DiamPark
HomeParkinson's DiseaseDigiparkDiamPark
FREN
Digipark 360
← Back to home

Privacy Policy

Protection of personal data and health data

Last update: January 1, 2026

DiamPark SAS DiamPark SAS places the utmost importance on protecting your personal data and health data. This policy informs you about how your data is collected, processed and protected when you use our Digipark services (mobile application) and Digipark 360 (professional platform).

1. Data Controller

The data controller for personal data is:

DiamPark SAS
Simplified joint-stock company
Headquarters: Paris, France
Email: support@diampark.io

2. Data Protection Officer (DPO)

DiamPark has appointed a Data Protection Officer (DPO) who you can contact for any question relating to the processing of your personal data:

support@diampark.io

3. Data Collected

3.1 — Identification Data

  • Last name and first name
  • Email address
  • Date of birth
  • Phone number (optional)

3.2 — Health Data

  • Declared symptoms (motor and non-motor)
  • Drug treatments and compliance
  • Results of validated questionnaires (mood, sleep, pain, mobility)
  • Smartwatch sensor data (physical activity, sleep, tremors, bradykinesia)
  • Assessment history and monitoring charts

3.3 — Technical Data

  • Device type and model
  • Operating system and version
  • Anonymous device identifier
  • Connection and usage logs
  • IP address (anonymized)

3.4 — Professional Data (Digipark 360)

  • RPPS or ADELI number
  • Medical specialty
  • Associated institution

4. Legal Basis for Processing

The processing of your data is based on the following legal grounds:

PurposeLegal basis
Provision of the monitoring servicePerformance of contract (Art. 6.1.b GDPR)
Processing of health dataExplicit consent (Art. 9.2.a GDPR)
Sharing with healthcare professionalsExplicit consent (Art. 9.2.a GDPR)
Service improvementLegitimate interest (Art. 6.1.f GDPR)
Clinical researchExplicit consent (anonymized data)
Regulatory obligations (medical device vigilance)Legal obligation (Art. 6.1.c GDPR)

5. Data Hosting and Security

5.1 — HDS-Certified Hosting

Your health data is hosted in France by an HDS-certified host (Health Data Host) in accordance with Article L.1111-8 of the Public Health Code. This certification guarantees a level of security appropriate to the sensitivity of health data.

5.2 — Security Measures

  • Data encryption in transit (TLS 1.3)
  • Data encryption at rest (AES-256)
  • Strong authentication (2FA) for professional access
  • Access logging and regular auditing
  • Penetration testing and periodic vulnerability assessment
  • Business continuity plan and daily backups

6. Data Retention

Data typeRetention period
User account dataDuration of contractual relationship + 3 years
Health dataDuration of contractual relationship + 10 years (regulatory obligation MD)
Technical data / logsRolling 12 months
Medical device vigilance data15 years (MDR regulatory obligation)

7. Sharing and Sub-processors

Your personal data is never sold to third parties. It may be shared in the following cases:

  • Healthcare professionals: only with your explicit consent, in the context of your care
  • Technical sub-processors: hosting, maintenance, under contracts compliant with Article 28 of the GDPR
  • Competent authorities: in case of legal obligation (medical device vigilance, judicial requisition)
  • Research: anonymized data only, with your prior consent

No data transfer outside the European Union is performed. All processing is carried out in France.

8. Cookies

The diampark.io website and the Digipark 360 platform use cookies. The categories of cookies used are:

  • Strictly necessary cookies: site operation, authentication, security (no consent required)
  • Analytics cookies: statistical analysis of traffic (subject to consent)

No advertising or targeting cookies are used. You can manage your cookie preferences via the banner displayed on your first visit or in your browser settings.

9. Your Rights

In accordance with Regulation (EU) 2016/679 (GDPR) and the Data Protection Act, you have the following rights:

Right of access

Obtain a copy of your personal data

Right to rectification

Correct inaccurate or incomplete data

Right to erasure

Request deletion of your data

Right to restriction

Restrict the processing of your data

Right to portability

Receive your data in a structured format

Right to object

Object to the processing of your data

Right to withdraw consent

Withdraw your consent at any time

Post-mortem directives

Define directives regarding the fate of your data after your death

To exercise your rights, contact our DPO: support@diampark.io

You may also lodge a complaint with the French Data Protection Authority (CNIL): www.cnil.fr

10. Policy Updates

DiamPark reserves the right to modify this privacy policy at any time. Any substantial modification will be notified by email and/or within the application. The date of last update appears at the top of this document.

11. Contact

DiamPark SAS
Paris, France
Support: support@diampark.io
DiamPark

Digital solution dedicated to Parkinson's disease. Class I medical device compliant with European Regulation (EU) 2017/745 on medical devices.

It does not replace the consultation with a healthcare professional.

Read the instructions carefully before use.

Developed in France with Passion

Navigation

HomeParkinson's DiseaseDigipark — The solutionDiamPark — The companyContact

Contact & Legal

News & TestimonialsTerms & ConditionsPrivacy PolicyUser GuidesTransparency Portal
support@diampark.io
Paris, France

© 2026 DiamPark. All rights reserved. Manufacturer: DiamPark SAS.

Designed by Amandine Roger