— LEGAL DOCUMENTS —

Privacy policy

Your health data is sacred. Here is what we collect, why, where we store it, and how you take back control at any time. No resale. No profiling. No transfer outside the EU.

GDPR-COMPLIANT · COMPLIANT WITH FRENCH DATA PROTECTION ACT · LAST UPDATED APRIL 30 2026
CONTENTS
  1. Preamble & commitments
  2. Data controller
  3. Data collected
  4. Processing purposes
  5. Legal bases
  6. Health data · HDS
  7. Sub-processors & recipients
  8. Retention periods
  9. Your rights
  10. Minors & vulnerable persons
  11. Technical security
  12. Cookies & trackers
  13. Data breaches
  14. Policy changes
  15. Contact the DPO

1. Preamble & commitments

Weave is a family and care coordination application centered on a fragile loved one living at home. By nature, the service handles particularly sensitive data: health information, family contacts, location data during emergencies. This privacy policy describes our commitments regarding this data, in accordance with Regulation (EU) 2016/679 (GDPR) and French Act n°78-17 of 6 January 1978, known as the "Data Protection Act".

Our four founding commitments. (1) No data resale, ever — neither anonymized nor aggregated. (2) No commercial profiling or targeted advertising. (3) No transfer outside the European Economic Area. (4) HDS-certified hosting (French health-data hosting standard) for any medical data.

2. Data controller

The data controller is Weave SAS, 12 rue du Faubourg Saint-Honoré, 75008 Paris, France, Paris Trade Register 928 451 327. Our Data Protection Officer (DPO) can be reached at contact@schoenfg.com.

3. Data collected

We apply the principle of data minimization: only data strictly necessary for a given purpose is collected. Optional fields are flagged as such in the application.

CategoryDetails
IdentityFirst name, last name, email, bcrypt-hashed password, phone (optional), profile picture (optional).
Technical accountInternal UUID identifier, JWT sessions, creation date, last login, preferences (theme, language).
CircleCare recipient's name, family relationship, date of birth, picture (optional), member composition and roles.
Postal addressThe care recipient's address (useful for routing home-care requests), reusable across members to avoid duplication.
Health (HDS)Pathologies, chronic conditions, blood type, treatments, prescriptions, medication intakes, checkups, allergies.
CoordinationTasks, written and voice messages, sticky notes, memories (photos / videos), expenses, shared documents.
ProfessionalsContact details of caregivers attached to the circle (family doctor, physio, nurse).
PaymentStripe token (the card number is never handled by our servers), invoice history, French CESU certificates.
GeolocationThe responder's GPS coordinates only during a Phase 3 SOS, after explicit consent.
UsageAnonymized technical logs, audit events (creation / modification / deletion of sensitive records).

4. Processing purposes

  • Provide and operate the family-coordination service around the care recipient.
  • Authenticate users and secure sessions (anti-fraud, anti-bot).
  • Enable secure medical sharing with a designated healthcare professional via a signed, time-limited public page.
  • Trigger and route emergency requests (SOS) between circle members or, in Phase 3, to a partner home-care agency.
  • Manage Premium billing and issue legal certificates (CESU, tax certificates).
  • Improve the service through anonymized and aggregated statistics (usage rate, technical performance).
  • Comply with legal obligations (accounting, retention of medical documents).
No commercial profiling. No data is used for advertising targeting, scoring or resale. Weave's business model relies solely on Premium subscriptions and partner agency relationships.

6. Health data · HDS hosting

All health data (prescriptions, conditions, treatments, intakes) is stored with Outscale (Dassault Systèmes), a hosting provider certified HDS under article L.1111-8 of the French Public Health Code. Server location: metropolitan France.

Encryption is applied:

  • In transit: TLS 1.3 across all connections.
  • At rest: AES-256 encryption of storage volumes.
  • Backups: encrypted, segmented, kept for 35 days.

External medical sharing (a signed public page for an occasional caregiver) relies on a token with a short validity period (configurable TTL, 24 hours by default) and only exposes a subset explicitly chosen by the lead caregiver.

