26 answers to the questions we're asked most often. If yours is not here, write to us at hello@mydatamycare.com.
Yes. Your data is encrypted on your device (AES-256) before being sent. It is hosted in France with an HDS-certified provider. Even our team cannot read it without your cryptographic authorization.
It is an architecture where the provider cannot access the data it hosts. The decryption key remains with you. Without it, what we store is unusable — including for us.
No. Our servers are exclusively in France, with a French HDS-certified host. No foreign authority can compel us. Some competitors host on AWS — we do not.
Thanks to client-side encryption, a database leak gives unreadable blobs. Your encrypted local cache remains accessible even if our servers are down — you continue to consult your passport in read mode.
Published quarterly external audits, public bug bounty, and open source on critical components (FHIR connectors, mobile app). Verifiable by anyone.