Compliance
GDPR
Heidi diligently adheres to GDPR regulations, safeguarding your personal data with strict protocols and robust security measures, reinforcing trust and accountability in our operations.
We process all personal data lawfully, fairly, and in a transparent manner in relation to the data subject.
We process all personal data lawfully, fairly, and in a transparent manner in relation to the data subject.
Consent is important, and we support clinicians in getting clear agreement from patients before using Heidi in a consultation. That’s part of the normal clinical process. From a data protection perspective, Heidi doesn’t rely on consent under GDPR. Instead, we process data on the controller’s instructions, under Article 6(1)(e) (public task) or Article 6(1)(f) (legitimate interests), and Article 9(2)(h) for health data.
We fully support the rights of individuals under GDPR, including the right to access, correct, delete, and restrict processing of their data, the right to data portability, and the right to object.
We implement appropriate technical and organizational measures that ensure and demonstrate that we process personal data in compliance with GDPR. This includes measures to protect data against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
We ensure your data remains within the EU/EEA and is protected in accordance with GDPR requirements.
We ensure your data remains within the EU/EEA and is protected in accordance with GDPR requirements.
We ensure your data remains within the EU/EEA and is protected in accordance with GDPR requirements.
Heidi diligently adheres to GDPR regulations, safeguarding your personal data with strict protocols and robust security measures, reinforcing trust and accountability in our operations.