7. Sub-processors & recipients

ProviderRoleLocation
Outscale (Dassault Systèmes)HDS-certified health-data hostingFrance
OVHcloudApplication & marketing site hostingFrance
Stripe Payments EuropePremium billing and partner agency payment (Phase 3)Ireland (EU)
Mailgun (Sinch France)Sending of transactional emailsFrance
Sentry (Functional Software EU)Error monitoring (no personal data)EU
Partner home-care agencies (Phase 3)Home interventions on SOS requestFrance

All our sub-processors are bound by an agreement compliant with article 28 of the GDPR (signed Data Processing Agreement). Health data remains stored exclusively in metropolitan France, with our HDS-certified hosting provider.

Stripe Payments Europe Ltd (our payment processor, based in Ireland) may, in certain limited technical operations (anti-fraud, support), share data with its parent company Stripe Inc. (United States). These transfers are framed by the Standard Contractual Clauses (SCCs) approved by the European Commission (decision 2021/914) and by Stripe Inc.'s adherence to the Data Privacy Framework. No medical data is concerned by these transfers; only the information strictly necessary to process a payment (amount, tokenized card number, technical metadata) may be shared.

The list of sub-processors is kept up to date; any substantial change will be notified to you.

8. Retention periods

  • Active account: as long as the user does not delete it.
  • Closed account: definitive deletion 30 days after the request, except for legal obligations.
  • Medical documents (HDS): 20 years after the last activity (article R.1112-7 of the French Public Health Code).
  • Invoices and accounting data: 10 years (article L.123-22 of the French Commercial Code).
  • Technical logs: 12 months maximum.
  • Analytics cookies: 13 months maximum (CNIL recommendation).
  • SOS geolocation points: auto-purge after 30 days following the end of the intervention.
  • Invitation and medical-sharing tokens: expire automatically after use or TTL.

9. Your rights

In accordance with articles 15 to 22 of the GDPR, you have the following rights:

  • Access to all of your data.
  • Rectification of any inaccurate information.
  • Erasure (right to be forgotten), except where legal obligations apply.
  • Restriction of processing in certain situations.
  • Portability: full export in JSON or CSV from the app, in one click.
  • Objection to processing based on legitimate interest.
  • Withdrawal of consent at any time, without affecting the lawfulness of prior processing.
  • Set post-mortem instructions on the fate of your data after death (French Act n°2016-1321).

To exercise your rights: contact@schoenfg.com or via your account settings. Reply within 30 days maximum (extendable to 60 days for complex requests, with a reasoned notification). In the event of disagreement, you may file a complaint with the French CNIL: cnil.fr/en/plaintes.

10. Minors & vulnerable persons

Account creation is reserved for adults. The care recipient of a circle may be a minor or a person with reduced autonomy; the account is then created and managed by a legal representative (parent, conservator, guardian), who certifies their status and gathers the required consents.

For care recipients under a legal protection measure, consent procedures follow the rules of the measure (simple curatorship, reinforced curatorship, guardianship).

11. Technical security

  • Passwords hashed with bcrypt (rounds=10), in a dedicated table isolated from the public profile.
  • Sessions JWT signed HS256, access TTL 15 minutes, refresh 30 days, refresh stored as a SHA hash.
  • HTTP headers hardened via Helmet, strict CORS, rate limiting on sensitive routes.
  • Systematic input validation via Zod at the entry of every route.
  • Strict isolation between circles: every access checks membership via the circle_memberships table.
  • Invitation and sharing tokens stored hashed (SHA), never in clear.
  • Cryptographic signature verification on Stripe webhooks.
  • Immutable audit log of every sensitive modification.
  • Annual penetration tests by an independent provider.
  • Responsible-disclosure policy: contact@schoenfg.com.

12. Cookies & trackers

Weave only uses cookies that are strictly necessary for the service to operate (session, preferences) and, where applicable, anonymized audience-measurement cookies that are exempt from consent under CNIL recommendations.

Full details about these trackers, their lifetime and how to refuse them are available on our dedicated cookies page.

13. Data breaches

In the event of a breach likely to create a risk for your rights and freedoms, Weave notifies the French CNIL within 72 hours in accordance with article 33 of the GDPR, and informs you individually without delay where the risk is high (article 34).

14. Policy changes

This policy may be updated to reflect changes to the service or to regulations. Any substantial change is notified to you by email and via an in-app banner at least 30 days before it comes into force. The last update date is shown at the top of this page.

15. Contact the DPO

Data Protection Officer
Email: contact@schoenfg.com
Mail: Weave SAS — DPO, 12 rue du Faubourg Saint-Honoré, 75008 Paris, France.