I. Terms of Use
1.1 Who we are
1.2 These Terms of Use (the “Terms”) govern your use of the Intidor MEN mobile application
and related websites, content, and services (collectively, the “Service”). The Service is operated
by Intidor health group, UAB, a private limited liability company registered in the Republic of
Lithuania, company number 307406526, registered office: Vilkiškės g. 34, LT-02238 Vilnius,
Lithuania (hereinafter – “Intidor”, “we”, “us”).
1.3 By using, installing, or accessing the Service, you agree to be bound by these Terms and by
our Privacy Policy, which forms part of these Terms. If you do not agree to these Terms, you
must not use the Service.
1.4 Service description (informational nature)
1.5 Intidor MEN provides lifestyle guidance, educational content, and self-monitoring tools
related to men’s health and well-being (e.g., libido, erectile health, hormone balance, and
general well-being). We do not provide medical care or medical consultations. The App is not a
medical device and is not intended to diagnose, treat, cure, or prevent any disease or disorder.
Always consult a qualified healthcare professional for medical questions or decisions.
1.6 Research-type outputs – informational only (not clinical conclusions). All metrics, “results”,
charts, insights, recommendations, assessments, trend analyses, or other generated data
produced by the Service are provided solely to convey information grounded in scientific
research. They are not laboratory or clinical test results and are not considered physician-
determined findings, medical decisions, or diagnostics. Before interpreting any information
presented in the App or changing your treatment, medication, or lifestyle, you must consult a
qualified physician or medical facility.
1.7 No clinical use. You agree not to rely on the Service to diagnose disease, assess a
condition, monitor the course of an illness, make decisions on medication use, or resolve critical
situations. If you experience new or worsening symptoms, promptly contact a physician or
emergency medical care.
1.8 Device readings and calculations. If the App displays data obtained from external devices or
generates certain numerical estimates, such data are provided for your convenience only. We
do not endorse or independently verify the clinical accuracy of such data; therefore, they are not
a substitute for laboratory or clinical testing.
1.9 Eligibility and accounts
1.10 The Service may be used only by persons of sufficient age under their place of residence’s
laws and the applicable app store rules (for example, commonly 16 years or older, and in some
places – 18 years). By using the Service, you confirm you are legally capable of concluding a
binding contract.
1.11 You are responsible for keeping your login credentials confidential and for all activity
carried out under your account. Notify us immediately if you become aware of any unauthorized
access to your account or loss of password.
1.12 By confirming a purchase in our App, you agree that the service will be provided
immediately and acknowledge that the right of withdrawal does not apply to these digital
services. Therefore, funds paid for digital services already provided are not refundable, except
in cases provided by law, for example, if the service is not provided as agreed or material
defects arise due to the App’s fault. This provision complies with applicable EU consumer
protection legislation and the requirements of Directive 2011/83/EU.
