Beta Version — CE Class I certification in progress (expected January 2026). Commercial launch scheduled February 2026.
Home Product Resources Community Roadmap About Contact
Français English
Book Demo

Privacy Policy

3

Last updated: May 2025

Thalivia is committed to protecting your privacy and complying with applicable data protection regulations, including the GDPR (General Data Protection Regulation). This policy describes what data we collect, how we use it, and your rights.

1. Who We Are

Thalivia is a digital platform designed for healthcare professionals specializing in intrathecal analgesia.

Data Controller:
Thalivia
dpo@thalivia.care

2. What Data We Collect

We collect and process the following types of personal data:

  • Account Information: name, email, institution, professional status
  • Authentication Data: login credentials, 2FA setup
  • Usage Data: interactions within the platform (logs, clicks, navigation)
  • Prescription Data: medical entries and treatment planning (pseudonymized and encrypted)
  • Community Activity: posts, comments, and contributions within forums or webinars
  • Web Analytics: anonymized browsing statistics collected via Umami Analytics (no cookies, no IP storage)

3. How We Use Your Data

We use your data to:

  • Provide access to the Thalivia platform and services
  • Enable collaborative workflows (prescription, pharmacy validation, etc.)
  • Ensure platform security and traceability (audit logs)
  • Improve our services through usage analytics
  • Comply with legal and regulatory obligations

Processing is based on:

  • Contractual necessity (for user accounts and access)
  • Legitimate interest (for platform performance, support, product improvement)
  • Legal obligation (traceability, HDS compliance)
  • User consent (for newsletter, community, or optional features)

5. Data Storage & Security

  • Platform data is hosted in France, on HDS-certified infrastructure
  • Web analytics data is processed by Umami Cloud (United States), with no IP storage or personal identification
  • Data is encrypted at rest and in transit
  • Access to patient data is restricted to verified healthcare professionals
  • Daily backups, monitoring, and role-based access control are enforced

6. Data Sharing

Your data is not sold or shared with third parties for commercial purposes.

We may share data with:

  • Service providers under strict confidentiality:
    • Platform hosting (France, HDS-certified)
    • Authentication
    • Web analytics (Umami, United States, anonymized data only)
  • Regulatory bodies in case of legal request

7. Your Rights

As a user, you have the right to:

  • Access your personal data
  • Request rectification or deletion
  • Limit or object to certain processing
  • Data portability (when applicable)
  • File a complaint with a supervisory authority (e.g. CNIL in France)

To exercise your rights, please contact us at: [Insert Contact Email]

8. Data Retention

  • Account data: retained for the duration of your subscription and up to 12 months after deletion
  • Prescription data: retained per legal obligations (medical traceability)
  • Logs and backups: retained for 30 days, unless required longer by law

9. Cookies and Analytics

We use Umami Analytics, a privacy-focused analytics tool, to understand how our website is used.

  • Data collected: pages visited, duration, device type, country (based on IP without storing it)
  • Hosting: Umami Cloud (United States)
  • No cookies: Umami does not set any cookies
  • GDPR compliance: Umami does not store IP addresses and does not allow individual visitor identification
  • Opt-out: You can block analytics via your browser or anti-tracking extensions

10. Updates

This Privacy Policy may be updated. Any major changes will be communicated via email or in-app notification.

If you have any questions about our privacy practices, feel free to contact us at: dpo@thalivia.care