Patient Mobile App 

iOS & Android — HEKMA Trial Companion 

Privacy Policy 

Effective Date: April 8, 2026  |  Version 1.0 

HEKMA Clinical Intelligence Platform, Inc.  |  legal@hekma.io 

 

1. Our Mobile Privacy Commitment 

This Privacy Policy explains how HEKMA Clinical Intelligence Platform, Inc. collects, uses, and protects information when you use the HEKMA Trial Companion mobile application (“App”). We designed this App with privacy as a foundation. We do not sell your data. We do not show you ads. We do not use your health data for anything other than helping you find and participate in clinical trials. 

 

2. Data We Collect Through the Mobile App 

2.1 Account Data 

    • Email address and account credentials (synchronized with your web Patient Platform account) 

2.2 Health Passport Data 

Data you enter or import into your Health Passport, as described in the Patient Platform Privacy Policy, synchronized securely between the App and web platform. 

2.3 Device & Technical Data

    • Device model, operating system version, and App version
    • Crash logs and error reports (used for App stability improvements — do not contain health data)
    • Push notification tokens (used only to send you notifications you have opted into)
    • IP address and session timestamps for security and fraud prevention 

2.4 Optional Health Integrations

    • Apple HealthKit data (iOS): Only categories you explicitly authorize, such as heart rate, step count, or conditions — used only to populate your Health Passport
    • Google Health Connect data (Android): Same principle as HealthKit 

2.5 Location Data (Optional) 

If you enable the “nearby sites” feature, we collect your general location to show you research sites within your area. Precise location data is not stored beyond the duration of your search session. You can disable this at any time.


2.6 ePRO Questionnaire Responses 

If assigned by your research site, your questionnaire responses are transmitted securely to your site’s platform and become part of your study record. 

 

3. How We Use Mobile App Data

    • Synchronizing your Health Passport across devices
    • Generating AI TrialMatch recommendations personalized to your health profile
    • Delivering push notifications you have opted into
    • Transmitting ePRO questionnaire data to authorized research sites
    • Detecting and responding to security incidents
    • Improving App performance using anonymized crash and usage data 

We will never use data collected from Apple HealthKit or Google Health Connect for advertising, marketing, or sale to third parties. 

 

4. Data Sharing from the Mobile App 

Data sharing from the mobile App follows the same framework as the Patient Platform Privacy Policy. Additionally:

    • Crash and error log data may be processed by our mobile analytics provider under a Data Processing Agreement — this data does not contain health information
    • ePRO data is transmitted directly to the research site that assigned your questionnaire 

 

5. Push Notification Data 

Push notification tokens are stored on our servers and used exclusively to deliver notifications you have enabled. We do not share notification tokens with third parties. Notification tokens are deleted when you disable notifications or delete your account. 

 

6. Children & the Mobile App 

The HEKMA Trial Companion App is not intended for use by individuals under 18. Parents or guardians creating a Caregiver Account for a minor participant must manage the App account themselves. We do not knowingly collect personal data from individuals under 13. 

 

7. Data Security on Mobile

    • All health data transmitted between the App and HEKMA servers is encrypted using TLS 1.2+
    • Health Passport data is stored encrypted on HEKMA servers; local device storage of sensitive health data is minimized
    • Biometric authentication (Face ID, fingerprint) is supported as an additional security layer
    • The App does not store unencrypted health data in device backups

8. Retention & Deletion 

App usage data (crash logs, technical logs) is retained for ninety (90) days. Health Passport data and account data retention follows the Patient Platform Privacy Policy. You can delete your account and all health data through the App’s settings or via the web platform, and all data will be removed within thirty (30) days. 

 

9. Your Rights (Mobile App) 

Your rights are the same as those described in the Patient Platform Privacy Policy. You can exercise all rights through the App settings, the web platform settings, or by contacting privacy@hekma.io. You can revoke HealthKit or Health Connect access at any time through your device settings, and this will not affect your account. 

 

10. App Store Privacy 

This App is distributed through the Apple App Store and Google Play Store, which have their own privacy practices. HEKMA does not receive health or personally identifiable information about you from Apple or Google in connection with App distribution. 

 

11. Contact 

Patient App Privacy: privacy@hekma.io 

Data Protection Officer: dpo@hekma.io 

App Support: app@hekma.io

Schedule A Demo