1.13 Subscriptions, payments, trials, and refunds
1.14 Certain Service features are available only by paid subscription – with automatic renewal of
a periodic fee (hereinafter – the “Subscription”). The subscription terms are as follows:
Automatic renewal. The Subscription renews automatically at the end of each paid
period unless you cancel at least 24 hours before the end of the current period. Note that
uninstalling (removing) the App does not terminate the Subscription – to stop payments
you must cancel the subscription in your Apple App Store or Google Play account
settings;
Free trials and promotions. If a free trial or special promotion is offered, information
about the trial duration and the price after the trial will be shown clearly before you
confirm the purchase. As a rule, one free trial is granted per user unless we state
otherwise;
Billing and refunds. Subscription payments are processed by the relevant platform
(Apple or Google). Intidor does not directly receive or process your payment card data –
all payments are handled via the app store systems. Refunds are also handled under the
relevant store’s rules (and not directly by Intidor). If you wish to request a refund, use
Apple’s tool or follow Google Play’s refund rules. Note that taxes or currency conversion
may apply depending on your location;
Price changes. We reserve the right to change Subscription prices for future billing
periods. We will notify you in advance of upcoming price changes – new prices will be
shown in the App or by the relevant store before they take effect so that you can decide
whether to continue the Subscription at the updated price;
Right of withdrawal. When purchasing digital content or a service (e.g., a Subscription)
that begins to be provided immediately after purchase, you expressly consent to the
service starting before the end of the 14-day cooling-off period and acknowledge that
you therefore lose the right to withdraw within the 14-day period provided by consumer
law. (This provision complies with Article 16(m) of Directive 2011/83/EU on the supply of
digital content.) This waiver of the right of withdrawal does not affect your right to cancel
future automatic renewals of the subscription at any time, as described above;
Price transparency. We commit to fair and transparent price presentation. If we apply a
discount, we will clearly indicate the prior price (i.e., the standard price that applied for at
least 30 days before the discount). We will present the original price and the reduced
price so that the discount is clear to the consumer. All final consumer prices will be
displayed inclusive of all applicable taxes – with no hidden fees or charges. We comply
with EU consumer protection requirements, including Directive 2005/29/EC, to ensure
pricing information is not misleading;
1.15 Permitted use
1.16 By using the Service, you agree not to use it for unlawful or harmful purposes and
undertake not to permit others to do so;
1.17 Security violations. You will not attempt to interfere with or disrupt the operation of the
Service, circumvent any security measures, reverse engineer, decompile, or disassemble the
App without authorization. You will also not use the Service to distribute viruses, malware, or
similar threats.
1.18 Prohibition on providing medical services. You will not use the Service to provide
emergency care or diagnoses to others, to generate or present to others “clinical findings,”
“diagnoses,” or “medical test results,” nor to substitute for professional medical assessment.
1.19 System protection. You will not use the Service in a manner that could damage, disable,
overload, or impair our systems (e.g., by automated queries, attempts to hack, etc.).
1.20 We reserve the right to remove content or suspend your account if your actions violate
these Terms or applicable law.
1.21 Third-party services and more
1.22 The Service may integrate or link certain third-party components (e.g., analytics tools,
payment processing, user authentication, etc.). By using such components, you agree that, in
addition to these Terms, those third parties’ terms may also apply to you. For details on what
data may be transmitted to such third parties and for what purposes, see the Privacy Policy
section below.
1.23 Intellectual property and license
1.24 Intidor grants you a personal, limited, revocable, non-exclusive, and non-transferable
license to use this App on devices you own or control, subject to the applicable app store (Apple
App Store or Google Play) rules. All intellectual property rights in the Service (including, without
limitation, software code, text, images, logos, trademarks) belong to Intidor or our licensors. You
have no right to copy, modify, create derivative works, distribute, sell, or rent any part of the
Service, except where expressly permitted by law or with our prior written consent.
1.25 App store terms
1.26 If you download the App from the Apple App Store or Google Play store, your use of the
App is also governed by the respective store’s rules and policies. Note that Apple and Google
are not responsible for the App’s maintenance or support. To the extent permitted by law,
Apple/Google also provide no additional warranties for the App and are not responsible for any
defects in the App.
Note: Under the App Store requirements, Apple Inc. is deemed a third-party beneficiary of these
Terms with respect to your use of the iOS app – i.e., Apple has the right to enforce these Terms
insofar as they relate to iOS use. For Google Play, your use of the Android app is subject to the
Google Play Terms of Service and refund policy.
1.27 Disclaimers
1.28 The Service is provided “as is” and “as available,” without any express or implied
warranties. To the extent permitted by applicable law, we disclaim all warranties, including
(without limitation) implied warranties of merchantability, fitness for a particular purpose,
accuracy, non-infringement, or uninterrupted operation. We do not warrant that the Service will
operate without interruption, securely, or error-free, or that any defects will be remedied
promptly.
1.29 Informational-only outputs. Again, any assessments, “results,” insights, or
recommendations generated by the Service may be incomplete, inaccurate, or outdated and are
not physician-determined findings or clinical evaluations. They must not be relied upon to make
medical decisions – such data must always be reviewed and evaluated by a qualified physician.
