GDPR & Your Data Rights

We are fully committed to the EU General Data Protection Regulation.

Last updated: April 2026  ·  Questions? hello@globedoc.com

Our Commitment

GlobeDoc is built on the principle that your health data is yours — not ours. The EU General Data Protection Regulation (GDPR) gives you strong rights over your personal data. We fully embrace these rights and have designed GlobeDoc from the ground up to comply with them.

Health data is classified as special category data under GDPR and receives the highest level of protection. We take this responsibility very seriously.

Your Six Core Rights

📋 Right of AccessRequest a complete copy of all personal data we hold about you at any time.
✏️ Right to RectificationCorrect any inaccurate or incomplete personal data we hold.
🗑️ Right to ErasureRequest deletion of all your data — the "right to be forgotten".
📦 Right to PortabilityExport your data in a machine-readable format (JSON/CSV/PDF).
🚫 Right to ObjectObject to certain types of processing of your personal data.
⏸️ Right to RestrictionAsk us to limit how we process your data in specific circumstances.

To exercise any of these rights, email hello@globedoc.com. We will respond within 30 days at no charge.

Legal Basis for Processing

Under GDPR, we must have a lawful basis to process your data. Here is how we process different types of data and why:

Data Controller

GlobeDoc acts as the data controller for your personal and health data. For technical infrastructure (cloud hosting), we engage carefully selected processors under GDPR-compliant data processing agreements.

All data is stored within the European Union. We do not transfer personal data outside the EU/EEA without appropriate safeguards in place.

Data Retention

We retain your personal data for as long as your account is active. When you delete your account:

Security Measures

We protect your data with:

Data Breach Notification

In the unlikely event of a data breach affecting your personal data, we will notify you directly by email without undue delay and within 72 hours of becoming aware of the breach. We will provide clear information about what happened, what data was affected and what steps you should take.

Consent & Withdrawal

Where we process your data based on consent, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing before withdrawal. You can manage your consent settings in your GlobeDoc account, or contact us directly.

Complaints

If you believe we have not handled your data correctly, please contact us first at hello@globedoc.com — we want to resolve any concerns directly and promptly.

You also have the right to lodge a complaint with your national supervisory authority. In Sweden, this is the Integritetsskyddsmyndigheten (IMY) at imy.se. In other EU countries, contact your local data protection authority.

Contact Our Data Team

For any privacy or GDPR-related request:

📧 hello@globedoc.com

We aim to respond to all data requests within 5 business days and complete them within 30 days as required by GDPR.