Privacy Policy

Alethia ApS is the data controller for the processing of personal data we receive about you. Our contact details are:

If you have questions about how we process your personal data, please feel free to contact us using the details above.

We process the following categories of personal data depending on how you interact with us:

Contact and booking

• Name, email, phone number
• Booking information (date, time, service)
• Communication via email, phone, or contact form

Clinical treatment (health data)

• Health information related to assessment and treatment
• Psychological and psychiatric evaluations
• Assessment results and diagnostic conclusions
• Treatment plans and clinical notes
• Medication prescriptions and follow-up

Payment

• Billing information (name, address, CPR number for reimbursement)
• Payment history

We process your personal data for the following purposes:

We retain your personal data for as long as necessary for the purposes for which it was collected:

• Patient records: Minimum 10 years after the last entry, per the Danish Record-Keeping Order. For minor patients, records are kept until the patient turns 28.
• Accounting records: 5 years from the end of the financial year the material relates to, per the Danish Bookkeeping Act.
• Contact inquiries: Deleted when the inquiry has been answered and no client relationship has been established, unless there is a legitimate reason to retain them longer.

We may share your personal data with the following recipients:

• Planway: Online booking system for managing appointments.
• Clinical record system: Secure digital record-keeping for clinical data.
• Accountant/bookkeeper: For accounting purposes.
• Public authorities: Where we are legally obligated, e.g., the Danish Patient Safety Authority or the Danish Data Protection Agency.
• Anthropic (USA): AI service provider for documentation assistance and voice assistant. Data Processing Agreement with Standard Contractual Clauses in effect. Zero-retention policy: no data stored after processing.
• ElevenLabs: Voice synthesis for phone booking. No personal data processed.

We have entered into data processing agreements with all third parties that process personal data on our behalf.

We use AI technology to support our clinical and administrative work. The following tools are in use:

Clinical documentation (Portal)
Clinical documentation is written by your practitioner. AI-assisted tools may be used to help with translation, phrasing, and structuring of text. Your personal information is handled exclusively by the practitioner. A licensed clinician always reviews and approves the final document before use.

Voice assistant (Hermes)
An AI-powered voice assistant is available on our website to answer general questions about wait times, pricing, the assessment process, and booking. Hermes identifies itself as an AI assistant. It does not provide clinical advice, interpret assessment results, or make diagnostic statements. You can always contact us directly instead.

What data is processed by AI tools?

Your choices

• You can request that clinical documentation be prepared without AI assistance
• You can contact us via email or phone instead of using the voice assistant

AI tools are assistive. They support our clinicians but never make clinical decisions.

We use AI services provided by Anthropic (United States) for documentation assistance and voice assistant. This involves transfer of personal data to the United States.

Legal basis for transfer

• Standard Contractual Clauses (SCCs) as part of our Data Processing Agreement with Anthropic
• Anthropic is certified under the EU-US Data Privacy Framework

Supplementary safeguards

• Zero-retention policy: Anthropic does not store input or output data after processing. Your data exists on their servers only for the seconds it takes to generate a response.
• No personal data: Personal data such as names and CPR numbers are never sent to the AI service. The practitioner adds these manually to the final document.
• Encryption: All data is transmitted via HTTPS/TLS 1.3.
• No model training: Your data is never used to train or improve AI models.

We also use ElevenLabs for voice synthesis in our phone booking system. Only standardized response text is sent to ElevenLabs. No personal data or health information.

Under the General Data Protection Regulation, you have a number of rights regarding our processing of your personal data:

• Right of access: You have the right to access the personal data we process about you.
• Right to rectification: You have the right to have inaccurate personal data corrected.
• Right to erasure: In certain cases, you have the right to have your personal data deleted. Note: Patient records generally cannot be deleted due to the record-keeping obligation.
• Right to restriction: In certain cases, you have the right to restrict the processing of your data.
• Right to object: In certain cases, you have the right to object to our processing of your data.
• Right to data portability: In certain cases, you have the right to receive your data in a structured, commonly used, and machine-readable format.

If you wish to exercise your rights, please contact us at [email protected].

You have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet) if you are dissatisfied with how we process your personal data:

Our website only uses technically necessary cookies to ensure the website functions correctly (e.g., language selection). We do not use tracking cookies or third-party cookies. We collect anonymous usage statistics (page views, country, device type) via our hosting provider Vercel. This data contains no personal information, uses no cookies, and cannot be linked to individuals.

The contact form on the website sends your information directly to our email. The information is not stored on the website's server.

We reserve the right to update this privacy policy. In the event of significant changes, we will inform you via the website. The latest version will always be available on this page.