Note: Under App Store requirements, Apple Inc. is considered a beneficiary of these Terms in
relation to your use of the iOS app – i.e., Apple has the right to require compliance, insofar as it
concerns iOS use. In the case of Google Play, the use of the Android app is subject to Google
Play’s terms of service and refund policy.
1.30 Limitation of liability
1.31 To the extent permitted by applicable law, Intidor and its officers, employees, and agents
shall not be liable for any indirect, incidental, special, or consequential losses, nor for any lost
profits, loss of revenue, loss of data, harm to reputation, or other non-pecuniary damage arising
from your use of or inability to use the Service. Our total aggregate liability for all claims related
to the Service shall not exceed the amount you paid us for the Service in the 12-month period
preceding the event giving rise to the claim (if you paid nothing – Intidor’s liability is limited to
zero). Nothing in these Terms seeks to exclude or limit Intidor’s liability where such exclusion or
limitation is not permitted by law.
1.32 Indemnification
1.33 You agree to indemnify and hold harmless Intidor, its parent and affiliates, officers,
employees, and representatives from any claims, liabilities, losses, or expenses (including
reasonable attorneys’ fees) arising out of: (a) your breach of these Terms; (b) your improper or
unlawful use of the Service; or (c) your actions violating third-party rights or laws. Where
necessary, we are entitled to participate in defending our interests in any matter covered by your
indemnification obligation.
1.34 Suspension and termination of the Service
1.35 Intidor reserves the right to temporarily suspend or permanently terminate your access to
the Service at any time if we have reasonable grounds to believe that you have violated these
Terms or the law. Where feasible, we will endeavor to notify you in advance (e.g., by email or
through the App), but in critical cases we may act immediately.
1.36 You have the right to stop using the Service and delete the App at any time. If you have an
active paid Subscription, merely ceasing use does not automatically cancel it – if you do not
want further service, you must separately cancel the subscription, as described earlier in these
Terms (see 1.13).
1.37 Changes
1.38 Service changes – we reserve the right to change, suspend, or discontinue all or any part
of the Service at any time. This may include adding new features, modifying or disabling existing
features, as well as substantially discontinuing the Service. We will strive not to impair your
legitimate expectations without good cause; however, in some cases significant changes may
be necessary for security, legal, or business reasons.
1.39 Changes to the Terms – we may from time to time review or update these Terms of Use.
If changes are material, we will provide appropriate notice (e.g., by displaying a clear notice in
the App or on the website, or by emailing you if we have your email address). Updated Terms
will take effect on the effective date indicated at the beginning of the document unless the notice
specifies a different date. By continuing to use the Service after the changes take effect, you
confirm your agreement to the updated Terms. If you do not agree to the changes, you must
cease using the Service before the new Terms take effect.
1.40 Governing law and dispute resolution
1.41 These Terms and any disputes or claims arising out of or in connection with them are
governed by the laws of the Republic of Lithuania, without regard to its conflict-of-laws rules. For
consumers in EU countries, mandatory consumer protection provisions of your country of
residence also apply – nothing in this choice of law deprives you of such protection where
applicable.
1.42 All disputes are subject to the jurisdiction of the courts of Vilnius, Lithuania (our registered
office’s location). However, if you are an EU consumer residing in another Member State, you
may rely on mandatory dispute resolution rules in that State (e.g., your national consumer
protection authority or courts) where required by law.
1.43 Privacy
1.44 To learn how we collect, use, and share information about you, including information that
may be considered “health data” or special category data under applicable law, please review
the Privacy Policy below (Section II). The Privacy Policy is an integral part of these Terms and
its provisions apply to your use of the Service.
1.45 Contacts
Data Controller / Service Provider: Intidor health group, UAB (company number 307406526).
Registered office: Vilkiškės g. 34, LT-02238 Vilnius, Lithuania.
