CAREPOI® – AI-Enabled Care. Anywhere. Anytime.

Privacy Policy

Last Updated: June 2026

CAREPOI IKE (“CAREPOI”, “we”, “us”, or “our”) is committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you access or use the CAREPOI platform, website, mobile applications, and related services available through carepoi.com (the “Services”).

CAREPOI IKE is established in Greece at:

75 Thessalonikis & Florinis Street
Moschato 18345
Athens, Greece

By using our Services, you acknowledge that your personal data will be processed in accordance with this Privacy Policy and applicable data protection laws, including Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR).

1. Data Controller

The Data Controller responsible for the processing of personal data is:

CAREPOI IKE
75 Thessalonikis & Florinis Street
Moschato 18345
Athens, Greece
Email: info@carepoi.com

Data Protection Officer (DPO):
Dr Chara Pylarinou
Email: info@carepoi.com

2. Who Uses Our Services

Our Services may be used by:

  • Patients
  • Physicians
  • Nurses
  • Pharmacists
  • Radiologists
  • Other authorized healthcare professionals

3. Personal Data We Collect

Account Information

  • Full name
  • Email address
  • Telephone number
  • Professional registration details, where applicable
  • Username and account credentials

Healthcare Information

Where necessary for the provision of healthcare-related services, we may process special categories of personal data, including:

  • Medical history
  • Clinical observations
  • Diagnostic information
  • Treatment information
  • Healthcare records
  • Healthcare provider information

Technical Information

  • IP address
  • Device identifiers
  • Browser type
  • Operating system
  • Application usage information
  • Log data
  • Security-related information

Location Information

Where required for specific service functionality and subject to applicable permissions, we may process location-related information.

Communication Data

  • Support requests
  • Customer service communications
  • Feedback submissions
  • Survey responses

4. How We Collect Personal Data

We collect personal data:

  • Directly from you when you register or use our Services
  • When healthcare professionals use the platform in connection with your care
  • Through communications with our support team
  • Through automated technologies used within our Services
  • From authorized healthcare institutions and healthcare providers where permitted by law

5. Purposes of Processing

We process personal data for the following purposes:

  • Creating and managing user accounts
  • Providing healthcare-related services
  • Facilitating communication between healthcare professionals and patients
  • Delivering medical and clinical information
  • Providing customer support
  • Improving platform performance and security
  • Maintaining service functionality
  • Complying with legal and regulatory obligations
  • Detecting, preventing, and investigating fraud or misuse
  • Conducting analytics and service improvement activities
  • Protecting the safety and integrity of our Services

6. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

  • Your consent
  • Performance of a contract
  • Compliance with legal obligations
  • Protection of vital interests
  • Provision of healthcare and health management services
  • Legitimate interests pursued by CAREPOI, provided such interests do not override your fundamental rights and freedoms

Where special categories of personal data, including health data, are processed, CAREPOI relies on the applicable GDPR conditions under Articles 9(2)(a), 9(2)(h), and other relevant provisions.

7. Sharing of Personal Data

CAREPOI does not sell personal data.

We may disclose personal data only where necessary to:

  • Healthcare professionals involved in patient care
  • Hospitals and healthcare institutions
  • Service providers acting on our behalf
  • Cloud hosting and infrastructure providers located within the European Union
  • Regulatory authorities and governmental bodies where required by law
  • Courts, law enforcement agencies, and competent authorities where legally required

All third parties processing personal data on our behalf are required to implement appropriate technical and organizational security measures and process data only according to our instructions.

8. International Data Transfers

CAREPOI stores and processes personal data within the European Union.

Where any transfer outside the European Economic Area becomes necessary, appropriate safeguards required under GDPR shall be implemented before such transfer occurs.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with applicable legal, healthcare, regulatory, accounting, and reporting requirements.

When personal data is no longer required, it will be securely deleted, anonymized, or otherwise disposed of in accordance with applicable laws.

10. Data Security

CAREPOI implements appropriate technical and organizational measures to protect personal data against unauthorized access, accidental loss, destruction, disclosure, alteration, or misuse.

These measures include:

  • Access controls
  • Encryption where appropriate
  • Secure hosting environments
  • Monitoring and logging systems
  • Staff confidentiality obligations
  • Security assessments and reviews

Although we strive to protect personal data using industry-standard safeguards, no method of transmission or storage can be guaranteed to be completely secure.

11. Cookies and Similar Technologies

Our website and applications may use cookies and similar technologies to:

  • Enable platform functionality
  • Improve user experience
  • Analyze service performance
  • Maintain security

Users may manage cookie preferences through browser settings. Certain functionalities may be affected if cookies are disabled.

12. Children’s Privacy

Our Services are not intended for children under the age of 16 unless access is provided through a parent, guardian, healthcare provider, or another lawful basis under applicable legislation.

We do not knowingly collect personal data from children in violation of applicable law.

13. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate personal data
  • Request deletion of personal data
  • Restrict processing
  • Object to processing
  • Receive your personal data in a portable format
  • Withdraw consent where processing is based on consent
  • Not be subject to unlawful automated decision-making
  • Lodge a complaint with a supervisory authority

14. Exercising Your Rights

To exercise any of your rights, please contact: info@carepoi.com

We may request reasonable information necessary to verify your identity before responding to your request.

We will respond to legitimate requests without undue delay and within the deadlines established by applicable law.

15. Right to Lodge a Complaint

If you believe your personal data has been processed unlawfully, you have the right to lodge a complaint with the competent supervisory authority.

For Greece, the competent authority is:

Hellenic Data Protection Authority (HDPA)
1-3 Kifisias Avenue
115 23 Athens
Greece
Website: www.dpa.gr

You may also lodge a complaint with the supervisory authority of the European Union Member State in which you reside, work, or where the alleged infringement occurred.

16. Changes to This Privacy Policy

CAREPOI may update this Privacy Policy from time to time to reflect legal, technical, or operational changes.

Any material changes will be published on carepoi.com together with the updated revision date.

17. Contact Information

CAREPOI IKE
75 Thessalonikis & Florinis Street
Moschato 18345
Athens, Greece
Email: info@carepoi.com

Data Protection Officer:
Dr Chara Pylarinou

Website: carepoi.com