Privacy Policy & Data Protection

Privacy and data protection practices for the HemaLens Clinical Decision Support System, in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).

    HemaLens does not store any personal data by default.
    The system operates in stateless mode: a lab report is uploaded, analyzed, and the result is returned — no data persists on our servers. Data storage is only activated when explicitly requested by the institution (save_to_db=true).

1. Data Controller

EntorionTech Software and Technology Ltd. ("EntorionTech") acts as the data controller for personal data processed within the HemaLens clinical decision support system, within the meaning of Article 4(7) of the GDPR.

Contact: info@hemalens.com

2. Data Processing Principles (Article 5 GDPR)

HemaLens processes personal data in strict adherence to the following principles:

Lawfulness, fairness, and transparency: Data is processed only for clearly communicated clinical decision support purposes, with a valid legal basis.
Purpose limitation: Data is processed exclusively to generate clinical analysis results for the requesting healthcare professional. It is not used for marketing, profiling, or any unrelated purpose.
Data minimization: Only the laboratory parameters required for analysis are processed. National ID numbers, addresses, phone numbers, and other unnecessary identifiers are never collected.
Accuracy: The system processes data exactly as received from the source laboratory report and applies validated clinical reference ranges.
Storage limitation: In default mode, data retention is zero. When storage is enabled, data is retained only for the agreed period and then deleted.
Integrity and confidentiality: All data in transit is encrypted via TLS. Access is controlled through API key authentication per institution.

3. Legal Basis for Processing (Article 6 GDPR)

HemaLens relies on the following legal bases for processing personal data:

Legitimate interest — Article 6(1)(f): Processing laboratory data to provide clinical decision support to healthcare professionals, where the processing is necessary and proportionate to the legitimate interest of improving patient care.
Consent — Article 6(1)(a): Where data storage is enabled (save_to_db=true), explicit consent is obtained from the data controller (healthcare institution) prior to any persistent storage of anonymized results.
Legal obligation — Article 6(1)(c): Where processing is required to comply with applicable healthcare regulations and clinical documentation requirements.
Vital interests — Article 6(1)(d): In urgent clinical scenarios, processing may be necessary to protect the vital interests of the data subject (patient).

4. Categories of Personal Data Processed

Data Category	Details	Default Behavior
Health Data	Complete blood count, biochemistry parameters (41 parameters)	Processed transiently, not stored
Demographic Data	Patient age, sex	Processed transiently, not stored
Report Metadata	Lab result date, source file name	Processed transiently, not stored
Institution Data	Source institution name (source_institution)	Not stored

Important "Processed transiently, not stored" means the data is held in memory (RAM) only during analysis. Once the result is returned, no data is written to any persistent medium — no database, no disk, no log file. Patient names are never stored in the database even when storage is enabled; SHA-256 hashing is used for any identifiers.

5. Data Subject Rights (Articles 15–22 GDPR)

Under the GDPR, you have the following rights regarding your personal data:

Right of access (Art. 15): You have the right to obtain confirmation as to whether your personal data is being processed and, if so, to access that data along with information about the processing.
Right to rectification (Art. 16): You have the right to request correction of inaccurate personal data and to have incomplete data completed.
Right to erasure (Art. 17): You have the right to request deletion of your personal data ("right to be forgotten") where the data is no longer necessary for its original purpose or where you withdraw consent.
Right to restriction of processing (Art. 18): You have the right to request that processing of your personal data be restricted under certain circumstances, such as when accuracy is contested.
Right to data portability (Art. 20): Where processing is based on consent or contract and carried out by automated means, you have the right to receive your data in a structured, commonly used, and machine-readable format.
Right to object (Art. 21): You have the right to object to processing based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds.
Right not to be subject to automated decision-making (Art. 22): You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. HemaLens is a clinical decision support tool — it does not make diagnoses or treatment decisions. All outputs are advisory and the final clinical decision rests entirely with the treating physician.

Exercising Your Rights To exercise any of the above rights, please contact us at info@hemalens.com. We will respond to your request within 30 days, in accordance with Article 12(3) GDPR.

6. Technical Safeguards

Stateless by Default

Default operating mode. The lab report is analyzed, results are returned, and no data remains on the server. As long as save_to_db is false (default), no persistent record is created.

SHA-256 Anonymization

When storage is enabled, patient identifiers are hashed using SHA-256 before storage. No patient names are ever written to the database. Records cannot be traced back to individuals.

API Key Authentication

All protected endpoints require an X-API-Key header. Unauthorized access is rejected with 401 Unauthorized. Each institution receives a unique API key.

TLS Encryption

All data transmission is encrypted using TLS 1.3. API endpoints are accessible only via HTTPS. Data in transit is protected against interception.

Audit Logging

When storage is enabled, audit logs record system activity without patient identifiers. Logs track access patterns and system events for security review.

On-Premise Option

Docker-based deployment to the institution's own servers is supported. Data never leaves the institution's network. No cloud dependency is required.

7. Data Retention

Scenario	Retention Period
Stateless mode (save_to_db=false)	Zero — no data is stored
Pilot program (save_to_db=true)	Duration of the pilot; deleted upon completion
Production use (by institution request)	As defined in the data processing agreement
Feedback data	Stored without patient identifiers; retained for quality improvement
Audit logs	Only when save_to_db=true; deleted upon institution request

8. International Data Transfers

HemaLens processes data within EU-compliant infrastructure. When cloud services are used, data is hosted on servers located within the EU/EEA or in jurisdictions that provide an adequate level of data protection as recognized by the European Commission (Article 45 GDPR). Where on-premise deployment is chosen, no data leaves the institution's own infrastructure.

In cases where data transfer to third countries is necessary, appropriate safeguards are implemented in accordance with Chapter V of the GDPR, including Standard Contractual Clauses (SCCs) where applicable.

9. Data Protection Officer

For any questions regarding data protection or to exercise your rights under the GDPR, please contact our Data Protection Officer:

Email: info@hemalens.com
Organization: EntorionTech Software and Technology Ltd.

You also have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement (Article 77 GDPR).

10. Automated Decision-Making

HemaLens is a clinical decision support system that automatically analyzes laboratory data. The system does not make diagnoses and does not prescribe treatments. All outputs are generated solely to assist the healthcare professional's clinical assessment. The final clinical decision rests entirely with the physician.

In accordance with Article 22 GDPR, you have the right to contest any automated analysis results. Every HemaLens output is explainable and auditable — the system transparently shows which parameters were evaluated against which clinical guideline references.

11. Updates to This Policy

This privacy policy may be updated to reflect changes in legislation, regulatory guidance, or system capabilities. The current version will always be published on this page. Where material changes are made, we will notify data controllers (healthcare institutions) through our standard communication channels.

Last updated: 16 April 2026

Version: 1.0