![MachineMD_RGB_C_DarkBG[5718]](https://www.machinemd.com/hs-fs/hubfs/MachineMD_RGB_C_DarkBG%5B5718%5D.png?width=200&height=26&name=MachineMD_RGB_C_DarkBG%5B5718%5D.png "MachineMD_RGB_C_DarkBG[5718]"){kind=small}
Who we are
machineMD AG provides the neos system and related cloud and support services.
Privacy inquiries (Data Protection Officer): privacy@machinemd.com.
Written privacy inquiries may be sent to: Weyermannsstrasse 36, 3008 Bern, Switzerland.
Our role
For patient and examination data processed through neos, the customer is generally the controller or other responsible party, and machineMD processes such data only on the customer's behalf under the applicable agreement and data processing agreement.
For customer account, user, support, security, billing, and contract-administration data, machineMD may act as controller.
machineMD does not use customer patient data for its own independent product-development purposes.
What this notice covers
This notice covers data processed through the neos application, neos cloud services, reports, support workflows, and related logs.
It does not cover website browsing, cookies, or marketing pages.
This notice describes ordinary customer use of neos by customer organizations and authorized users. Patients should generally receive privacy information from the healthcare provider or institution acting as controller. Separate clinical research, complaint, post-market surveillance, or other regulatory workflows may be governed by separate documentation, notices, or contractual terms
Data we process
Patient and examination data, such as patient ID, name, date of birth, sex, examination date and time, gaze measurements, pupil size, refraction data, examination results, PDF reports, and eye-region video recordings.
Customer and user data, such as business contact details, usernames, organization name, device identifiers, system configuration, and support-related information.
Security and technical data, including authentication and access audit logs, user activity logs, and system events needed to secure, support, and maintain the service.
De-identified operational and monitoring logs used for troubleshooting, service analysis, and security monitoring.
Why we process data
To provide and operate neos and related cloud services.
To process examinations and generate reports for your clinical use.
To manage customer accounts, user access, support, and ordinary contract administration.
To maintain system security, performance, availability, and auditability.
To investigate defects, resolve incidents, and provide technical support.
To meet applicable legal, regulatory, and quality-system obligations, including medical device safety, complaint handling, and post-market surveillance, where required by law or contract.
Legal bases and data-protection roles
For patient and examination data, the customer is responsible for identifying the applicable lawful basis and, where required, the legal basis for processing health data under GDPR, Swiss law, or other applicable law. machineMD processes such data only on documented instructions from the customer, except where otherwise required by law.
For customer and user data where machineMD acts as controller, machineMD generally processes data as needed to enter into and perform contracts, administer the customer relationship, secure and support the service, comply with legal obligations, and pursue legitimate interests compatible with applicable law.
What we do not do
We do not sell patient data.
We do not use patient data for advertising.
We do not determine medical purposes, patient care decisions, or treatment decisions.
neos is not designed to identify individuals from gaze data or eye videos. It does not create biometric templates or perform identity matching.
neos supports clinical assessment and reporting, but it is not intended to make decisions about individuals without human review.
We do not use customer patient data for product development, machine learning, or other secondary purposes unless you separately instruct us in writing and the use is permitted by law and contract.
How data is shared
machineMD shares data only with authorized personnel and the limited subprocessors needed to provide neos.
Authorized machineMD personnel may access data only as needed to provide requested support, maintain security and availability, investigate defects or incidents, or meet applicable legal, regulatory, or quality-system obligations.
machineMD currently uses the following subprocessors for neos: Microsoft Azure for hosting and storage of patient and examination data, customer data, and related neos cloud data; and Datadog for de-identified application, system, and security logging and monitoring.
Patient and examination data are stored only in Microsoft Azure. Datadog is not used to store patient or examination data.
machineMD requires these subprocessors to protect data under written agreements and applicable privacy and security obligations.
machineMD may also disclose data where required by law, regulation, court order, or to respond to security, fraud, or misuse events.
International access and transfers
For EU, UK and Swiss customer deployments, neos patient and examination data are generally stored in the EU. Related de-identified operational and monitoring logs are also generally stored in the EU.
Support, security, and regulatory access by authorized machineMD personnel in Switzerland may occur where necessary and is safeguarded by EU- and UK- Switzerland adequacy decisions.
Security
machineMD applies administrative, technical, and physical safeguards designed to protect confidentiality, integrity, and availability.
These safeguards include role-based access control, least-privilege access, logging and monitoring, encryption in transit, restricted internal access, and vendor and security review processes.
machineMD limits access to patient-identifying data to authorized personnel with a legitimate need to know.
machineMD does not carry out automated individual decision‑making, including profiling, within the meaning of Article 22 GDPR. neos is designed to support clinical assessment with human review.
Retention
machineMD retains patient and examination data on the customer's behalf in accordance with the customer's documented instructions and applicable law.
Where the customer uses neos for ordinary clinical records, retention is generally aligned with the applicable legal record-retention period. This is generally at least 10 years for EU customer deployments and at least 20 years for Swiss customer deployments, unless a longer period is required by law or contract.
Audit logs related to authentication, access, and changes to patient-related records may be retained for up to the applicable patient-record retention period for security, compliance, and investigation purposes.
De-identified operational and security logs may be retained for up to 3 years for troubleshooting, security monitoring, service analysis, or incident investigation. At the end of the applicable retention period, data is deleted or de-identified in accordance with applicable requirements and system constraints.
Customer account, support, and ordinary business communication records may be retained for the duration of the customer relationship and thereafter for applicable statutory retention periods, contract administration, documentation, and legal defence purposes.
Upon termination or expiration of the customer relationship, machineMD will delete or return customer data in accordance with the applicable agreement, data processing agreement, and applicable law, subject to required retention periods, backup cycles, and legal holds.
Customer responsibilities
The customer is responsible for providing required privacy information to patients and other data subjects, identifying the lawful basis for processing and any required health-data condition, obtaining any required notices, authorizations, or consents, deciding what patient data is entered into neos, managing workforce access and user accounts, and instructing machineMD on retention, export, and deletion where applicable.
Data subject rights and requests
For patient and examination data processed through neos, privacy requests should generally be directed to the customer as controller or other responsible party.
machineMD will support the customer in responding to valid requests to the extent required by applicable law and contract.
For customer and user data for which machineMD acts as controller, data subjects may have rights of access, correction, deletion, restriction, portability, objection, and to lodge a complaint with the competent supervisory authority or, in Switzerland, the Federal Data Protection and Information Commissioner, subject to applicable law.
Security incidents
If machineMD becomes aware of a confirmed security incident involving customer data or patient data, machineMD will notify the customer without undue delay and in accordance with applicable law and contract.
Changes to this notice
machineMD may update this notice from time to time.
If a material change is made, the updated version will be made available to customers through the usual contractual or operational channel.
NEOS-01_REC_710-028_Privacy Notice – EU/UK/Switzerland_V1
Published 16 April 2026