Our privacy policy

Have a look at our privacy policy and make sure you feel okay with everything. We take your privacy very seriously,  so we prepared a detailed document.

In the mobile application Meddox and on the Meddox.com website, user data are collected and used in accordance with the services for which the user has registered, and based on the Law on Prohibition and Prevention of Unregistered Activity.

The entry of personal data is voluntary.

The Meddox mobile application as well as the Meddox.com website are in line with the European General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679.


This privacy policy applies to the Meddox mobile application and the Meddox.com website and the services they provide, as well as to the security and privacy of data collected from individuals who register with Meddox (personal data that can be used to identify a physical person). 

For personal data covered by this privacy policy, the data controller is Meddox digital d.o.o.


Registering with the Meddox application enables the entry, archiving and analysis of certain data, and document sharing. During registration with Meddox, the user enters his data:

  • Name (the name is necessary for user identification)

  • Surname (the surname is necessary for user identification)

  • E-mail address (the e-mail is necessary for registration and communication with the user)

  • Password or PIN (the password or PIN are necessary for protection of the user profile and the user data)

  • Date of birth (the date of birth is necessary for correctness of the lab test reference values)

  • Sex (the sex is necessary for correctness of the lab test reference values)

The user who has registered on Meddox is responsible for maintaining the above mentioned data.

In the user profile, the user can also enter:

  • Blood type 

  • Smoking status

  • Weight

  • Height

  • Insured person's registration number

These data are necessary for correctness of the analysis. All the data stored by the user in the Meddox application are protected by a password, i.e. a PIN set up by the user during the creation of his account.

The user can also select a password using the PIN.

When using the Meddox application, the following data may be collected:

  • Technical data about the devices used to access the Meddox application or website

  • The type of connection that is used (fixed and/or mobile connection)

  • The operating system used by the user when accessing the Meddox application or website

  • The browser type

  • Other data that are necessary for providing the best possible user experience and for solving any possible errors in the system

  • Other data that the user stores in the Meddox application 


We divide the methods in which the Meddox application collects data into the following:

  • The data that the user enters during registration

  • The data that the user enters when completing the user profile

  • The data that the user enters in the application

  • The data that the user gives when contacting user support or data sent to the e-mail addresses stated on the portal

  • The data that the user gives when filling in any questionnaires


The Meddox application and website also collect data using cookies and similar technologies. You can find more details on the cookies used here.


The user data are used for:

  • Communication between the application and the user (new messages in the application or on the website and exchange with user support, etc.) 

  • Analyses and group-anonymized indicator reports or statistical reports (the percentage of application use by sex, age, etc.)

Meddox shares the data it collects from its users with the services it uses, for the purpose of improving the service provided.

Services which are used to improve the application are also called data processors:

  • Google Analytics, Firebase and Hotjar (analytical tool suppliers)

  • Sendgrid (customer service providers with user support through a window for e-mail messages and other communication channels)

  • Plava tvornica d.o.o. (development, program support and portal administration)

  • Pimcore data storage and reporting system

Meddox can create and share reports based on a sample of data or for a specific period of time, from anonymised data. In accordance with the European Regulation on Personal Data Protection, the principle of data protection does not apply to the processing of personal data that have been made anonymous in such a way that the identity of the respondent cannot or can no longer be ascertained.


The content published by Meddox may occasionally contain links to third party websites and services (social networks, blogs, e-mail addresses of advertisers). The privacy policy applicable to the Meddox mobile application and Meddox.com website does not apply to such external services.


The Meddox application and website are subject to various laws and may share the data of its users at the request of a public authority or some other form of legal obligation.

In the event of a reorganization or transfer of ownership of the Meddox application and website, we have the right to transfer the user's personal data to the third party involved, which will protect them at least to the same degree as we do in this privacy policy.

The Meddox application is not subject to the Medical Devices Act.


The user has the right to:

  • Information about what his personal information is used for

  • Access to his personal data - the user can access his personal data in the user profile at any moment

  • The right to a correction - the user may correct his own personal data in the user profile at any moment

  • The right to the deletion - the user may delete his own profile from the Meddox application at any moment

  • The right to limit processing - the user has the right to request that his data be used exclusively for the purpose for which he gave consent

  • The right to object - the user may at any moment send an objection to complaint@meddox.com

  • Rights related to automated decision-making - the user has the right to receive clarification of his rights in relation to automated decision-making or profiling

  • Responsibility and management - the user has the right to be informed of his responsibilities and of how he can manage his personal data

  • Reporting on a violation - the user has the right to be informed in the event of any violation of the privacy of his personal data

The user may, at any moment, amend, correct or delete the data in his user profile. Additionally, the user has the right that the personal data entered by the Company be forgotten, in other words he has the right to delete the profile. If the user wants to delete his profile, he must do so using the application settings, by clicking Delete profile, or send an e-mail with a request to the e-mail address complaint@meddox.com, after which he will receive a notification that the data has been deleted. Once a profile is deleted, it is not possible to restore or access its data.  

It is possible to change the e-mail address for user registration by sending a written request to info@meddox.com. Upon the receipt of the request, you will get further instructions about the possibilities to change an e-mail address.


During registration, the users gives his consent to:

The use and processing of his personal data (Terms and conditions)


The Company reserves the right to change the Privacy Policy. As of the date of the change, the changed Privacy Policy enters into force. The new Privacy Policy will be published in the official Meddox.com website pages.


Zagreb, 01 May 2021