Privacy Policy

Last updated: 20 October 2025

Table of contents

  1. Introduction
  2. Applicable Areas for this Privacy Policy
  3. Personal Data Being Processed
  4. Sensitive Personal Data
  5. Consent
  6. Purpose of Processing Personal Data
  7. Legal Basis for the Processing
  8. Information to Others
  9. Transfers to Third Countries
  10. Changes in the Privacy Policy
  11. Deleting Data
  12. Right to Request Information
  13. Security
  14. Complaints
  15. Contact Information

1. Introduction

MediTuner AB, 556982-8295 (“MediTuner“) processes Personal Data in MediTuner’s system AsthmaTuner. AsthmaTuner is a patented digital self-care and support system that provides people with asthma (the “User“) with an individually tailored treatment recommendation (hereafter referred to as the “Service“) that can also be provided by the User’s healthcare provider (the “Healthcare Provider“).

MediTuner is the data controller for the Personal Data that the User provides directly through the Service’s “User Account” and any subsequent processing of personal data in the User Account.

If the User accepts an invitation from the Healthcare Provider to connect the patient’s User account to the Healthcare Provider’s account in the Service (“Healthcare Provider account“) the Healthcare Provider becomes the data controller for all Personal Data in the Healthcare Provider account and with MediTuner being the data processor for Personal Data on behalf of respective Healthcare Provider.

MediTuner processes the User’s Personal Data in accordance with applicable laws and, where relevant, the Healthcare Provider’s instructions. MediTuner also takes appropriate technical and organizational measures to protect data from unauthorized access, destruction or alteration.

The purpose of the Personal Data processing is to provide the Service, i.e. AsthmaTuner that supports people with asthma by providing an individually tailored treatment recommendation. In addition, Personal Data may be used for marketing purposes, such as sending out newsletters.

If the User has questions regarding MediTuner’s Personal Data processing, the User can contact MediTuner. Information on how to contact MediTuner can be found under the heading “Contact Information” below. For questions regarding the Healthcare Provider’s processing of Personal Data, please refer to the respective Healthcare Provider.

2. Applicable Areas for this Privacy Policy

To whom does the Privacy Policy apply

This Privacy Policy (hereinafter referred to as the “Privacy Policy“) applies to individuals who register a User Account on AsthmaTuner. The User does not need to provide Personal Data, but MediTuner cannot provide the Service without the necessary Personal and Sensitive Personal Data.

When Does the Privacy Policy Apply

The Privacy Policy is designed to ensure that Users can feel confident that MediTuner handles the User’s Personal Data in line with applicable privacy legislation. The Privacy Policy applies to the Personal Data when MediTuner is the data controller and for the purposes stated in the heading below.

When Does the Privacy Policy Not Apply

This Privacy Policy does not cover how a Healthcare Provider processes Personal Data in the Healthcare Provider’s account. In such cases the Healthcare Provider is the data controller for the Personal Data, and MediTuner acts as the data processor on their behalf. In such cases, the User will be directed to seek information about the Privacy Policy from the Healthcare Provider.

The Privacy Policy does not apply to third party websites or systems that are not owned or managed by MediTuner. MediTuner has not reviewed these systems, websites, or other sites that contain links to the MediTuner website. The Privacy Policy does not apply to the processing of Personal Data that occurs on such websites and MediTuner is not responsible for the processing of Personal Data on websites that are not part of the MediTuner website. The User should therefore consult this website’s Privacy Policy before the User discloses their Personal Data.

3. Personal Data Being Processed

Personal Data refers to any information that can directly or indirectly identify a living individual. The Service may contain Personal Data relating to the User’s identification (name and social security number), contact information, health data, reference values (e.g. birth sex and weight), external and environmental data (e.g. geographical position), connections (e.g. information about the User’s relatives) and distribution (such as the User’s address). (collectively hereinafter “Personal Data”).

4. Sensitive Personal Data

Sensitive Personal Data includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or health-related information (hereinafter “Sensitive Personal Data“). Health information may include absence due to illness, illness, treatment and doctor’s visits.

Within the Service, MediTuner may process Sensitive Personal Data consisting of information about the User’s asthma, other information related to the User’s health condition and information about the User’s ethnicity.

When the User registers for the Service, they provide their consent to MediTuner for using and processing the User’s Personal Data and Sensitive Personal Data as described in the Privacy Policy, see purpose 1 below.

The User can revoke their consent at any time. However, if the User withdraws their consent, the Service will no longer be available to the User.

6. Purpose of Processing Personal Data

  1. The purposes of the processing of Personal Data are primarily to provide the Service and to improve the daily lives of people with asthma by providing self-care tools that offer individually tailored treatment recommendations.
  2. MediTuner may also use anonymized information for the purpose of developing and improving the Service (such as analysis of user patterns and treatment measures), provided that this is consistent with applicable data protection laws.
  3. MediTuner may also use the Personal Data for marketing purposes, primarily by using the User’s contact details (name, email address) for sending out newsletters.

