Alwayslab is a digital health company operating in France and the United States, focused on simplifying the interpretation of fertility test results through advanced algorithms and medical expertise. We offer a secure online platform and mobile application for patients and physicians.
We collect only the data necessary to provide our services:
– Identification data: name, email address, phone number, and user profile
– Health data: hormonal test results, sperm analysis, medical history, and data from medical questionnaires
– Technical and usage data: IP address, cookies, and geolocation (if consented)
– Communications: emails, chat history, and video consultation notes
– Health data is considered sensitive under both the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA) and is treated with the highest level of confidentiality and security.
Your personal data is used for the following purposes:
– To provide a preliminary fertility assessment and generate your “Fertility Confidence Index”
– To issue personalized medical recommendations
– To facilitate teleconsultations with fertility specialists
– To manage your account and secure access
– To conduct pseudonymized statistical analysis for product improvement
– To comply with legal and regulatory obligations
In accordance with GDPR and HIPAA, we process your data under the following legal grounds:
– Explicit consent for processing sensitive health data
– Legal obligations, particularly regarding medical record retention and billing
– Legitimate interest to improve our services (with pseudonymized data)
We store your data on secure, health-compliant infrastructure:
– In France, your data is hosted on HDS-certified (Hébergeur de Données de Santé) servers, as required by French law.
– In the United States, patient data is stored and managed via HIPAA-compliant cloud infrastructure, which includes encryption, access control, and regular auditing.
– All servers are managed in accordance with national and international regulations on the protection of health data.
We implement strong technical and organizational security measures:
– Secure hosting (HDS in France / HIPAA-compliant in the U.S.)
– End-to-end encryption
– Pseudonymization and anonymization of medical data
– Strict access control and activity logging
– Regular security audits and penetration testing
We retain data for the following durations:
– 10 years for health records, in accordance with French medical regulations
– 3 years for analytics and browsing data
– Users may request deletion of their data at any time, subject to legal obligations
You have the following rights under GDPR (for EU users) and HIPAA (for U.S. users):
– Right of access, correction, and deletion of your personal data
– Right to object or restrict processing
– Right to data portability
– Right to withdraw consent at any time
– Right to file a complaint with your local data protection authority (CNIL in France or OCR in the U.S.)
– To exercise your rights, please contact us at privacy@alwayslab.health.
Your data is never sold. It may only be shared with:
– Medical professionals bound by confidentiality
– Accredited laboratories
– Trusted technical service providers (e.g., hosting, cloud, AI infrastructure)
– Health authorities or public organizations, if legally required
Alwayslab reserves the right to update this policy at any time. Users will be notified of any material changes via the app or email.
Data Protection Officer (DPO) : Frank Hennion
privacy@alwayslab.health