Security & Privacy

🇪🇺 100% European Infrastructure

Your Health Data,
Protected in Europe

We built Healthbase on European infrastructure from day one. Your data never leaves the EU and is encrypted at every step.

Click on a location to learn more

🇩🇪

Nuremberg

Germany

Primary Storage

Your documents and health data are stored here, encrypted at rest with AES-256.

Powered by

Hetzner
🇫🇮

Helsinki

Finland

AI Processing

Our EU-hosted language models analyze your documents here. Data is processed in memory only.

Powered by

Nebius
🇳🇱

Amsterdam

Netherlands

AI Processing

Redundant AI infrastructure ensures fast response times across Europe.

Powered by

Nebius
🇫🇷

Paris

France

Encrypted Backups

Daily encrypted backups ensure your data is never lost. Backups are geo-redundant.

Powered by

Scaleway

What happens with your data

From upload to insights — here's exactly how we handle your documents.

01

Upload & Encrypt

Your document is encrypted in transit using TLS 1.3 before leaving your device

02

Secure Storage

Encrypted file stored on Hetzner servers in Nuremberg, Germany

03

AI Analysis

Document sent to Nebius EU servers for text extraction and analysis

04

Data Extraction

Lab values, medications, and key information extracted and structured

05

Insights Ready

Structured data encrypted and stored — ready for you to explore

Common Questions

Everything you need to know about how we protect your data.

Your data is primarily stored on Hetzner servers in Nuremberg, Germany. We chose Hetzner for their strong privacy stance, 100% renewable energy, and German data protection standards. Encrypted backups are stored with Scaleway in Paris, France.

All data is encrypted at rest using AES-256 encryption. Data in transit is protected with TLS 1.3. We're working on end-to-end encryption where even we cannot access your data — coming in a future update.

Only you. We do not sell, share, or monetize your data in any way. Our AI processes your documents to extract insights, but this happens in isolated, secure environments. No human at Healthbase ever sees your personal health information.

We use EU-hosted language models via Nebius, with infrastructure in Helsinki and Amsterdam. This means your data never leaves Europe, even for AI processing. We specifically chose providers with strong GDPR compliance and data processing agreements.

Yes, fully. We're built from the ground up for GDPR compliance. You have the right to access, export, and delete all your data at any time. We only collect data necessary for the service, and we're transparent about how it's used.

Absolutely. You can delete your entire account and all associated data at any time from Settings. Deletion is permanent and includes all documents, extracted data, conversation history, and backups. We retain nothing.

In the unlikely event of a breach, we will notify affected users within 72 hours as required by GDPR. However, because your data is encrypted, even if accessed, it would be unreadable without the encryption keys which are stored separately.

You're In Control

Your data belongs to you. Export everything or delete your account anytime — no questions asked.

Export All DataDelete Account