For purpose 2 above, only anonymized data is processed. For purpose 3 above, no Sensitive Personal Data is processed.

For purpose 1 above, MediTuner processes the User’s Personal Data with the User’s consent.

For purpose 2 above, MediTuner only processes anonymized information, which means that the information is not to be considered as Personal Data in accordance with applicable data protection legislation. Therefore, MediTuner does not need to provide any legal basis for this purpose.

For purpose 3 above, MediTuner processes the User’s Personal Data with the support of their legitimate interest in being able to market the Service, as well as to send newsletters to the User and to provide the User with updates about the Service. In these cases, MediTuner has made a balance of interest assessment. Please note that only limited categories of Personal Data are processed for this purpose and that the User may oppose this processing at any time.

8. Information to Others

Personal Data entered by the User in their User Account may, where applicable, be shared with the User’s Healthcare Provider through the Healthcare Provider Account. MediTuner will not, without the User’s permission, disclose the User’s Personal Data to anyone other than what follows from this Privacy Policy.

MediTuner will not disclose the User’s Personal Data to third parties for commercial use.

MediTuner may use independent service providers for services related to the Service. These providers can handle Personal Data and sometimes need limited access to Personal Data collected for the Service. MediTuner will always strive to limit such access to Personal Data and only share information reasonably necessary for suppliers to do their job or provide their services. MediTuner will also require these providers to (i) protect your/your child’s Personal Data in accordance with this Privacy Policy and (ii) not use or disclose your/your child’s Personal Data for any purpose other than providing the Service.

In the event that suppliers process Personal Data on MediTuner’s behalf, as a so-called data processor, MediTuner will enter into an agreement with the supplier to regulate the processing of Personal Data, in accordance with applicable data protection legislation.

A User’s Personal Data may be transferred or transferred to a buyer or potential buyer in the sale, transfer or other transfer of all or part of MediTuner’s business or assets to the extent permitted by applicable data protection legislation.

9. Transfers to Third Countries

MediTuner does not transfer the User’s Personal Data to countries outside the EU/EEA.

10. Changes in the Privacy Policy

MediTuner reserves the right to revise this Privacy Policy from time to time. The date of the most recent change is stated at the top of the Privacy Policy. If MediTuner makes any changes to the Privacy Policy, MediTuner will publish these changes on www.medituner.com. Users are encouraged to review this Privacy Policy periodically to stay informed about any updates.

If MediTuner modifies the Privacy Policy so that it differs substantially from what was stated when the User consent was collected for Purpose 1 (see above), MediTuner will notify these changes and, if necessary, obtain new consent for the Personal Data processed for Purpose 1.

11. Deleting Data

The User’s Personal Data will not be retained for longer than is necessary for the purposes of the processing and MediTuner will delete Personal Data in accordance with applicable legislation.

12. Right to Request Information

The User is entitled to receive a copy of the Personal Data that is being processed (register extract) free of charge. For any additional copies requested, MediTuner may charge a reasonable fee based on administrative costs. The right to a copy should not adversely affect the rights and freedoms of others.

The User is entitled to request that MediTuner corrects Personal Data which is incorrect or incomplete. If the User shows that the purpose for which the Personal Data is processed is no longer allowed, necessary or reasonable under the circumstances, the relevant Personal Data will be deleted, unless there are other legal provisions which specify otherwise.

The User has the right to withdraw consent to MediTuner for continued processing of the Personal Data with such legal basis (“the right to be forgotten”).

Users also have the right to have the Personal Data which they themselves have submitted to MediTuner transferred to another Personal Data controller (right to data portability), as well as to submit any complaints to the Data Security Authorities.

The User has the right to object to the processing of Personal Data which is supported on a balance of interests as a legal basis. In this case, MediTuner will cease with data processing if MediTuner is unable to demonstrate compelling legitimate grounds for data processing that consider the User’s interests, rights and freedoms, or if the processing of Personal Data carries out the establishment, exercise or defence of legal claim.

13. Security

MediTuner takes all appropriate technical and organizational security measures necessary to protect your Personal Data against unauthorized access, alteration or destruction. However, it always involves a risk of disclosing Personal Data through digital channels as it is not possible to completely eliminate the risk of unauthorized access to technology systems.

14. Complaints

If the User has a complaint regarding MediTuner’s processing of its Personal Data, the User has the opportunity to make a report to the Data Security Authorities, which is the supervisory authority. You are also welcomed to contact MediTuner in such cases.

15. Contact Information

If you have any questions about MediTuner Privacy Policy or regarding MediTuner’s processing of Personal Data, please contact:

MediTuner AB, org. 556982-8295
Contact person: Eric Alhanko
Box 3161, 10363 Stockholm, Sweden
info@medituner.com