The protection of your personal data is of particular importance to us. We process your data confidentially and in accordance with legal data protection regulations, in particular the General Data Protection Regulation (GDPR), and this privacy policy.
Use by minors: The app is not intended for persons under 18 years of age. We do not knowingly process personal data of minors.
The app is designed so that your data is generally processed and stored exclusively locally on your device. The core functions of the app operate completely offline, without transmitting your data to external servers.
Locally stored data categories:
Not stored: Uploaded PDF files or photos are processed only temporarily in memory ("in-memory") and are not stored persistently.
No tracking, no advertising, no behavioral profiles: The app does not use tracking technologies, third-party analytics tools, nor does it create advertising or behavioral profiles.
If you have consented in the iOS/iPadOS system settings (Settings → Privacy & Security → Analytics & Improvements), Apple collects pseudonymized usage data and crash reports. We receive these data only from Apple and only if you have consented.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the technical stability of the app).
Your control: You can disable this transmission at any time in the system settings.
The app allows you to automatically extract biomarkers from PDF documents or photos. In doing so, health data within the meaning of Art. 9(1) GDPR are processed.
The processing of your health data is carried out exclusively on the basis of your explicit consent (Art. 9(2)(a) in conjunction with Art. 6(1)(a) GDPR). Your consent is obtained prior to each upload.
Withdrawal: You may withdraw your consent at any time for the future by discontinuing use of the feature or uninstalling the app. Withdrawal can also be performed within the app by not confirming the processing again.
For privacy-compliant processing, we use a combination of on-device processing and minimal, pseudonymized external processing. All uploaded files are processed only temporarily in memory and are not stored.
Process (brief):
Recipient: Google Ireland Limited (Gemini), Google Building Gordon House, Barrow Street, Dublin 4, Ireland.
Role: Google acts as a processor under Art. 28 GDPR and processes the data exclusively to perform the biomarker-related matching function and not for its own purposes.
Contractual safeguards: We have concluded the "Google Cloud Data Processing and Security Terms" with Google, including:
Processing location: The processing region is "europe-west3"; the servers used are located in Germany.
Possible third-country access: Due to the global corporate structure, access from third countries (notably the USA) cannot be completely ruled out. In such cases the Standard Contractual Clauses (SCCs) apply.
Data transmitted:
Note: All other content from the PDF/photo is not transmitted.
Deletion: Data transmitted to Google are deleted immediately after the matching process is completed and are not stored permanently.
There is no automated decision-making or profiling within the meaning of Art. 22 GDPR.
You can manually export your locally stored data at any time. The export is performed solely by your initiative and under your full control.
Uninstalling the app will remove all locally stored data completely and irretrievably — unless you have previously created a backup yourself.
Under the GDPR you have the following rights:
To exercise your rights, contact us at: legal@nodehealth.de
We reserve the right to adapt this privacy policy. The latest version can be viewed within the app.
In the event of material changes, in particular new data transfers, we will inform you in advance and — if required — obtain your renewed consent. If you do not agree to the amended privacy policy, you will not be able to continue using the app. Upon uninstallation, all local data will be deleted in accordance with Section 5.
Berlin, November 2025 (App Version 2.0)