Ada Health’s mission is to make healthcare more personalized and more accessible for everyone. To achieve this, we have always ensured data security and data privacy is a fundamental part of our business and services.
As a digital health company based in Germany, we take data privacy and security extremely seriously and we treat all information shared with us with the utmost care. We comply with the world’s strictest data protection laws, policies, and regulations including (but not limited to) GDPR in the EEA and HIPAA in the US. We never share users’ individual information with any third party without each user’s explicit consent.
No personal or medical data has been sold to third parties or shared for any commercial purpose.
Furthermore, the very structure of our services and apps has been specifically designed to protect our users. Our architecture follows the security-by-design principle: our users’ health data is completely anonymized and stored completely separately from their personal data (such as name, email address) and can only be linked back to personal data using a unique key. Ada Health encrypts all personal data and health information transferred and stored, utilizing secured cloud-based servers for these purposes. Our servers are located within the EU and we have received our ISO27001 certification.
As is common and necessary to operate apps and digital services, the Ada app communicates with a number of service providers in storing and processing data to make the service itself function. Ada Health carefully selects all its service providers to ensure our data policies and practices are never compromised. We have signed stringent data processing agreements with every service provider we work with to ensure no personal or individual medical data is used for commercial gain directly or indirectly.