Your health data. Protected by design.

Security is not an added feature. It is the foundation Ippocra is built on. Every architectural decision starts with one question: how do we best protect the data of those who trust us?

GDPR Compliant
AES-256 Encryption
Full User Control

GDPR Compliance

Ippocra is fully compliant with the General Data Protection Regulation (GDPR - EU Regulation 2016/679). This is not just a legal obligation: it is a design choice.

European data residency

All data is stored on servers located within the European Union. No health data ever leaves European borders.

Lawful basis for processing

Every data processing operation is founded on a clear legal basis: explicit user consent or execution of the service agreement.

Data minimization

We collect only the data strictly necessary for the service to function. No superfluous data, no hidden tracking.

DPO contact

Our Data Protection Officer can be reached at any time at dpo@ippocra.com.

Encryption

Your health documents are protected with bank-grade encryption, both during transfer and while stored.

In transit

TLS 1.3 on every connection. Data is encrypted from the moment it leaves your device until it reaches our servers.

At rest

AES-256 encryption for all stored documents. The same standard used by governments and financial institutions.

When sharing

Links shared via IppoLink are protected with end-to-end encryption. Only the authorized recipient can access the content.

Strictly limited internal access. The Ippocra team may access data only for operational purposes: improving the platform and ensuring service quality. Never for commercial use, never shared with third parties.

You control your data

Your health data belongs to you. Not to us, not to third parties. You always have full control over what is stored, who it is shared with, and when it is deleted.

Data portability

Export all your documents at any time, in standard formats. No vendor lock-in, no restrictions.

Granular permissions

Decide exactly who can see what. Share a single document or an entire folder, with time-based expiry if needed.

Deletion on demand

You can request complete deletion of your data at any time. Once confirmed, the deletion is permanent and irreversible.

Access log

Check at any time who has accessed your documents and when. Full transparency on every interaction with your data.

Additional guarantees

Innovative Startup

Ippocra S.R.L. is registered in Italy's innovative startup registry. This imposes high standards of transparency, governance, and innovation.

European infrastructure

Servers and infrastructure are located within the European Union, under the jurisdiction of European data protection regulations.

Security audits

The infrastructure undergoes periodic security reviews to identify and fix vulnerabilities before they become a risk.

Start protecting your health documents

Sign up for free and discover a safer way to manage your family's health.

Start for free