Privacy Policy

Myant — How we collect, use, and protect your information

Last updated: July 2025Effective: July 23, 2025

1Data Controller

Myant Europe AG ("Myant Europe", "we", "us", or "our") is the data controller responsible for the processing of your personal data in connection with the SKIIN™ Screening service and the myanthealth.eu website (collectively the "Service").

Myant Europe AG
Bahnhofstrasse 21
6300 Zug, Switzerland

Email: privacy.europe@myant.ca

Where Myant Medical Corp. (Canada) jointly processes data with Myant Europe AG, it acts as a joint controller. The respective responsibilities are set out in a joint controller agreement.

2Scope of this Policy

This Privacy Policy ("Policy") describes how Myant Europe AG collects, uses, and discloses personal data about you when you:

  • Visit and use our website at www.myanthealth.eu;
  • Use the SKIIN™ Screening service, including device use, the SKIIN™ mobile application, and related telehealth services;
  • Contact our customer support;
  • Subscribe to our newsletter or other communications.

This Policy does not apply to third-party websites, applications, or services linked from our Service. We encourage you to review the privacy policies of any third parties you interact with.

By using the Service, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, please do not use the Service.

3Information We Collect

3.1 Information You Provide Directly

  • Account Information: Name, email address, password, date of birth, gender, country of residence;
  • Health Information: Medical history, symptoms, medications, cardiac data recorded by SKIIN™ devices, healthcare provider information;
  • Payment Information: Billing address, payment method (processed securely by third-party payment processors — we do not store full payment card details);
  • Communications: Messages you send us via email, chat, or support forms.

3.2 Information We Collect Automatically

  • Device Data: Cardiac rhythm data, heart rate, movement data, and other biometric data collected via SKIIN™ wearable devices;
  • Usage Data: App interactions, feature usage, session duration, crash reports;
  • Technical Data: IP address, device type, operating system, browser type, language preference;
  • Location Data: Approximate location derived from IP address (we do not collect precise GPS location without explicit consent).

3.3 Information from Third Parties

  • Healthcare Providers: Where you have authorized your healthcare provider to share information with us for the purpose of the SKIIN™ Screening service;
  • Analytics Providers: Aggregated analytics about website and app usage.

5How We Share Your Information

We do not sell, rent, or trade your personal data. We may share your data with the following categories of recipients:

  • Healthcare Professionals: Cardiologists and other certified healthcare professionals who review your SKIIN™ Screening results as part of the Service;
  • Service Providers: Third-party processors supporting our operations (cloud hosting, payment processing, analytics, customer support), each bound by data processing agreements;
  • Myant Group Companies: Myant Medical Corp. (Canada) and other Myant affiliates for purposes of delivering the Service and product improvements, under appropriate safeguards;
  • Legal and Regulatory Authorities: Where required by law, court order, or governmental authority;
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity subject to equivalent privacy protections.

6International Data Transfers

Myant Europe AG is based in Switzerland. Some of our service providers and group companies are located outside the European Economic Area (EEA) and Switzerland, including in Canada.

Where we transfer personal data to countries that do not provide an equivalent level of data protection, we rely on one or more of the following safeguards:

  • Adequacy Decisions: The European Commission has recognized Canada (for PIPEDA-covered entities) as providing adequate protection under GDPR;
  • Standard Contractual Clauses (SCCs): We use EU Standard Contractual Clauses approved by the European Commission for transfers to third countries where no adequacy decision applies;
  • Swiss Data Transfer Mechanisms: For transfers from Switzerland, we comply with applicable Swiss data protection law requirements.

You may request a copy of the safeguards applicable to international transfers by contacting us at privacy.europe@myant.ca.

7Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our standard retention periods are:

  • Account Data: For the duration of your account plus 3 years after closure;
  • Health and Screening Data: For the duration of the SKIIN™ Screening service engagement plus 10 years, in accordance with applicable healthcare regulations;
  • Transaction Records: 10 years from the date of transaction, for tax and accounting purposes;
  • Marketing Data: Until you withdraw consent or opt out;
  • Technical Logs: Up to 12 months.

After the applicable retention period, data is securely deleted or anonymised.

8Your Privacy Rights

Under the GDPR and applicable Swiss data protection law, you have the following rights in relation to your personal data:

  • Right of Access (Art. 15 GDPR): You may request a copy of the personal data we hold about you;
  • Right to Rectification (Art. 16 GDPR): You may request correction of inaccurate or incomplete data;
  • Right to Erasure (Art. 17 GDPR): You may request deletion of your data in certain circumstances (the "right to be forgotten");
  • Right to Restriction (Art. 18 GDPR): You may request that we restrict processing of your data in certain circumstances;
  • Right to Data Portability (Art. 20 GDPR): You may request your data in a structured, machine-readable format for transfer to another controller;
  • Right to Object (Art. 21 GDPR): You may object to processing based on legitimate interests or for direct marketing purposes;
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing;
  • Right to Lodge a Complaint: You have the right to lodge a complaint with your national supervisory authority. For EU residents, this may be the data protection authority in your country of residence. For Switzerland-based users, this is the Federal Data Protection and Information Commissioner (FDPIC).

To exercise any of these rights, contact us at privacy.europe@myant.ca. We will respond within 30 days (extendable by 2 additional months in complex cases, with notice).

9Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

  • Encryption of data in transit (TLS/HTTPS) and at rest;
  • Access controls and authentication requirements for staff;
  • Regular security assessments and penetration testing;
  • Data minimisation and pseudonymisation where feasible;
  • Staff training on data protection and security;
  • Incident response procedures and breach notification processes.

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, inform you directly.

Despite our security measures, no transmission or storage system is completely secure. If you believe your data has been compromised, contact us immediately at security@myant.ca.

10Cookies and Tracking

We use cookies and similar tracking technologies on our website and app. These include:

  • Essential Cookies: Necessary for the website to function and cannot be disabled;
  • Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics);
  • Functional Cookies: Enable enhanced features and personalisation;
  • Marketing Cookies: Used to deliver relevant advertising (only where you have consented).

You can manage your cookie preferences through our cookie consent tool, accessible via the "Cookie Settings" link in the website footer, or through your browser settings. Please note that disabling certain cookies may affect the functionality of the Service.

11Children's Privacy

The Service is not directed to children under the age of 18. We do not knowingly collect personal data from children under 18. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at privacy.europe@myant.ca and we will promptly delete such data.

12Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this Policy;
  • Notify registered users by email or in-app notification at least 30 days before changes take effect;
  • Where required by law, seek your renewed consent.

We encourage you to review this Policy periodically. Your continued use of the Service after the effective date of any changes constitutes acceptance of those changes.

13Contact Us

For any questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

Data Protection Officer
Myant Europe AG
Bahnhofstrasse 21
6300 Zug, Switzerland
Email: privacy.europe@myant.ca

You also have the right to lodge a complaint with your local supervisory authority: