Info
Privacy policy
Last updated: May 2026 · Beta version
Beta application
OncoDots is in Beta. This policy may be updated as the application evolves. Protecting your data remains a priority.
1. Data we collect
We collect data needed to operate the application and data that you choose to enter.
- - Account data: your email address and authentication data managed by our authentication provider; your plain-text password is not available to us.
- - Profile data: information you enter voluntarily, such as symptoms, medication, and appointments.
- - Technical data: device type, operating system, and accessibility preferences.
- - Usage events: limited, privacy-safe interactions when product analytics is enabled.
2. How we use your data
We use data to operate, secure, and improve the application.
- - Providing application features, such as the journal, symptom tracking, and care circle.
- - Sending notifications that you have explicitly enabled.
- - Improving the experience using feedback and aggregated usage.
- - Providing technical support when you request it.
3. Health data — special protection
Health data that you enter is sensitive and requires additional protection.
Information about symptoms, medication, appointments, and health status is special-category data under GDPR, art. 9. We do not use it for advertising, sell it, or share it commercially.
4. Who we share data with
We do not sell your data or share it commercially.
- - Care circle: people whom you explicitly invite and grant access to.
- - Infrastructure and service providers: only to operate the application, under applicable contractual data-protection obligations.
- - Authorities: only when we have a legal obligation.
5. Your rights under GDPR
You have clear rights over your data, subject to applicable law.
- - Access: you may request a copy of your data.
- - Rectification: you may ask us to correct inaccurate data.
- - Erasure: you may request deletion of your account and associated data, subject to applicable legal obligations.
- - Portability: you may request your data in a usable format where this right applies.
- - Objection and withdrawal of consent: you may exercise these rights where the relevant legal basis permits.
6. Storage and security
We apply technical and organizational controls to protect data.
We use encryption in transit through HTTPS/TLS and access controls. Operational access is limited to people and providers with a justified need. Passwords are processed by the authentication provider and are not stored by OncoDots in plain text.
7. Cookies and product analytics
We use essential technical cookies and may use product analytics configured to reduce the risk of collecting sensitive data.
Authentication sessions use secure cookies. We do not use advertising cookies. If product analytics is enabled, we collect only defined, privacy-safe events; autocapture, session replay, heatmaps, and form capture are disabled.
8. Contact and exercising your rights
For any request related to your personal data.
Contact us at tiberiudaniel.f@gmail.com. We respond to personal-data requests within the period required by GDPR, normally no more than one month.