Privacy Policy

Last updated: January 2026

1. Who We Are

MedMatch (“we”, “our”, “us”) operates the platform at clinicaltrials.gr. We are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and Greek law.

2. Data We Collect

  • Account data: name, email address, and encrypted password.
  • Health profile data: age, sex, medical conditions, medications, and lifestyle information you voluntarily provide to enable trial matching.
  • Usage data: pages visited, features used, and interactions within the platform (collected via anonymized analytics).
  • Communication data: emails or messages you send us.

3. How We Use Your Data

  • To match you with eligible clinical trials based on your health profile.
  • To operate, maintain, and improve the platform.
  • To communicate with you about your account and matched trials.
  • To comply with applicable legal and regulatory obligations.

4. Health Data

Health information is considered special-category data under GDPR Article 9. We process it solely on the basis of your explicit consent (Article 9(2)(a)) and only for the purpose of facilitating clinical trial matching. You may withdraw consent at any time by deleting your account from the settings page.

5. Data Sharing

We do not sell your personal data. We share data only:

  • With the clinical trial sponsor or site, and only when you explicitly express interest in enrolling in a specific trial.
  • With sub-processors (e.g., cloud infrastructure providers) under strict data processing agreements.
  • When required by law or to protect the rights and safety of users.

6. Your Rights

Under GDPR you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request erasure of your data (“right to be forgotten”).
  • Object to or restrict certain types of processing.
  • Data portability.
  • Lodge a complaint with the Hellenic Data Protection Authority (HDPA).

To exercise any right, email us at privacy@clinicaltrials.gr.

7. Data Retention

We retain your account data for as long as your account is active. Health profile data is deleted within 30 days of account deletion. Anonymized, aggregated analytics data may be retained indefinitely.

8. Security

We implement industry-standard technical and organizational measures to protect your data, including encryption at rest and in transit, access controls, and regular security reviews.

9. Contact

For privacy-related inquiries, contact our Data Protection Officer at privacy@clinicaltrials.gr.