Enoda Health

Enoda Health Ltd. Privacy Policy 

Effective Date: May 7, 2026

1. Introduction

Enoda Health Ltd. (“Enoda,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy describes how we collect, use, and safeguard personal information in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This policy applies to our website visitors, potential customers, research collaborators, and individuals using our mobility data platform.

2. Information We Collect

We collect and process different types of personal data depending on your interaction with us:

  • Identity and Contact Data: Name, job title, organization/institution, email address, and telephone number.
  • Technical Data: Internet protocol (IP) address, browser type and version, time zone setting, operating system, and platform used to access our website.
  • Usage Data: Information about how you use our website and services.
  • Health and Clinical Data: When providing our mobility data solution, we may process pseudonymized health data, including mobility metrics (Digital Mobility Outcomes), clinician-inputted material via our Electronic Data Capture (EDC) system, and raw sensor data from wearable devices.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. How We Use Your Information

Enoda processes personal data for the following purposes:

  • Service Provision: To provide our end-to-end mobility data platform, including data processing through our algorithm pipeline.
  • Research and Development: To validate mobility measures and improve our state-of-the-art algorithms for conditions such as Parkinson’s, MS, COPD, and hip fracture recovery.
  • Business Development: To engage with researchers, pharma companies, and clinical trial sponsors, including outreach via professional cadences.
  • Regulatory Compliance: To prepare data for regulatory submissions to bodies such as the FDA and EMA.
  • Website Optimization: To ensure website content is presented effectively for you and your device.

4. Legal Basis for Processing

We rely on the following legal bases under GDPR:

  • Performance of a Contract: Processing is necessary for the performance of a contract to which you are a party.
  • Legitimate Interests: Processing is necessary for our legitimate interests (e.g., business development, platform security, and product improvement), provided these do not override your fundamental rights.
  • Consent: Where you have provided explicit consent for specific processing activities, such as receiving marketing communications.
  • Scientific Research: Processing of special category health data is conducted under Article 9(2)(j) of the GDPR for scientific research purposes, subject to appropriate safeguards.

5. Data Sharing and Disclosure

We may share your information with:

  • Service Providers: Third-party vendors who provide IT, system administration, and CRM services (e.g., HubSpot, Apollo).
  • Clinical and Research Partners: Collaborators involved in the technical or clinical validation of mobility measures.
  • Regulatory Authorities: When required for FDA or EMA submission or to comply with legal obligations.
  • Professional Advisers: Including lawyers, auditors, and insurers.

6. International Transfers

If we transfer your personal data outside the European Economic Area (EEA) or the United Kingdom, we ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:

  • Transferring data to countries deemed to provide an adequate level of protection by the European Commission.
  • Using specific Standard Contractual Clauses (SCCs) approved for use in the EEA/UK.

7. Data Security and Retention

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. We limit access to your personal data to those employees and third parties who have a business need to know.

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or regulatory reporting requirements.

8. Your Rights

Under the GDPR, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data under certain conditions.
  • Right to Restrict Processing: Request the restriction of processing your personal data.
  • Right to Data Portability: Request the transfer of your data to another party.
  • Right to Object: Object to the processing of your data where we rely on legitimate interests.

9. Cookies

Our website uses cookies to distinguish you from other users and to provide a high-quality experience. You can set your browser to refuse all or some browser cookies, but this may affect the functionality of the website.

10. Contact Information

For questions regarding this policy or to exercise your data protection rights, please contact:

Data Protection Officer
Enoda Health Ltd.
Email: DPO@enoda-health.com
Address: Cobh Enterprise Centre, Arch Building, Roger Casement Square, Cobh, Cork, P24 RX89, Ireland