Global Privacy and Data Protection Policy

Last Updated: June 1, 2026

The company WRAPTOR (hereinafter “WRAPTOR”, “we”, “us”, or “our”), with its registered office located at 248 avenue des Paluds, Centre de vie Agora Bâtiment A, 13400 AUBAGNE (France), attaches paramount importance to the protection of privacy, professional secrecy, and the personal data of its users.

This Privacy Policy applies to all services, products, and software solutions published by WRAPTOR, including:

  • Our mobile applications distributed on the Google Play Store and Apple App Store;
  • Our web-based applications, solutions, and portals accessed via web browsers;
  • Our backend modules, APIs, and applications (Java/J2EE) handling server-side data processing and system interconnections .

The purpose of this document is to inform users and our business partners transparently about how their data is collected, used, processed, and protected, in accordance with the General Data Protection Regulation (GDPR), applicable French legislation (Loi Informatique et Libertés), and the developer program policies of mobile distribution platforms.

1. Data Controller

The data controller responsible for processing personal data is:

WRAPTOR
248 avenue des Paluds
Centre de vie Agora Bâtiment A
13400 AUBAGNE, France
SIRET: 41518515600056
Contact Email: contact@wraptor.fr

2. Categories of Data Collected and Purposes of Processing

Within the scope of using our mobile, web, and backend solutions, WRAPTOR collects and processes personal data only in an adequate, relevant, and strictly limited manner relative to the purposes of providing integration and digital healthcare IT services:

A. Mobile Applications (Google Play & App Store)

By downloading and using our mobile applications, certain technical and profile information may be required:

  • Technical Data: Unique device identifiers, connection logs, device model, and operating system version. Purpose: To ensure technical operation, application security, and the smooth transmission of application data.
  • Profile Data: If the mobile application requires authentication, we collect credentials (first name, last name, email address, healthcare professional accounts). Purpose: User account management and secure access control.

B. Web Applications and Portals

  • Connection Data: IP addresses, access logs, and technical session cookies. Purpose: Securing portal access, ensuring user action traceability (mandatory under healthcare compliance rules), and interface optimization.
  • Form Data: Information entered by users through support forms or online service requests. Purpose: Processing customer support requests and managing client relationships.

C. Backend Applications (Java / Server Flux)

Our Java backend applications primarily operate within the secure framework of healthcare data exchange and system interoperability:

  • Healthcare Data Processing: In the context of our EAI solutions, MSSanté gateways, or INSi services, our Java backend engines process identification data (such as national health identifiers / INS) and health data.
  • Purpose and Role as a Data Processor: For these server-side applications, WRAPTOR acts primarily as a Data Processor under GDPR, on behalf of its clients (healthcare institutions, hospitals, medical professionals) who remain the Data Controllers. All data flows are fully encrypted and processed exclusively according to the client’s instructions.

3. Legal Basis for Processing

Depending on the specific application used, data processing is based on:

  • The performance of a contract or terms of service binding WRAPTOR to the user or their affiliating healthcare institution.
  • Compliance with strict legal and regulatory obligations governing healthcare IT in France and Europe (including guidelines from the ANS, CNIL, and interoperability standards).
  • The legitimate interest of WRAPTOR to secure its web, mobile, and server infrastructures against fraud, unauthorized access, and cyber threats.

4. Data Sharing and Recipients

All data processed by our web, mobile, or backend applications is strictly confidential. WRAPTOR does not sell, rent, lease, or share any personal data with third parties for advertising or commercial marketing purposes.

Within the technical scope of the Android platform, native Google Play services may collect analytical data regarding crashes or installations. You can review their privacy policy here: Google Privacy Policy.

5. Data Retention Period

Personal data is retained only for the duration strictly necessary to fulfill the intended service purposes or to satisfy legal requirements:

  • Connection and security logs (Web and Java Backend) are stored in compliance with applicable healthcare traceability retention policies.
  • Mobile and web application account data is deleted or anonymized following prolonged inactivity or upon the explicit request of the user (or the authorizing client institution).

6. Infrastructure Security and Confidentiality

The entire WRAPTOR application ecosystem (web interfaces, mobile clients, and Java backend services) benefits from industrial and medical-grade security measures:

  • Systematic encryption of all data in transit (HTTPS, TLS, and secure healthcare-specific communication protocols).
  • Compliance with security frameworks issued by the ANS (Agence du Numérique en Santé).
  • Use of certified Healthcare Data Hosting (HDS / Hébergement de Données de Santé) for server architectures handling medical and patient records.

7. Your Rights (GDPR Compliance)

In accordance with the GDPR and relevant data protection laws, any individual has the right to access, rectify, erase, limit, and request the portability of their personal data.

Mobile Applications Account Deletion: If any of our mobile applications utilize a user account registration system, you have the right to request account closure and the immediate, permanent deletion of all associated data at any time.

To exercise your rights or for any questions regarding data management at WRAPTOR, you may contact us at:

WRAPTOR
248 avenue des Paluds
Centre de vie Agora Bâtiment A
13400 AUBAGNE, France
Email: contact@wraptor.fr

8. Policy Amendments

WRAPTOR reserves the right to adjust and update this Privacy Policy at any time to reflect functional updates to our web, mobile, and backend solutions, or changes in applicable laws and regulations.