Privacy Policy

Effective date: 8 July 2026

Introduction

Welcome to Bloodsense! Smart Medical Care SAS (“we”, “our”, “us”) is committed to protecting the privacy and security of the personal data of its users (“you”, “your”). Bloodsense is a service of Smart Medical Care SAS. This Privacy Policy explains how we collect, use, share, retain and protect your personal data when you use our website bloodsense.ai (the “Site”) and our AI-powered services that help you understand and interpret your laboratory test results (the “Services”). It also informs you of your data protection rights and available remedies. By using our Services, you acknowledge that you have read this policy. The processing of your health data is based on your explicit consent, collected separately.

A strictly informational service. Bloodsense is an informational and educational service designed to help you understand your test results. It is a complement to — not a substitute for — professional medical care, and it does not provide a diagnosis. Bloodsense is not a medical device: the underlying service has been confirmed as a non-medical-device by the French National Agency for the Safety of Medicines and Health Products (ANSM — reference GIO 23593272, file 2500297).

1. Data controller and privacy contact

The controller of your personal data is:

  • Company: Smart Medical Care SAS (a simplified joint-stock company / société par actions simplifiée incorporated in France)
  • Registered office: 37 Avenue Maréchal Foch, 06000 Nice, France
  • Trade & Companies Register: RCS Nice 932 924 194
  • Contact email: contact@bloodsense.ai

Your privacy contact. For any question about this policy, your personal data or to exercise your rights, contact our privacy officer, Julien P., at contact@bloodsense.ai.

Data Protection Officer (DPO). At this stage, Smart Medical Care SAS has not appointed a DPO within the meaning of Articles 37 to 39 of the GDPR, as its activities do not trigger a mandatory appointment. Julien P. acts as the main point of contact for any data protection matter.

Health data hosted in France. Regardless of your location, all health data processed through Bloodsense is hosted exclusively on Google Cloud servers located in France, certified for Health Data Hosting (Hébergement de Données de Santé — HDS). No health data is hosted outside the European Union.

2. Personal data we collect

  • Identification and contact data: name, surname, email address. Your name and surname are used to pseudonymize (de-identify) your report before AI processing; your email is used to send you the generated AI report.
  • Health and context data (special categories): the laboratory test report (blood, urine, stool) you upload as a PDF, and the context information you provide (age, sex, height, weight, personal and family medical history, allergies, lifestyle) to generate a more relevant explanation.
  • Transaction data: information relating to your purchase, processed directly by our payment provider Stripe (we do not store your full card details); your transaction history with us.
  • Technical usage data: how you interact with the Site, collected via Google Analytics subject to your consent (IP address, anonymized where possible, browser type, pages visited, time spent, navigation path).
  • Communication data: any information you provide when contacting our support or giving feedback.

3. How we use your data (purposes and legal bases)

We only process your data where we have an appropriate legal basis under the GDPR (and UK GDPR):

  • To provide the Bloodsense service (analyze your report and generate the AI explanation): your explicit consent for health data (Art. 9(2)(a)), collected via a mandatory checkbox before any processing, and performance of the contract for non-sensitive data (Art. 6(1)(b)).
  • To pseudonymize your report (removing your direct identifiers before AI analysis): performance of the contract (Art. 6(1)(b)), within the processing based on your explicit consent (Art. 9(2)(a)).
  • To send you the generated AI report: performance of the contract (Art. 6(1)(b)).
  • To manage the customer relationship and process payments (via Stripe): performance of the contract (Art. 6(1)(b)).
  • To analyze Site usage and keep it secure (via Google Analytics): your consent for non-essential cookies (Art. 6(1)(a)); our legitimate interest for security (Art. 6(1)(f)).
  • To respond to your requests: performance of the contract (Art. 6(1)(b)) or legitimate interest (Art. 6(1)(f)).
  • To send marketing communications (where applicable): solely on the basis of your specific opt-in consent, requested separately and never presumed (Art. 6(1)(a)).
  • To comply with our legal and regulatory obligations: legal obligation (Art. 6(1)(c)).

Pseudonymization and AI improvement

Our in-house tool removes your direct identifiers (name and surname) from your PDF report before any AI analysis. This constitutes pseudonymization within the meaning of Article 4(5) of the GDPR: your health data is no longer directly identifying, but remains personal data as long as it can be linked back to you via your email address, which is stored separately. We do not create purportedly anonymous datasets retained indefinitely.

Where applicable, we may use this pseudonymized data to improve the quality and relevance of our AI models, on the basis of our legitimate interest (Art. 6(1)(f)); the data then remains subject to the GDPR. You can object (opt out) at any time by writing to contact@bloodsense.ai.

