No user data will be transferred outside of Greece unless explicitly authorized by the user, in compliance with applicable laws: if any future international data transfer is necessary, TMA will ensure full compliance with relevant data protection regulations and will notify users accordingly to obtain their explicit consent.
For example, if you choose to use the video call service for medical consultation, we may share your personal data with the healthcare professional who is providing the consultation. This transfer is essential for ensuring that the service is provided in a complete and accurate manner.
We ensure that the healthcare providers who receive your data are contractually bound to use your personal information solely for the purposes of delivering the requested services and in compliance with applicable data protection laws. These healthcare professional are required to follow the same level of privacy and security practices as outlined in this Privacy Policy.
By using the Application, you provide explicit, informed, and clear consent for the storage, processing, and sharing of your personal data with healthcare practitioners contracted with TMA. When you choose to initiate a consultation with a healthcare practitioner, you automatically consent to sharing the relevant data required for that consultation. This consent is obtained during registration and is necessary to access the Application's services.
You have the right to withdraw your consent at any time by uninstalling or ceasing to use the Application. If you withdraw your consent, no further data will be shared for services you request.
Please note that any information you provide directly to third-party providers outside the control of TMA is not covered by this Privacy Policy, and we recommend reviewing their privacy policies for additional details on how your data is handled.
At ePokratis MedAiConnect, we are committed to protecting the security and confidentiality of your personal data. We use advanced encryption protocols to ensure that your data remains secure in compliance with industry standards. The following outlines the key security measures implemented in our solution:
We use AES-256 encryption—a trusted and widely recognized standard—to protect all stored data. This encryption ensures that user data remains secure and inaccessible, even in the event of a physical storage breach.
All data transmitted between the app and external servers is encrypted using HTTPS/TLS protocols. These protocols establish secure communication channels, safeguarding your data from interception while ensuring its integrity and confidentiality during transmission.
For enhanced data security, we implement client-side encryption for highly sensitive information. This means that your data is encrypted on your device before being transmitted to external servers, ensuring that only authorized users with the decryption key can access it.
We rely on a trusted Key Management Service (KMS) to securely manage and control encryption keys. Our key management practices include:
Our storage solution meets stringent regulatory standards for data protection, including:
Our solution employs a comprehensive set of encryption protocols, including:
We implement role-based access control through our security rules, ensuring that only authorized users can access specific data. This maintains both the integrity and confidentiality of the data.
While we implement robust encryption and security measures, we encourage users to also take the following precautions to protect their data:
TMA is committed to implementing appropriate organizational and technical measures to protect the security of users' personal data, in accordance with applicable data protection laws. These measures are designed to prevent unauthorized access, alteration, loss, or misuse of personal data, considering the state of technology, the nature of the data, and potential risks.
To further ensure the security of your account, users are responsible for safeguarding their login credentials, including passwords, and should take steps to prevent unauthorized access. TMA is not responsible for any misuse of accounts due to compromised passwords.
Users have the right to access, correct, or delete their personal data at any time through the settings within the Application. Please note that withdrawing consent and/or deleting personal data will prevent TMA from being able to continue providing the services of the Application.
Users may also withdraw their consent for specific purposes at any time, without affecting the lawfulness of data processing prior to the withdrawal.
Users retain the right to contact the Data Protection Authority regarding any concerns or complaints about their data privacy. Complaints can be submitted by phone at +30-210 6475600, in writing to Kifisias 1-3 Ave., P.C. 115 23, Athens, or via email to contact@dpa.gr.
TMA may update this Privacy Policy to comply with legal, regulatory, or other applicable requirements. Any changes will be reflected in the updated Privacy Policy, which will always be made available within the Application. Users will be notified of any significant updates, and continued use of the Application after such updates constitutes acceptance of the revised Privacy Policy.
