Lifosys
Trust Center

GDPR & Data Compliance

At Lifosys, privacy isn't an afterthought—it's engineered into our core. We are fully committed to the General Data Protection Regulation (GDPR) across our entire product suite.

Data Sovereignty

We host data in region-specific data centers. EU customer data never leaves the EU.

Encryption Standard

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). No exceptions.

Right to Erasure

Our architecture supports 'The Right to be Forgotten'. We can wipe user data completely upon request.

Our Role as a Data Processor

For our SaaS ecosystem, Lifosys acts as a Data Processor, while our clients (Hospitals, Clinics, Retailers) act as the Data Controllers. We process data solely on your behalf and in accordance with your instructions.

Scope of Data Protection

The GDPR protections apply comprehensively across our entire suite of products:

Oxzygen

Protects Protected Health Information (PHI), Patient demographics, and Clinical records.

Voicemed

Protects Voice recordings and automated transcripts. Audio is processed ephemerally (not stored permanently unless requested).

SharedLocker

Protects File metadata and contents. Zero-knowledge encryption architecture ensures we cannot see your files.

Summaryz

Protects Discharge summary inputs. Data sent to LLMs is anonymized before processing.

Whazzle

Protects Patient contact info and chat logs. Compliant with Meta/WhatsApp Business API privacy standards.

BoxTap

Protects Vendor/Stockist business data, pricing lists, and delivery addresses.

AI Innovation Lab

Protects Student records, certifications, and project code submissions.

Sub-processors

We use the following trusted third-party sub-processors to deliver our services:

Amazon Web Services (AWS)
Cloud InfrastructureEU (Frankfurt) / US (Virginia)
Stripe
Payment ProcessingGlobal
SendGrid
Transactional EmailsUS
MongoDB Atlas
Database HostingMulti-Region

Your Rights under GDPR

  • Right to access your personal data
  • Right to rectification (correcting data)
  • Right to erasure (right to be forgotten)
  • Right to restrict processing
  • Right to data portability

Compliance Documents

Data Processing Addendum (DPA)
For B2B Enterprise Customers
Cookie Policy
Detailed tracking breakdown

Data Protection Officer

If you have any questions about how Lifosys handles your data, or if you wish to exercise your GDPR rights, please contact our DPO.

Contact DPO