Customer support email: support@intidorhealthgroup.com (or via the App’s help section); data
protection contacts: (if appointed, you may write to privacy@intidorhealthgroup.com)
Apple App Store: These Terms are concluded between you and Intidor, not with Apple.
Apple is a third-party beneficiary of these Terms with respect to your use of the iOS App
and has the right to enforce them against you.
Google Play: When using the Android App, the Google Play Terms of Service and
Google’s refund rules also apply.
II. Privacy Policy
1.46 Your personal data controller is Intidor health group, UAB, company number 307406526,
registered office: Vilkiškės g. 34, LT-02238 Vilnius, Lithuania.
1.47 If you have questions about the processing of your personal data, you may write to the
address above or contact us by email: support@intidorhealthgroup.com. You may also use the
contact forms available in the App or on our website.
Scope
1.48 This Privacy Policy explains how we process personal data related to the Intidor MEN
mobile application and related services (the “Service”). The Privacy Policy applies to all
information we collect from you or that is generated while you use the Service. It does not apply
to data of any other sites or services unrelated to Intidor MEN.
Note: Intidor MEN services are intended for adults for their personal wellness purposes. The
Service is not intended for use by healthcare institutions in directly delivering services to
patients; therefore, we act as the controller when processing the data you provide in this App for
personal purposes. If Intidor’s services were used differently (e.g., a healthcare institution
cooperating with Intidor), additional legal requirements (e.g., HIPAA in the US) or different roles
may arise. This policy focuses on ordinary use of the Service by individual users.
1.49 We do not use collected personal data for any other commercial purposes (e.g., we do not
sell or rent your email for advertising to third parties). We also will not send you marketing
messages without your consent. If in the future we plan to use data for a new purpose
incompatible with the original ones, we will inform you in advance and (if necessary) obtain your
consent.
Categories of data processed
1.50 We process the following main categories of personal data that you provide or that are
generated when using the Service:
Account and profile data: information you provide when creating an account or filling in
a profile, such as your name (or nickname), email address, contact details, profile photo
(if you choose to upload one), account settings.
Device and technical data: information about the device and the App’s performance –
this may include unique device identifiers, installed App version, operating system, login
IP address, diagnostic logs about App errors (e.g., crash reports), basic telemetry
needed to ensure the functioning and security of the Service (e.g., login times, frequency
of feature use).
User-entered responses and data – information you provide when answering
questionnaires, entering certain metrics or data in the App (e.g., wellness questionnaire
answers, notes about well-being, self-monitoring data). This category may include some
health information if you voluntarily choose to provide it (e.g., information about erectile
function, well-being, medical history, lifestyle habits, etc.).
Communications or chats within the Service – for example, if the Service has AI chat
functionality, we may store chat text to provide the service and improve quality. Other
communications with us may also be stored – for example, your requests to customer
support (emails, queries), their content, submission date and time, and related metadata.
Clerk (sign-in via Google/Apple). We implement social sign-in (“Sign in with Apple”
and “Sign in with Google”) using the third-party service Clerk, which acts as an
authentication intermediary and processes only minimally necessary authentication data
(e.g., email address, social sign-in identifier, login metadata, OAuth/OpenID Connect
session tokens) on our behalf. Clerk does not process medical data – none of your
health information (e.g., symptoms, questionnaire answers, GPT queries or responses)
are transmitted to Clerk. Apple and Google, within their services, act as independent
controllers and transmit to us only the minimal account information needed to verify your
identity (where available – email address). We integrate Clerk in compliance with its
standard privacy and data processing terms (GDPR compliance), publicly available at:
https://clerk.com/legal/privacy and https://clerk.com/legal/dpa. This Intidor Privacy Policy
governs how we use your data via Clerk; Clerk’s privacy policy governs how Clerk
processes data in its system when providing authentication. Clerk has no right to use
your personal data for any purposes other than those necessary for authentication and
as set out in its legal terms.
