tuth.appAlle Artikel

Hilfe-Center

GDPR and your patient data

Patient records are health data — special-category under Article 9. Here is how we handle them and what you can ask of us.

Derzeit nur auf Englisch verfügbar. Übersetzungen folgen in Kürze.

Where data lives

Application data is stored exclusively in the European Union — Scaleway in Paris. We never transfer personal data outside the EU/EEA. Transactional email goes through Scaleway TEM, also EU-hosted.

The two roles

Your clinic is the controller for the patient records you enter. tuth.app is the processor under Article 28 GDPR. The Data Processing Agreement at /dpa formalises that relationship.

Data subject requests

If a patient asks for access, rectification, erasure, portability, or restriction of their data, contact your clinic — they are the controller. We will assist any clinic that asks us to facilitate a request.

Your rights as an account holder

Account holders may exercise the same rights for their own data (email, name, login activity). The fastest path is the form at /data-request, or write to tuth@yet.lu.

Always obtain a lawful basis before entering patient identifying data. Article 9(2)(h) covers processing necessary for the provision of dental care under your professional obligation of confidentiality.