Aritium Health Platform Privacy Policy

Last updated: March 2026

1. Introduction

This Privacy Policy describes how Aritium Technologies S.L. (“Aritium”, “we”, “our”) collects, processes, and protects personal data within the Aritium Health Platform, a digital solution designed for remote patient monitoring and healthcare data management.

The Aritium Health Platform enables healthcare providers to monitor patients remotely by integrating data from connected medical devices, wearable technologies, and IoT systems.

Aritium is committed to ensuring the confidentiality, integrity, and availability of personal data, in accordance with applicable data protection regulations, including the General Data Protection Regulation (GDPR)..

2. Categories of Data Processed

The Aritium Health Platform may process the following categories of data:

2.1 Health Data

Health-related data collected from connected devices and wearable technologies, including but not limited to:

Blood pressure (systolic and diastolic)
Heart rate
Blood oxygen saturation (SpO2)
Physical activity data (e.g., steps)

These data may be obtained directly from the devices or through integrations with third-party platforms

2.2 Identification Data

Depending on the deployment context, the platform may process: · User identifiers (e.g., patient ID)
Contact information (if required by the healthcare provider)

2.3 Device and Technical Data

Device identifiers
Connection logs
System usage data (for operational and security purposes)

3. Purpose of Processing

Personal and health data are processed exclusively for the following purposes:

Remote monitoring of patients in home or clinical environments
Visualization of physiological data through dashboards and reports
Identification of trends or deviations in health parameters
Support for healthcare professionals in clinical follow-up

The platform is designed as a support tool for healthcare professionals and does not provide automated diagnosis or treatment..

4. Legal Basis for Processing

Processing of personal and health data is carried out under the following legal bases: · Explicit consent of the data subject
Provision of healthcare services, where applicable
Compliance with legal obligations

5. Data Access and Recipients

Access to personal data is strictly limited to:

Authorized healthcare professionals involved in patient monitoring
Authorized personnel of Aritium for system maintenance and support (under strict confidentiality obligations)

Personal data is not shared with third parties, except:

· When necessary for the provision of healthcare services
When required by law or regulatory authorities

6. Data Transfers

Where third-party platforms are used (such as Huawei Health services), data may be transferred through secure APIs in accordance with their respective privacy frameworks.

All data transfers are carried out using appropriate safeguards to ensure compliance with GDPR and applicable regulations.

7. Data Retention

Personal data will be retained only for as long as necessary to fulfill the purposes described in this policy or as required by applicable laws and healthcare regulations.

Retention periods may be defined by the healthcare provider using the platform.

8. Security Measures

Aritium implements appropriate technical and organizational measures to ensure the security of personal data, including: · Encryption of data in transit and at rest
Access control mechanisms and authentication
Audit logs and monitoring
Secure cloud infrastructure
Regular security assessments

9. Data Subject Rights

Users may exercise their rights under GDPR, including:

Right of access
Right to rectification
Right to erasure
Right to restriction of processing
Right to data portability

10. Roles and Responsibilities

· The healthcare provider acts as the data controller
Aritium acts as a data processor, providing the technology platform

Responsibilities may vary depending on the specific implementation.

11. Changes to this Policy

Aritium reserves the right to update this Privacy Policy as necessary to reflect changes in the platform, legal requirements, or data processing activities.

12. Contact Information

Aritium Technologies S.L.
Email: gdpr@aritium.com

Cookie	Duración	Descripción
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.