Privacy Policy

1. Controller The controller responsible for processing personal data is BodyWision GmbH, Vienna, Austria, Email: office@bodywision.com. Further company information is available in the Legal Notice.
2. Scope of this privacy policy This privacy policy explains how BodyWision processes personal data in connection with the BodyWision app, the website, Early Access communication, support, and related technical services. BodyWision is an Early Access app for securely storing, organizing, analyzing, interpreting, and explaining personal health records in an understandable way. Health data is particularly sensitive. We process health data only where this is necessary for the functions selected by users and where users have given their explicit consent. This consent can be withdrawn at any time with effect for the future. Without this consent, core health-related functions may not be available or may be available only in a limited form.
3. Data we process Depending on how BodyWision is used, we may process in particular: account and login data, such as email address, account ID, and technical identifiers; profile information, settings, and consent records; uploaded medical documents, medical reports, physician letters, lab results, and similar records; content recognized, extracted, or structured from those records; health information entered by users; diagnoses where they appear in uploaded records or are entered by users; AI-generated summaries, explanations, analyses, structured outputs, topic priorities, and indicators; notes, questions, and preparation materials for medical appointments; technical logs, security events, and product-related usage data; website, contact, Early Access, and newsletter data.
4. Purposes and legal bases We process personal data in particular to provide, operate, and secure the app; manage the internal BodyWision account; store, structure, and display personal health records; provide AI functions requested by users; manage consents, support requests, exports, and deletion requests; improve app stability, security, and usability; operate the website and process contact, Early Access, and newsletter requests; and perform optional website analytics and campaign measurement only after consent. Depending on the processing activity, the legal bases are in particular Art. 6(1)(b) GDPR (performance of a contract or pre-contractual measures), Art. 6(1)(f) GDPR (legitimate interests in operation, security, and improvement), Art. 6(1)(c) GDPR (legal obligations), and Art. 6(1)(a) GDPR (consent). Health data is processed on the basis of explicit consent pursuant to Art. 9(2)(a) GDPR.
5. Storage of the personal health record The personal health record is stored encrypted on the user device. Where users use cloud sync or backup functions, the data is transmitted and stored with end-to-end encryption. The required keys are protected by the user-side key management. BodyWision has no access to the encrypted personal health record and cannot view these stored health records in plain text. App-related infrastructure, cloud sync, backup functions, and stored health data are operated or stored in data centers within the EU or EEA. Cloud sync and backup data also remain encrypted in technical backups. Deleted data may remain in encrypted backups for technical reasons for up to three months and is then deleted or overwritten as part of the usual backup cycles.
6. AI functions BodyWision operates privacy-oriented AI infrastructure on Microsoft Azure in EU/EEA regions. AI functions are triggered only when users use a corresponding function. For an AI request, only the part of the health data that is required for the specific request is processed. The entire health record of a user is not transferred to the AI infrastructure. The required content is processed in plain text briefly for the specific processing operation. This processing is transient and limited to the respective request; the AI output is then returned to the user. Prompt data, document text, and AI outputs are not stored persistently, are not stored for logging purposes, are not used for training, are not used for tracking, and are not evaluated for general product analytics. Where AI output is stored in the app, it is stored again in encrypted form as part of the user-protected health record. AI-supported content is intended to support understanding, personal health documentation, and preparation for medical appointments. BodyWision does not make automated decisions that have legal effects or similarly significant effects. AI content does not replace medical advice, diagnosis, or treatment and must not be used as the sole basis for medical decisions.
7. Family profiles and data of other persons Users may create profiles for other persons, such as children or relatives. Health data of other persons may be uploaded or managed only if users are authorized to do so, in particular on the basis of consent, parental responsibility, legal representation, or comparable legal authority. Users are responsible for informing affected persons about the use of BodyWision and this privacy policy where required. Minors may not create their own account and may not use BodyWision themselves.
8. App usage data We do not use external tracking tools in the app for advertising or marketing purposes. To provide, secure, stabilize, and further develop the app, technical and product-related usage data may be processed, such as technical events, function calls, status information, or app-internal workflows. Any evaluations are performed with data minimization in mind and, where possible, in aggregated form. Medical content is not used for advertising, marketing tracking, or general product analytics. It is processed only where necessary for requested app and AI functions, security, or legally required processes.
