Transparency & Data Security

Last updated April 9, 2026

This page gives you a plain-language overview of how Prio Health protects data, which providers are involved, and how you can verify and control your information.

1. Privacy-First Product Design

  • Health-related data is designed to stay on-device by default whenever features allow.
  • We only request permissions needed for specific product functions.
  • We avoid background data access that is not directly tied to user actions.

2. Data Collection Overview

For website workflows such as waitlist and support, we may process:

  • Contact data you submit (for example email address and optional name).
  • Operational metadata required for abuse prevention and service stability.
  • Consent signals required for lawful communication and cookie preferences.

We do not sell personal data or use health data for advertising.

3. Encryption and Access Controls

  • Data in transit is protected via HTTPS/TLS.
  • Access to service dashboards is restricted to authorized personnel only.
  • Provider accounts are secured with least-privilege access and periodic credential review.

4. Third-Party Processors

We use vetted processors to deliver core services:

  • Brevo: waitlist and transactional email communication.
  • FormSubmit.co: handling website contact form delivery.
  • Cookiebot/Klaro: consent management preferences.
  • Hosting infrastructure (depending on deployment): secure application delivery and logs.

Data Processing Agreements (DPAs) are used where required.

5. Retention and Deletion

  • Waitlist data can be removed at any time through unsubscribe requests.
  • Support/contact data is retained only as long as needed for response and legal obligations.
  • Operational logs are retained for limited periods and automatically rotated.

6. Incident Response

  • Suspicious events are reviewed and triaged with priority based on impact and scope.
  • Impacted systems can be isolated and credentials rotated when needed.
  • Where legally required, authorities and affected users are informed within applicable timelines.

7. User Controls and Requests

You can request access, correction, deletion, or restriction of your data.

Contact: support@priohealth.de