Data privacy : our top priority
All services developed on our padoa platform comply with European legislation, and have done so since day one.


Strict Compliance With Regulations
We strictly comply with the applicable regulations governing the protection of personal health data: the European General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), the occupational health regulations set out in the ArbMedVV, and the medical duty of confidentiality under Section 203 of the German Criminal Code (StGB). In France, we also comply with the requirements of the ‘Informatique et Libertés’ Act (LIL) and the security criteria of the PGSSI-S (General Security Guidelines of the French Ministry of Health).
We are committed to protecting your privacy from the moment we design our products
The protection of your data is our priority from the moment our platform is designed: we implement strict data access controls with continuous testing.
Access rights to our environments are strictly regulated. The design, sales, and marketing teams work exclusively in fictitious environments. Some of our employees, developers, and project managers may have access to individual health data to carry out their duties. This access is necessary to ensure the technical continuity and quality of our services. Access is granted on a named basis, assigned by client, and reviewed regularly. All employees are contractually bound by confidentiality. All their actions are tracked and auditable.

Our teams are trained in data security and regular reminders ensure that this topic remains at the heart of our concerns.
Each year, an external security audit in padoa, and a penetration test, are implemented to verify the compliance of our practices.