1.51 Special categories of data. Note that some data you provide may be considered special
category personal data under the GDPR, specifically health data (e.g., information about the
nature of your erectile dysfunction, health status, sexual life, or medical indicators, if you provide
it). We process such data only with your explicit consent, as explained below. We understand
the sensitivity of these data and apply additional safeguards (see Security section below).
Purposes and legal bases for processing
1.52 We use the above personal data for the following purposes and rely on the legal bases set
out below:
Provision and operation of the Service. The primary purpose is to ensure the
functionality and proper operation of the Service. This includes creating and managing
your account, displaying your entered data in the App (e.g., generating charts), providing
features of the App, and customer support (responding to inquiries, troubleshooting), etc.
Legal basis – performance of a contract (GDPR Art. 6(1)(b)), since by registering you
enter into a service contract with us and we cannot properly perform it without these
data;
Use of health data you provide. If you provide information related to your health in the
App (e.g., respond to health-related questions, enter health metrics), we process such
data only with your explicit consent. Legal basis – GDPR Art. 6(1)(a) (data subject’s
consent) together with Art. 9(2)(a) (explicit consent for special category data). You have
the right to withdraw your consent at any time – you can do so in the App settings (if
available) or by contacting us. Note: withdrawal has no retroactive effect – it does not
affect processing lawfully carried out before withdrawal. However, after withdrawal, we
will no longer process your health data for new purposes and, absent another legal
basis, we will delete them securely (see deletion section);
Security, fraud prevention, and compliance with legal obligations. To protect users
of the Service, our systems, and to comply with legal obligations, we may process
certain data based on legal obligation (GDPR Art. 6(1)(c)) or our legitimate interests
(GDPR Art. 6(1)(f)). For example, we may store log data about logins to detect unlawful
access or protect accounts; we may process data to comply with lawful requests from
authorities or court orders. Our legitimate interest also includes maintaining the integrity
of the Service, defending our rights in litigation, fraud prevention, etc.;
Analytics and Service improvement. We seek to understand how users use our
Service to improve it. For this, we may analyze certain usage data (e.g., which sections
are most popular, which features may be failing). Where possible, we use aggregated or
anonymized data that are no longer attributable to a specific user. If analytics involve
personal data, we rely on our legitimate interest (GDPR Art. 6(1)(f)) in improving quality
and product understanding. In certain cases, if required by law (e.g., use of cookies or
tracking technologies), we will ask for your consent for analytics (GDPR Art. 6(1)(a)).
You have the right to object at any time, as described below;
Marketing and notices (if applicable). Currently, Intidor MEN does not send any
commercial newsletters or advertising messages unrelated to the direct function of the
service, except possibly in-app informational messages about new features or
reminders. If in future we plan to send newsletters or offers by email, we will do so only
after obtaining your prior consent under electronic communications laws. With consent,
the legal basis would be GDPR Art. 6(1)(a); if you do not consent or withdraw consent,
we will not send such messages.
1.53 Automated decisions. We use automated means in the Service to generate content and
recommendations. These processes are informational and do not produce legal effects or
similarly significant effects on you within the meaning of GDPR Article 22. We do not use solely
automated decisions that would automatically determine your rights or significantly affect you
(e.g., granting/denying a subscription, setting individualized pricing, restricting legal rights). If in
the future we implement features that could have such effects, we will clearly inform you and,
where required, obtain your explicit consent and ensure your right to human intervention, to
express your view, and to contest the decision.
Note: If later an automated decision with significant effect arises (e.g., automatic account
blocking, dynamic pricing by profile, automatic refusal of refund), that would be a GDPR Art. 22
situation and would require a human review process and other safeguards. If you do not plan
this – the formulation above is sufficient.
1.54 Health information disclaimer
1.55 The Service may present informational insights or results obtained by analyzing your
questionnaire answers, smart device signals (if integrated), or statistical data. These results are
for educational and informational purposes only – they do not constitute medical advice,
diagnosis, or treatment, nor are they clinical evaluations or physician-approved findings. You
should not rely on any results provided in the App when making decisions about your health
condition or treatment. For all health matters or treatment changes, always consult a physician
or qualified healthcare professional. In urgent or critical situations, call emergency medical
services.
