Privacy Policy

Effective date: 14 May 2026  ·  Last updated: 14 May 2026
Controller: MB Labelis, Gedimino pr. 1, LT-01103 Vilnius, Lithuania

This policy explains how MB Labelis ("we", "our", "us") collects, uses, stores, and protects your personal data when you use the Labelis mobile application ("App") and this website. We are committed to protecting your privacy in accordance with the EU General Data Protection Regulation (GDPR) and Lithuanian data protection law.

1. Who We Are

MB Labelis is a private limited company registered in the Republic of Lithuania (company registration number pending). Our registered address is Gedimino pr. 1, LT-01103 Vilnius, Lithuania.

Contact us regarding data protection: support@labelis.app

2. Data We Collect

2.1 Account and Profile Data

2.2 Healthcare Workflow Data

The App is designed for use by healthcare professionals. You may enter and store the following data within the App:

You are the data controller for any patient data you enter. We act as a data processor on your behalf. You are responsible for ensuring you have the appropriate legal basis to collect and process patient data under applicable healthcare and data protection law.

2.3 Usage and Technical Data

2.4 Subscription and Billing Data

Subscription billing is handled by Paddle (our payment processor). We do not store payment card details. Paddle shares with us your subscription status, plan, and transaction identifiers. See Paddle's Privacy Policy.

3. How We Use Your Data

We do not use patient data you enter for any purpose other than providing you with the App's functionality.

4. Legal Basis for Processing

5. Data Storage and Security

Your data is stored on Google Firebase infrastructure (Firebase Authentication, Firestore, and Firebase Storage), operated by Google LLC. Firebase data centres used are located in the European Union (Belgium, eur3 region) where applicable.

See Google Firebase Privacy and Security for further detail.

6. Data Sharing

We share data only in the following circumstances:

We do not sell, rent, or trade your personal data to third parties.

California residents (CCPA/CPRA): We do not sell or share your personal information with third parties for their commercial purposes. You have the right to know what personal information we collect, request deletion of your data, and not be discriminated against for exercising these rights. To submit a request, contact support@labelis.app.

7. Data Retention

8. Your GDPR Rights

As a data subject under GDPR, you have the right to:

To exercise any of these rights, contact us at support@labelis.app. We will respond within 30 days. You also have the right to lodge a complaint with the State Data Protection Inspectorate of Lithuania (vdai.lrv.lt).

9. Children's Privacy

The App is intended for use by healthcare professionals aged 18 and over. We do not knowingly collect personal data from persons under 18. If you believe a minor has created an account, contact us and we will delete it promptly.

10. Cookies and Web Analytics

This website does not use advertising cookies or tracking pixels. We may use minimal, session-only cookies for basic website function. No personal data is collected on this website beyond what you voluntarily submit (e.g., contact forms).

11. International Data Transfers

Google Firebase may transfer data to servers outside the EEA. Such transfers are covered by Google's EU Standard Contractual Clauses and adequacy decisions where applicable.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via the App. The "Last updated" date at the top of this page indicates the most recent revision. Continued use of the App after changes constitutes acceptance of the updated policy.

13. Contact

For any questions about this Privacy Policy or your personal data: