In the mobile application Meddox and on the Meddox.com website, user data are collected and used in accordance with the services for which the user has registered, and based on the Law on Prohibition and Prevention of Unregistered Activity.
The entry of personal data is voluntary.
The Meddox mobile application as well as the Meddox.com website are in line with the European General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679.
Registering with the Meddox application enables the entry, archiving and analysis of certain data, and document sharing. During registration with Meddox, the user enters his data:
Name (the name is necessary for user identification)
Surname (the surname is necessary for user identification)
E-mail address (the e-mail is necessary for registration and communication with the user)
Password or PIN (the password or PIN are necessary for protection of the user profile and the user data)
Date of birth (the date of birth is necessary for correctness of the lab test reference values)
Sex (the sex is necessary for correctness of the lab test reference values)
The user who has registered on Meddox is responsible for maintaining the above mentioned data.
In the user profile, the user can also enter:
Insured person's registration number
These data are necessary for correctness of the analysis. All the data stored by the user in the Meddox application are protected by a password, i.e. a PIN set up by the user during the creation of his account.
The user can also select a password using the PIN.
When using the Meddox application, the following data may be collected:
Technical data about the devices used to access the Meddox application or website
The type of connection that is used (fixed and/or mobile connection)
The operating system used by the user when accessing the Meddox application or website
The browser type
Other data that are necessary for providing the best possible user experience and for solving any possible errors in the system
Other data that the user stores in the Meddox application
We divide the methods in which the Meddox application collects data into the following:
The data that the user enters during registration
The data that the user enters when completing the user profile
The data that the user enters in the application
The data that the user gives when contacting user support or data sent to the e-mail addresses stated on the portal
The data that the user gives when filling in any questionnaires
The Meddox application and website also collect data using cookies and similar technologies. You can find more details on the cookies used here.
The user data are used for:
Communication between the application and the user (new messages in the application or on the website and exchange with user support, etc.)
Analyses and group-anonymized indicator reports or statistical reports (the percentage of application use by sex, age, etc.)
Meddox shares the data it collects from its users with the services it uses, for the purpose of improving the service provided.
Services which are used to improve the application are also called data processors:
Google Analytics, Firebase and Hotjar (analytical tool suppliers)
Sendgrid (customer service providers with user support through a window for e-mail messages and other communication channels)
Plava tvornica d.o.o. (development, program support and portal administration)
Pimcore data storage and reporting system
Meddox can create and share reports based on a sample of data or for a specific period of time, from anonymised data. In accordance with the European Regulation on Personal Data Protection, the principle of data protection does not apply to the processing of personal data that have been made anonymous in such a way that the identity of the respondent cannot or can no longer be ascertained.
The Meddox application and website are subject to various laws and may share the data of its users at the request of a public authority or some other form of legal obligation.
The Meddox application is not subject to the Medical Devices Act.
The user has the right to:
Information about what his personal information is used for
Access to his personal data - the user can access his personal data in the user profile at any moment
The right to a correction - the user may correct his own personal data in the user profile at any moment
The right to the deletion - the user may delete his own profile from the Meddox application at any moment
The right to limit processing - the user has the right to request that his data be used exclusively for the purpose for which he gave consent
The right to object - the user may at any moment send an objection to firstname.lastname@example.org
Rights related to automated decision-making - the user has the right to receive clarification of his rights in relation to automated decision-making or profiling
Responsibility and management - the user has the right to be informed of his responsibilities and of how he can manage his personal data
Reporting on a violation - the user has the right to be informed in the event of any violation of the privacy of his personal data
The user may, at any moment, amend, correct or delete the data in his user profile. Additionally, the user has the right that the personal data entered by the Company be forgotten, in other words he has the right to delete the profile. If the user wants to delete his profile, he must do so using the application settings, by clicking Delete profile, or send an e-mail with a request to the e-mail address email@example.com, after which he will receive a notification that the data has been deleted. Once a profile is deleted, it is not possible to restore or access its data.
It is possible to change the e-mail address for user registration by sending a written request to firstname.lastname@example.org. Upon the receipt of the request, you will get further instructions about the possibilities to change an e-mail address.
During registration, the users gives his consent to:
The use and processing of his personal data (Terms and conditions)
Zagreb, 01 May 2021