Label Icon

Privacy

Privacy policy

Hero ShapeHero Shape

Introduction

Version: 2.0
At MyC, we specialize in health data management. We know that privacy isn't just a legal requirement for us—it’s the core of our business. This notice explains how we handle your data when you use our websites, applications, and services.

At a Glance

Who we are: MyC, a French health-tech company.
Our Role: We are the Controller for your account and website data. We are the Processor for the medical/patient data you upload to our platform (your organization is the Controller there).
Data we never sell: We do not, and will never, sell your personal data to third parties.
Security: All data is encrypted at rest and in transit. We use specific health-data grade security protocols.
Your Rights: You have the right to access, delete, or port your data at any time.

Who we are and how to contact us

MyC is a company registered in France (Company No. 890 755 275).
Registered Office: 113 avenue du Président Salvador Allende, 93100 Montreuil, FRANCE.
Privacy Team: privacy@myc.doctor
Data Protection Officer (DPO): We have appointed GRCI Law Limited as our outsourced DPO. You can reach them at dpoaas@grcilaw.com (Please include "MyC" in your subject line).

Our role: controller versus processor

If you are...
- A Website Visitor or Account Holder: Controller: We decide why and how your account/usage data is processed.
A Patient/Consultant (using a doctor's MyC portal): Processor: We process your health data only on the instructions of your Healthcare Provider (the Controller).
A Business Client (Healthcare Provider):Controller: We process your professional contact and billing info.

The data we collect

We collect information to provide a seamless and secure health-management experience.
Identity & Contact: Name, professional registration number (for doctors), email, and phone number.
Technical & Usage: IP address, login timestamps, browser type, and how you interact with our "MalarIA" or Dashboard tools.
Health Data (Special Category): When acting as a Processor, we store patient records, clinical notes, and appointment history. Note: This data is subject to strict "Hébergeur de Données de Santé" (HDS) standards in France.
Offline Data: If you use our "Offline Mode," data is stored in an encrypted local cache on your device, accessible only via your password.

Why and how we use your data

We only process data when we have a legal basis:
Contractual Necessity: To create your account and provide EHR/Case Management services.
Legal Obligation: To comply with French health regulations and tax laws.
Legitimate Interest: To improve our platform security and analyze website performance (analytics).
Consent: For marketing newsletters or specific cookie tracking.

Data sharing & international transfers

We do not sell your data.
We only share it with:
Service Providers: Infrastructure partners (e.g., cloud hosting, security monitoring like DataDog).
Compliance: Regulators or law enforcement if legally mandated.
International Transfers: If data is transferred outside the EEA (e.g., to the US for specific analytics), we ensure Standard Contractual Clauses (SCCs) are in place to maintain European levels of protection.

Security and retention

Encryption: We use industry-standard AES-256 encryption.
Retention:
Account Data: Kept for the duration of your contract + legal limitation periods.
Marketing Data: Kept for 3 years from last contact or until you unsubscribe.
Medical Records: Retained according to the specific instructions of the Healthcare Provider (Controller) and French Public Health Code.

Your rights

Under the GDPR, you have the following rights:
Access: Request a copy of the data we hold about you.
Rectification: Fix inaccurate data.Erasure ("Right to be Forgotten"): Request deletion of your data (where legal obligations allow).
Restriction: Temporarily stop us from processing your data.
Data Portability: Move your data to another service.
Object: Object to processing based on legitimate interests.
How to exercise these: Email privacy@myc.doctor. We respond to all requests within 30 days

Complaints

If you are unhappy with how we handle your data, please contact us first.
If we cannot resolve it, you have the right to lodge a complaint with your local authority;France: CNIL, UK: ICO

Your Enterprise Health Platform

MyC prevents what others only measure: lower absenteeism, zero compliance gaps and protected workforce

Get Started
About UsBlogJobs

Copyright © 2025 MyC. All Rights Reserved.

Terms of UsePrivacy Policy