This page is published in English as the authoritative version. Translations of headings are provided for convenience; the legal text below remains in English.
This page identifies the natural person or legal entity responsible for the content and operation of mydosha.org and clinic.mydosha.org, in accordance with the information-society-service disclosure requirements of Directive 2000/31/EC (e-Commerce Directive), Article 3:15d of the Dutch Civil Code, and equivalent provisions in other EU jurisdictions.
For any data-subject request under GDPR (access, rectification, erasure, restriction, portability, objection, or withdrawal of consent), please email:
privacy@mydosha.org — or, until that inbox is fully configured, tbthijs@gmail.com.
We respond to verified requests within one month of receipt, in accordance with GDPR Article 12(3).
MyDosha has appointed Jeroen Hendriks as its Data Protection Officer / Functionaris Gegevensbescherming (Article 37 GDPR). You can reach the Data Protection Officer for any question about how we process personal data, or to exercise your rights, at privacy@mydosha.org (attn. Jeroen Hendriks, Functionaris Gegevensbescherming).
The lead supervisory authority for MyDosha (operator: Thomas Thijs, main establishment Sorano, Italy) is currently the Italian Garante per la protezione dei dati personali (garanteprivacy.it), per GDPR Article 56. The competent supervisory authority named in the Supabase Data Processing Addendum is the Estonian Andmekaitse Inspektsioon — this reflects the SCC instrument and is separate from MyDosha’s lead authority as data controller (the Italian Garante).
You may also lodge a complaint with the supervisory authority of your own EU member state:
If you believe you have found a security vulnerability in MyDosha, please email security@mydosha.org (or tbthijs@gmail.com until that inbox is configured). We acknowledge reports within 48 hours. A /.well-known/security.txt file is published at /.well-known/security.txt.
MyDosha is not a medical device under Regulation (EU) 2017/745. For our full qualification position, see Intended use. For our privacy policy, data processing, and sub-processors, see Privacy · Terms.
The European Commission provides a platform for online dispute resolution at ec.europa.eu/consumers/odr. We are not obliged to participate in alternative dispute resolution proceedings before a consumer arbitration body.
Last updated: 2026-04-24. Updated to reflect operation under Italian P. IVA IT01671290530 (forfettario).