9. Website, cookies, and tracking When visiting the website, technical data required for operation, security, and display may be processed, such as IP address, browser and device data, pages accessed, and time of access. The website uses technically necessary storage technologies, in particular to provide the website and store privacy settings. Optional analytics and marketing technologies are loaded only if users have consented via the cookie banner or privacy settings. Without consent, no optional tracking or marketing technologies are activated. Consent can be withdrawn or changed at any time via the privacy settings. Website tracking is separate from the app. Health data, medical documents, app content, prompts, and AI outputs are not transferred to Google, Meta, or other marketing services for advertising or tracking purposes.
10. Early Access and newsletter If users sign up for Early Access, product information, or newsletters, we process the contact details provided to handle the registration and send corresponding information. We use Brevo as a service provider for this purpose. Processing is based on consent or pre-contractual communication. Users can unsubscribe at any time.
11. Support and contact If users contact BodyWision, we process the data submitted to handle the request. Support may be provided by email and, where offered, via WhatsApp Business. These channels are intended for technical and organizational questions. Users should not send medical documents, findings, or sensitive health information via email, WhatsApp, or comparable support channels unless BodyWision expressly provides a secure channel intended for this purpose. When using WhatsApp Business, WhatsApp or Meta may process personal data of their own, in particular communication metadata. The privacy information of WhatsApp or Meta also applies to such processing.
12. Service providers and recipients We use service providers where this is necessary for operation, security, provision, support, communication, AI functions, app stores, newsletters, or website functions. This may include service providers in the areas of hosting and infrastructure, cloud sync and backup, AI processing, email, support and communication, Early Access and newsletters, app stores, website delivery, security, and optional campaign measurement. Where required, we enter into data processing agreements with processors.
13. App stores The app is downloaded via the Apple App Store or Google Play Store. Apple and Google may process their own personal data in this context, such as account, device, download, usage, or payment information. The privacy policies of the respective app store provider apply to this processing. By downloading the app, Apple and Google do not receive access to the personal health record stored in BodyWision, uploaded medical documents, or health data inside the app.
14. International data transfers The app-related infrastructure for stored health data, cloud sync, backup, and AI processing is operated in EU/EEA regions. For individual service providers outside the app, in particular in connection with app stores, website delivery, communication, security, WhatsApp Business, or optional tracking, processing outside the EU or EEA cannot be ruled out. This concerns in particular website, app store, communication, security, or tracking data, but not the end-to-end encrypted health record stored in the app in plain text. Where data is transferred to third countries, this is done on the basis of appropriate legal mechanisms, such as an adequacy decision, EU standard contractual clauses, additional safeguards, or explicit consent where required.
15. Retention, deletion, and export We store personal data only for as long as necessary for the respective purposes, the use of BodyWision, or legal requirements. Users can delete or export individual items and health data in the app where the respective function is available. Full deletion of the account and the data stored by BodyWision can be requested by email or support request. We process deletion requests and delete the affected data unless legal retention obligations or legitimate reasons for further storage prevent deletion. Deleted cloud sync or backup data may remain in encrypted backups for technical reasons for up to three months and is then deleted or overwritten. Withdrawal of consent to the processing of health data or deletion of core health data may mean that BodyWision can no longer be used or can be used only in a limited form.
16. Data security We implement technical and organizational measures to protect personal data, especially health data, appropriately. These include in particular encrypted data transmission, encrypted storage of the personal health record, end-to-end encrypted cloud sync and end-to-end encrypted backups, keys protected on the user side, no plain-text access by BodyWision to stored health records, operation of app-related infrastructure in EU/EEA regions, access restrictions, role and permission concepts, technical safeguards against unauthorized access, and operational security measures. Despite appropriate safeguards, no digital processing can be completely risk-free.
17. User rights In accordance with applicable data protection laws, users have in particular the rights of access, rectification, erasure, restriction of processing, data portability, objection, and withdrawal of consent. Requests can be submitted via the contact function provided in the app or by email to office@bodywision.com. Users also have the right to lodge a complaint with a data protection supervisory authority. For BodyWision, the Austrian Data Protection Authority is generally responsible.
18. Changes to this privacy policy We may amend this privacy policy, in particular if the app, website, data processing, service providers, or legal requirements change. The current version is available in the app and/or on the website. We will provide appropriate notice of material changes.

Last updated: May 2026