These Terms apply to patients using My Data My Care. Healthcare professionals are covered by the professional Terms of Sale.
1. Purpose
My Data My Care is a digital health passport that allows patients to centralize, encrypt, share, and control their health data. These Terms govern access to and use of the service.
2. Acceptance
Use of the service implies full and unconditional acceptance of these Terms. The user must be at least 15 years old (progressive medical majority) or hold authorization from their legal representative.
3. Account creation and access
- Free account creation via verified email or WebAuthn passkey
- Strong authentication required (passkey, biometrics, or second factor)
- INS-IAS identity verification to access medical features
- A single decryption key, held by you, derived from your passphrase
Losing your key = irreversible loss of access. The zero-knowledge architecture makes any recovery impossible without your key. Keep your BIP-39 recovery code safe.
4. My Data My Care commitments
We commit to:
- Host your data exclusively in France with an HDS-certified provider
- Encrypt your data on the client side before any transmission
- Never resell, transfer, or monetize your health data
- Never contractually bundle our modules (full freedom of activation)
- Maintain complete one-click portability in FHIR R4 format
- Cap any annual price increase at inflation + 2%
- Publish a quarterly security audit report
5. User obligations
- Provide accurate information when creating the account
- Do not share your credentials or decryption key
- Use the service in accordance with its purpose (personal health monitoring)
- Do not attempt to access third-party accounts
- Report any security vulnerability to security@mydatamycare.com
6. Service and availability
The service is provided 24/7 with a target availability of 99.5%. In case of a major incident, your passport remains accessible in read-only mode via your device's encrypted local cache (offline-first mode).
7. Pricing
The base offer is free for life. The Premium offer is available with no commitment and immediate cancellation. Full pricing at /prix.
8. Termination and portability
You may delete your account at any time from your settings. Before deletion, you may export all your data in FHIR R4 format. After deletion, your data is erased within 30 days, except for legal obligations (in particular 20-year retention of health data if you have requested it).
9. Liability
My Data My Care provides a centralization and sharing tool. The service is not a medical device and does not replace the advice of a healthcare professional. Medical decisions remain the responsibility of the practitioner and the patient.
10. Governing law
These Terms are governed by French law. Any dispute falls under the jurisdiction of French courts, subject to mandatory consumer protection provisions.
Legal framework — France
In France, these Terms are interpreted under the following laws:
- Public Health Code, art. L1111-5 — progressive medical majority at age 15
- Public Health Code, art. L1111-8 — HDS-certified hosting mandatory for health data
- Consumer Code, art. L121-16 et seq. — distance contracts
- GDPR (EU 2016/679) and <strong>French Data Protection Act</strong> n° 78-17 as amended
- Order of 21 June 2022 — HDS v2 repository (Agence du Numérique en Santé)
Hosting : Exclusively in France at a provider certified HDS v2 (Health Data Hoster) registered with ANS.
Data protection authority : Commission Nationale de l'Informatique et des Libertés (CNIL)
Governing law & jurisdiction : French law exclusively. French courts have jurisdiction, subject to mandatory consumer-protection provisions (art. R212-1 Consumer Code).
11. Contact
legal.cgu.sections.contact.body