4. Sharing your personal data

We do not sell your personal data. We share it only with the processors strictly necessary to provide the Services, with appropriate safeguards:

  • Hosting: Google Cloud — your health data is hosted on HDS-certified servers located in France.
  • AI infrastructure: OpenRouter, Inc. (United States), which securely interfaces with the AI model (Claude, by Anthropic) to generate your report. Only rigorously pseudonymized data (stripped of your direct identifiers) is transmitted; these providers never have access to your identity and are not permitted to reuse your data, including to train their models.
  • Payment processing: Stripe, Inc. (United States), which securely processes your payments.
  • Transactional email: SendGrid (Twilio Inc.), which temporarily processes your email address and the content of your report strictly for routing and delivery of the AI report.
  • Audience analytics: Google LLC (Google Analytics), subject to your cookie consent.

We may also disclose your data to the competent authorities where required by law, or transfer it to an acquiring entity in the event of a merger, acquisition or sale of assets, subject to equivalent confidentiality commitments.

5. International data transfers

Your health data is hosted in France and is not transferred outside the European Economic Area (EEA) for storage. Some of our processors (OpenRouter, Stripe, Google, Twilio) are established or operate in the United States. Where a transfer outside the EEA/UK takes place, we ensure an adequate level of protection through one of the following:

  • The EU–US Data Privacy Framework and its UK extension, for certified companies (Stripe, Google, Twilio).
  • The Standard Contractual Clauses approved by the European Commission (and the UK International Data Transfer Addendum for UK transfers), together with a transfer impact assessment where necessary.
  • Prior pseudonymization of the data sent to the AI provider, your direct identifiers being removed before any transfer.

6. Data security

We implement appropriate technical and organizational measures to prevent loss, unauthorized access, alteration or disclosure of your data, including:

  • Hosting on HDS-certified servers in France (Google Cloud, certified ISO/IEC 27001 and SOC 2).
  • Pseudonymization of reports (removal of your direct identifiers) before AI processing.
  • Encryption of data in transit (TLS) and at rest (AES-256).
  • Strict access controls on the principle of least privilege; multi-factor authentication (MFA) is currently being deployed, and access rights are reviewed monthly.
  • Personal data breach management and notification procedures, in accordance with Articles 33 and 34 of the GDPR.

7. Data retention

We keep your data only for as long as necessary for the purposes for which it was collected, including to meet our legal, accounting and reporting obligations:

  • Original test report (PDF): up to 90 days after the AI report is generated and delivered, then securely deleted (data minimization, Art. 5(1)(c)).
  • Account, contact and context data, and generated AI reports: for the life of the active account, then up to 3 years after deactivation or last interaction, before permanent deletion. Pending the launch of the secure patient portal, this data is linked to your email address and kept for up to 3 years after your last use.
  • Transaction data: kept for 6 years, and up to 10 years for invoices and accounting records from their date of issue, in accordance with the French Commercial Code (Art. L123-22) and applicable tax law.
  • Analytics cookies (Google Analytics): up to 14 months (CNIL recommendation).
  • Consent cookie: up to 6 months (CNIL recommendation).
  • Server logs (IP addresses): up to 90 days (legitimate interest — security).

A request for permanent deletion results in the erasure of all such data, except where we are legally required to retain it (in particular transaction data).

8. Your data protection rights

Under the GDPR (and UK GDPR), you have the following rights: access; rectification; erasure (“right to be forgotten”), subject to our legal obligations; restriction of processing; objection (including to the use of your pseudonymized data for AI improvement, via opt-out, and to direct marketing); data portability; and the right to withdraw your consent at any time, without affecting the lawfulness of prior processing.

We respond to your requests within one month, extendable by two months for complex requests, free of charge unless the request is manifestly unfounded or excessive.

Users in the United States. Depending on your state of residence (for example California, under the CCPA/CPRA), you may have the right to know, access, correct and delete your personal data, and to opt out of the “sale” or “sharing” of personal data. We do not sell your personal data. To exercise these rights, contact us at the address below; we will not discriminate against you for exercising them.

How to exercise your rights. Write to contact@bloodsense.ai. Once the patient portal (under development) is live, deactivation and permanent deletion options will also be available directly from your online settings.

9. Children and minors

Our Services are not intended for persons under 18. An age confirmation (being at least 18) is required before payment. We do not knowingly collect personal data from minors; where this occurs, we delete it promptly.

10. Cookies

We use strictly necessary cookies (for the Site to function) and analytics cookies (Google Analytics), the latter only with your consent collected via the banner. We do not use advertising cookies. For more information and to manage your preferences, see our Cookie Policy.

11. Changes to this policy

We may update this policy from time to time. The date of the latest update is shown at the top of this page. In the event of a material change, we will inform you by appropriate means.

12. Right to lodge a complaint

If you have concerns about how we handle your data, we encourage you to first contact our privacy officer at contact@bloodsense.ai. You also have the right to lodge a complaint with a supervisory authority:

  • France (lead authority): Commission Nationale de l’Informatique et des Libertés (CNIL) — www.cnil.fr
  • United Kingdom: Information Commissioner’s Office (ICO) — www.ico.org.uk
  • Other EEA countries: the data protection authority of your country of residence.

BloodSense
AI Blood Test Analysis