Contact Us

OneCareAI App Privacy Policy

PRIVACY POLICY v1.0 (20250505)

Data Controller

ONECARE AI, S.L. CIF: B21902895 Address: Gran Via de Carles III, 98, 10th Floor, 08028 Barcelona Email: privacy@onecareai.com

  1. Purpose of Data Processing.
    Through our application, we collect electrocardiogram (ECG) data obtained from a smartwatch connected to the user’s mobile device. These data are sent to our servers to generate a cardiovascular event risk indicator. This information is then returned to the app and displayed to the user. The sole purpose of processing this data is to demonstrate the functioning of the developed technology and must not be considered for medical, diagnostic, or therapeutic purposes.
  2. Legal Basis.
    • Data processing is based on the explicit consent provided by the user upon accepting this policy and using the app, according to applicable regulations: • General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679 • Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD) – Spain
  3. Types of Data Collected
    • Biometric signals: electrocardiogram (ECG)
    • Session and connection data: authentication tokens, technical logs
    • User data: first name, last name, national ID (DNI), email, diagnosed conditions
  4. Recipients
    • Data is not transferred to third parties. It will only be accessed by authorized personnel of ONECARE AI, S.L. and technical providers when strictly necessary, and always under confidentiality agreements.
  5. International Transfers
    • No international data transfers are anticipated.
  6. Data Security
    • Data is transmitted encrypted at all times through secure protocols (e.g., HTTPS, TLS).
    • Stored on protected and audited servers located within the European Economic Area.
    • Data is also kept encrypted on the user’s mobile device.
    • Access from the app to OneCareAI servers is protected by a unique authentication token system ensuring users can access only their own data.
  7. Data Retention
    • Data will be retained as long as the user maintains an active account or until they request its deletion. Afterwards, the data will be securely deleted.
  8. User Rights
    • You may exercise your rights of access, rectification, deletion, opposition, restriction, and portability by writing to privacy@onecareai.com and attaching a copy of your identity document. If you believe your rights have not been respected, you may file a complaint with the Spanish Data Protection Agency (AEPD).