Skip to main content

tio App Privacy Policy

(Last updated: June 2026)

1. Data Controller

The controller responsible for data processing under the General Data Protection Regulation (GDPR) is:

tio health UG (limited liability)
Holsteinische Str. 34
10717 Berlin
Germany

Email: info@tiohealth.care

(hereinafter referred to as “tio health”, “we”, “us”, or “our”)

2. General Information on Data Processing

We process personal data exclusively in accordance with applicable data protection laws, in particular the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

Personal data means any information relating to an identified or identifiable natural person.

As the app may process health-related information, certain data may qualify as health data under Article 9 GDPR and are therefore subject to special legal protection.

3. What Data We Process

Depending on how you use the app, we may process the following categories of data:

Account Data

  • Email address
  • User ID
  • Registration date and time
  • Language preferences

Child Profile Data

  • First name (or nickname) and last name
  • Date of birth
  • Sex
  • Developmental information
  • Health information

HealthLog Data

  • Symptoms
  • Observations
  • Events
  • Medications
  • Vaccinations
  • Documents
  • Photos
  • Notes

Chat Data

  • Chat requests
  • Chat histories
  • Usage information

Appointment Preparation Data

  • Information regarding the medical appointment
  • Complaints and concerns
  • Symptoms
  • Observations
  • Free-text entries
  • Responses within structured questionnaires

Technical Data

  • Device information
  • Operating system
  • App version
  • Error logs
  • Usage data

4. Purposes of Processing

We process personal data for the following purposes in particular:

  • Providing the app
  • Managing user accounts
  • Storing child profiles
  • Maintaining the HealthLog
  • Providing tio Chat
  • Appointment preparation
  • Generating structured summaries
  • Providing PDF exports
  • Communicating with users
  • Improving the app
  • Analyzing usage
  • Troubleshooting and error correction
  • Ensuring security and stability

5. Legal Bases for Processing

Where we process personal data, such processing is based in particular on the following legal grounds:

Article 6(1)(b) GDPR

Processing necessary for the performance of the user agreement.

Article 6(1)(a) GDPR

Processing based on your consent.

Article 6(1)(f) GDPR

Processing based on our legitimate interests, particularly for maintaining security, stability, and further development of the app.

Article 9(2)(a) GDPR

Processing of health data based on your explicit consent.

6. User Account

A user account is required to use the app.

For this purpose, we process in particular:

  • Email address
  • User ID
  • Authentication information
  • User settings

Processing is carried out to provide the app and is based on Article 6(1)(b) GDPR.

7. Child Profiles

Users may store information about their children within the app.

This information is used for personalization, documentation, and the provision of additional app features.

Where health data is processed, such processing is based on your explicit consent pursuant to Article 9(2)(a) GDPR.

8. HealthLog

The HealthLog allows users to document health-related information.

This may include:

  • Symptoms
  • Observations
  • Medications
  • Medical appointments
  • Developmental information
  • Documents
  • Photos

This information is stored in order to provide users with a structured overview of their child’s health and development.

9. tio Chat

The app includes an AI-powered chat feature.

When you use tio Chat, the information you enter is processed to generate responses.

The responses provided are intended solely for general information and guidance purposes.

tio Chat does not replace professional medical advice, diagnosis, or treatment.

10. Selection of a Pediatric Practice

Users may select a pediatric practice within the app.

Selecting a practice does not automatically result in the transfer of any data.

In particular, practices do not receive access to:

  • User accounts
  • Child profiles
  • HealthLogs
  • Chat histories

Any transfer of information takes place exclusively in accordance with Section 11 of this Privacy Policy.

11. Digital Appointment Preparation

General

The app enables users to prepare for medical appointments through a structured intake process.

Users may enter information regarding symptoms, complaints, observations, and reasons for a medical visit.

This information is processed, structured, and normalized in order to generate a standardized summary.

Partner Practices

If the selected practice is a tio health partner practice, the information collected during appointment preparation may be transmitted to that practice after the user has provided explicit consent.

Such transmission occurs exclusively on the basis of an active opt-in by the user.

Non-Partner Practices

For practices that are not connected to tio, no information is transmitted by tio health.

Users may instead generate a PDF summary and share it independently with the practice of their choice.

12. Transfer of Data to Partner Practices

The following information may be transferred after the user’s explicit consent:

  • Appointment-related information
  • Symptoms
  • Complaints
  • Observations
  • Structured questionnaire responses
  • Generated summaries

The following information is not transferred:

  • Complete child profiles
  • HealthLogs
  • Chat histories
  • Other app usage data

Once the information has been imported into a practice management system or patient record, the respective medical practice becomes an independent controller under the GDPR.

13. PDF Export

Users may export summaries as PDF files.

Any sharing of PDF files takes place solely at the user’s own initiative.

Once a PDF has been shared outside the app, any further processing is no longer under the responsibility of tio health.

14. Use of OpenAI

To provide tio Chat and to translate voluntary free-text entries within the appointment preparation process, we use services provided by:

OpenAI Ireland Ltd.

Chat Functionality

When using tio Chat, the information entered is processed in order to generate responses.

Translation of Free-Text Entries

Within the appointment preparation process, voluntary free-text entries may be automatically translated into German.

This applies exclusively to free-text entries such as:

  • Parent observations
  • Reason for the medical visit
  • Other voluntary descriptions

Structured responses within the appointment preparation process are not transmitted to OpenAI for translation purposes.

OpenAI processes data under a Data Processing Addendum (DPA) and the European Commission’s Standard Contractual Clauses (SCCs).

15. Firebase Cloud Messaging

We use Firebase Cloud Messaging (FCM), a service provided by Google, to send push notifications.

Push notifications are only sent if users have explicitly enabled them.

The legal basis for processing is Article 6(1)(a) GDPR.

16. Google Analytics

We use Google Analytics to analyze and improve the app.

Google Analytics is only activated with your explicit consent.

The following categories of data may be processed:

  • Device information
  • Usage data
  • Interaction data

The legal basis for processing is Article 6(1)(a) GDPR.

You may withdraw your consent at any time.

17. RevenueCat

We use RevenueCat for the technical management of subscriptions.

The following information may be processed:

  • User IDs
  • Subscription status
  • Purchase status

Payment information is processed exclusively by Apple or Google and is not accessible to tio health.

18. Recipients of Personal Data

Personal data may be disclosed to the following recipients:

  • OpenAI
  • Google Analytics
  • Firebase
  • RevenueCat
  • Hosting and infrastructure providers
  • Partner practices (only after explicit consent)
  • Authorities or institutions where required by law

No further disclosure of personal data takes place.

19. Data Retention

We store personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy.

User accounts and the information contained therein are generally retained until the user deletes their account.

After account deletion, personal data is generally deleted within 30 days unless legal retention obligations require a longer retention period.

Backup copies may remain for up to 90 days.

20. Your Rights

Under applicable data protection laws, you have the following rights in particular:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent at any time

To exercise your rights, please contact us at any time.

21. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority.

The competent supervisory authority for tio health is:

Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59–61
10555 Berlin
Germany

22. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy where necessary due to technical, legal, or organizational changes.

Users will be informed of any material changes in a timely manner.

Legal notice

Privacy policy

Cookie settings

info@tiohealth.care

LinkedIn

©  2026. tio health UG