1.56 Recipients and processors
1.57 We do not sell or otherwise distribute your personal data to third parties for commercial
purposes. We use solutions from trusted service providers to deliver the Service. These
providers act on our instructions and on our behalf as necessary for the relevant function, under
their standard data processing terms (DPA) that apply upon onboarding. Below we describe the
main providers and link to their legal documents:
Platform.sh (infrastructure, servers). Purpose: our App’s back-end and databases are
hosted on Platform.sh infrastructure; we select EU regions so that personal data are
stored in the EU/EEA (privacy policy https://platform.sh/trust-center/privacy/privacy-
policy-summary/); (data processing agreement (DPA) https://platform.sh/trust-
center/privacy/dpa/);
Clerk (intermediary for “Sign in with Apple/Google” authentication). We use Clerk
only as a third-party authentication intermediary for Apple and Google sign-ins. This
means that, at registration/login, Clerk processes user authentication data (e.g., email,
login times, social sign-in identifiers) necessary to confirm your account and manage
sessions. Importantly, Clerk does not receive any medical, chat (AI), or symptom data –
such data are neither transmitted via nor processed by Clerk (Privacy Policy:
https://clerk.com/legal/privacy; DPA – https://clerk.com/legal/dpa);
OpenAI – automated content formulation (e.g., generating recommendations/chats).
Inputs sent to the API are pseudonymized where possible; per provider policy, API
content is not used to train models without a separate opt-in; logs may be retained for up
to 30 days for abuse prevention. Policies/DPA: https://openai.com/policies (including API
data use);
Sentry – error tracking and performance monitoring. Configured so that identifying
data do not enter logs; technical metadata are transmitted. Privacy policy:
https://sentry.io/privacy/; DPA: https://sentry.io/legal/dpa/;
PostHog – product analytics (Cloud EU – Frankfurt). Privacy policy:
https://posthog.com/privacy; DPA: https://posthog.com/dpa; GDPR guidance:
https://posthog.com/docs/privacy/gdpr-compliance. We provide an in-App opt-out – if
you opt out, the SDK is disabled;
Better Stack (Better Uptime, Logtail) – availability/log monitoring in the EU region.
Privacy policy: https://betterstack.com/privacy; DPA: https://betterstack.com/dpa;
Security: https://betterstack.com/security.
1.58 Where personal data are transferred to third countries (outside the EEA), we ensure
appropriate safeguards under GDPR Chapter V. These may include: additional technical and
organizational measures where necessary – e.g., encryption, pseudonymization, data
minimization before transfer to a foreign provider – to reduce risk.
1.59 Retention period (data retention and deletion)
1.60 We retain your personal data no longer than necessary for the purposes for which they
were collected, or for as long as required by law. Specific retention periods:
Active accounts: While you have an active account and use the Service, your data will
be retained in our system. This is needed so that you can use the Service continuously
(e.g., to see your previously entered data, history, etc.);
Deletion of an account at the user’s request: You have the right to delete your
account at any time. You can do this in the App settings or by submitting a request to us.
Upon receipt of your confirmed account deletion request, we will delete or anonymize all
personal data associated with your account within 30 days (unless an exception below
applies) – i.e., within 30 days of account deletion all your data will be removed from
active systems. This period is needed to ensure smooth removal and (where applicable)
deletion of backup copies;
Legal obligations and disputes: In some cases, we may need to retain certain data for
a longer period even if you delete your account, if necessary to fulfill legal obligations or
protect our legitimate interests. For example, financial transaction records (if there were
direct payments) may be retained as required by accounting or tax laws. We may also
retain certain basic information where needed to assert, exercise, or defend legal claims
(e.g., if we have unresolved disputes with you, we may retain necessary data until the
dispute ends). Even then, the principle of limitation applies – data will be retained solely
for that purpose and, once the need ends, they will be promptly deleted or anonymized;
Backups: Our systems periodically create backup copies for disaster recovery. Backups
are retained for a short period and are set to be overwritten (rotated). Thus, even after
account deletion, your data may remain in encrypted backups for up to 30 days until
overwritten by newer copies. Strict access controls apply to such backups, and they are
used only for emergency restoration.
