Privacy Policy
Last updated: May 2025
Application: Sophopsy - Psychiatric and Psychoanalytic Platform
1. Collected Data
Identity Data
- Full name, email, phone number
- Profile picture, city, neighborhood
- Date of birth, gender, profession
Sensitive Medical Data
- Medical history and current treatments
- Allergies and therapeutic notes
- Marital status (optional)
Special Protection
Patient/guardian notes and login passwords are encrypted before storage to ensure maximum security:
- Differential encryption: Patient and guardian passwords are securely hashed using industry-standard SHA-256 encryption before being stored
- No 2FA compensated by: lockout after 5 attempts and short sessions
- Patient notes are encrypted using AES-256 encryption before storage
2. Data Usage
| Data |
Purpose |
Legal Basis |
| Medical history |
Personalized care |
Art. 9.2.h GDPR (healthcare) |
| Passwords |
Secure access to patient/guardian spaces |
Art. 6.1.c GDPR (legal obligation) |
3. Security Measures
Encryption
- SHA-256 (patient passwords, stored securely)
- SHA-256 (guardian passwords, stored securely)
- AES-256 (patient notes, stored securely)
Controls
- Access logging
- AES-256 encryption of notes
- HDS-certified hosting
4. Your Rights
Under GDPR, you can:
- Access your data
- Request rectification
- Delete your account
- Withdraw guardian consent
GDPR Request Form
