Privacy Policy
1. Overview
dHealth is designed as a privacy-by-design system. We do not take custody of user health data. Health-related data remains stored on the user’s device or in storage chosen and controlled exclusively by the user. We do not operate a centralised medical records database.
This Privacy Policy explains how we process personal data in connection with dhealth.com, dHealth Intelligence, and related services. It complies with the Swiss Federal Act on Data Protection (FADP) and, where applicable, the EU General Data Protection Regulation (GDPR).
​
2. Data We Process
When you visit our website, we may process technical information such as your IP address, browser type, device information, and access time. This data is used solely for security, stability, and performance optimisation.
If you create an account, contact us, or subscribe to updates, we may process your name, email address, organisation (if applicable), and any information you provide in communications.
Health-related data processed by dHealth Intelligence remains under your control at all times. The system is architected so that medical files and personal health information are stored locally or in storage you select. We do not centrally store or sell medical data. We do not use private medical content for AI training.
If blockchain components are used, wallet addresses, attestation identifiers, and cryptographic hashes may be recorded on public blockchain infrastructure. No raw medical data is written on-chain. Blockchain records are public and immutable by design.
​
3. Legal Basis
We process personal data where necessary to perform a contract, comply with legal obligations, protect legitimate interests such as security and system integrity, or where you have provided consent.
​
4. Data Sharing
We do not sell personal data. We may share limited data with hosting providers, AI infrastructure providers, or authorities where legally required. Service providers are contractually bound to protect data in accordance with applicable law.
​
5. International Transfers
Where data processing occurs outside Switzerland or the EU, we ensure appropriate safeguards such as Standard Contractual Clauses or equivalent protection mechanisms.
​
6. Retention
Personal data is retained only as long as necessary for contractual, legal, or security purposes. Blockchain entries may be permanent due to the technical nature of distributed ledgers.
​
7. Your Rights
Subject to applicable law, you have the right to request access, rectification, deletion where legally possible, restriction of processing, and data portability. You may also lodge a complaint with the Swiss Federal Data Protection and Information Commissioner.
​
8. Security
We implement encryption in transit, access controls, and strict data minimisation. The separation between off-chain user data and on-chain cryptographic proofs is a core design principle. Users remain responsible for safeguarding their wallet credentials and private keys.
​
9. Contact
Since DAOs such as dHealth do not constitute a recognised legal entity, eHealth Consulting GmbH acts as the legal contracting party for this TOU policy.
​
eHealth Consulting GmbH
Zurich, Switzerland
admin@dhealth.com