1.61 After the retention period ends, we securely delete, anonymize, or aggregate your data.
Anonymization means removing all information that identifies you, so the remaining anonymous
data are no longer personal data and may be used for statistics, research, or service
improvement.
1.62 If you wish to know specifically whether certain data of yours are still retained, or you want
them deleted earlier than the standard period, please contact us – we will assess your request
in line with your rights discussed below.
1.63 Security
1.64 We have implemented appropriate technical and organizational measures to protect your
personal data. These include:
Access control: data access is granted only to authorized persons on a “need-to-know”
basis, i.e., only to those employees or service providers who require it to perform their
task. All our staff/team members are bound by confidentiality obligations and are trained
on data protection;
Encryption: we use encryption protocols (HTTPS/TLS) to protect sensitive data
transmitted between your device and our servers from interception. Certain particularly
sensitive data (e.g., passwords) are stored only in encrypted (hashed) form;
Firewalls and monitoring: our servers are protected; we continuously monitor systems
for signs of intrusion or unusual activity. We employ protection against DDoS attacks and
malicious requests;
Backups and recovery: as noted, we regularly create encrypted backups so that data
are protected in case of failures. We also periodically test data restoration procedures to
ensure we can restore data if lost;
Logging: we log system events (logs) of data access, especially administrative. This
allows us to trace who may have accessed personal data and when, and to detect
unusual activity;
Least privilege principle: we enforce strict permission levels in systems and services –
both for our staff and for used services we grant only such access as is necessary for
their function (e.g., providers do not have access to data they do not need).
1.65 In the event of a personal data breach likely to result in a high risk to your rights or
freedoms (e.g., a data leak from our systems), we will comply with GDPR requirements – notify
the supervisory authority within 72 hours of becoming aware, and where the breach may pose
a high risk to you – we will also notify you without undue delay (via the App, email, or other
direct means) so that you can take appropriate steps.
1.66 Your rights
1.67 The GDPR and other data protection laws grant you certain rights regarding your personal
data. We respect these rights and ensure you can exercise them.
1.68 To exercise any GDPR rights, you may contact us indicating which right and which data
you wish to exercise it for. We recommend writing by email to support@intidorhealthgroup.com
(or privacy@intidorhealthgroup.com), stating your account identifiers and the essence of your
request. We may ask you to confirm your identity (to protect your data from unlawful disclosure
– e.g., we may request that the query be sent from the same email linked to your Intidor
account, or ask for certain information to identify the account).
1.69 We endeavor to respond to your GDPR requests no later than one month from receipt. In
exceptional cases, if the request is very complex or we have received many requests, this
period may be extended by up to two months – in such a case, within the first month we will
inform you about the extension and the reasons.
1.70 Individuals
1.71 The Service is not intended for children and persons under 16 years of age. We do not
knowingly collect or process children’s (i.e., persons under 16) personal data without
appropriate parental or guardian consent. If you are under 16, you should not use this App and
should not provide us with any of your personal data.
Note: In certain jurisdictions the age threshold for children may differ; we comply with applicable
requirements. For example, if a different child age threshold applies in your residence for
consent, we will apply that threshold.
1.72 If we learn that we have received a child’s personal data without a proper basis, we will
take steps to remove such data. Parents or guardians who observe that a child may have used
our Service and submitted data are encouraged to contact us – we will promptly delete the
relevant information.
1.73 Cookies and other tracking technologies
1.74 Our mobile App and related website may use cookies, software development kits (SDKs),
and similar technologies to ensure the Service operates and to improve your experience. Key
aspects:
Strictly necessary cookies/technologies: elements essential for the Service to
function. For example, authentication mechanisms to maintain your session, settings
necessary for App operation, etc. Without these technologies the Service could not
function properly; therefore they are used under the legitimate interest to provide the
service (or contract performance where necessary);
Analytics and performance cookies/SDKs: with your consent we may use additional
analytics libraries (e.g., the PostHog SDK mentioned) to understand App usage. These
tools may collect certain information about your device and App use (e.g., which screens
you opened, how long you spent). This helps improve the product. We use such
technologies only after obtaining your express consent (e.g., on first launch we may ask
“Do you agree to share anonymous usage data?”). If you do not consent or withdraw
consent – these analytics tools will not be active;
Messaging and user-experience SDKs: sometimes we integrate third-party
components to improve user experience – e.g., services allowing us to send you push
notifications about important updates, or error-reporting services (Sentry). These
components may use cookies or identifiers to function. We ensure that such data are
processed according to our instructions and solely for the relevant purpose.
1.75 You have control over most non-essential cookies/SDKs. For websites – we display a
cookie consent banner where you can choose which cookies/trackers you consent to. For the
mobile App – there may be a “Privacy settings” section in the App settings or consent dialogs
when first using a feature. In addition, you can always manage certain tracking preferences at
the device level: both iOS and Android allow you to restrict certain tracking (e.g., disable
advertising identifiers, limit background data collection by apps, etc.).
1.76 We commit to transparency about tracking used in the App – we will inform you in advance
about their use and obtain consent where required by law (e.g., analytics or marketing trackers).
We will also ensure that the privacy information published for the App in the Apple App Store
and Google Play matches actual data practices so you can see a clear summary.
1.77 Changes to this policy
1.78 From time to time we may update this Privacy Policy. Reasons may include legal changes,
the introduction of new Service features, or changes in our data processing practices.
1.79 If we make material changes (e.g., begin processing data for new purposes requiring
consent), we will clearly notify you. The notice may be provided in the App (a pop-up or notice),
on the website, or – in certain cases – by email (if we have your email address). The notice will
state the effective date of the new policy and, if necessary, we will seek your consent where
required by law.
1.80 The effective date is always indicated at the top of this Privacy Policy so that you can see
when it was last changed. We recommend reviewing this policy periodically to stay informed
about how we protect your data.
1.81 How to contact us
1.82 If you have questions, requests, or comments related to this Privacy Policy or your
personal data, please contact us.
By email: support@intidor.com (general issues) or privacy@intidor.com (data protection
matters).
1.83 If you have complaints about how we process your data and you believe our response is
unsatisfactory, in addition to the right to contact the supervisory authority, you may also use
consumer protection remedies. For example, for disputes related to personal data you can apply
directly to a court in your place of residence or to the court at our registered office. We always
welcome the opportunity to resolve issues amicably, so please communicate with us directly.
1.84 Compliance with law and compliance statement
1.85 The Intidor MEN App and our activities comply with all applicable European Union
legislation relating to personal data protection and the provision of digital services. We fulfill our
obligations under the GDPR (Regulation (EU) 2016/679), including protection of special
categories of data (health), and we also follow EU consumer rights directives (Directive
2011/83/EU on consumer rights, Directive 2005/29/EC on unfair commercial practices, etc.).
1.86 By this document we confirm that we have implemented appropriate procedures and
measures to ensure compliance with the above legislation. We periodically review and, where
necessary, update our data protection practices, cooperate with supervisory authorities, and
take steps to ensure that your data and rights are fully protected.
1.87 International data transfers. Since some third parties mentioned above are outside the
European Economic Area (EEA) (e.g., OpenAI and Clerk are US-based), we ensure that any
transfer of your personal data to a third country complies with GDPR Chapter V. This means
that data are transferred only where appropriate safeguards apply: either the recipient is in a
country recognized by the European Commission as providing an adequate level of protection,
or standard contractual clauses are concluded, or the recipient is certified under the EU-US
Data Privacy Framework, where applicable. Our goal is to protect your data regardless of where
they are processed; therefore we apply equally strict standards both inside and outside the EU.