Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.



411 University St, Seattle, USA


+1 -800-456-478-23

Last updated: March 27th, 2022

endo.digital Privacy 


We at DreaMed Diabetes (“us”, “we”, “DreaMed” or the “Company”) respect your privacy and are committed to protect the privacy of our users (“user” or “you”). For the purpose of this policy, a “user” may be either people with diabetes receiving treatment based on endo.digital (“PWD”) or Clinic Workforce.


This Privacy Policy outlines our practices with respect to receiving, collecting, using and disclosing your information through of 3 rd party Diabetes Management Systems (DMS), by our application (“App”) and other services made available by us (collectively, the “Services”). Generally, our Services are aimed at quickly and automatically determining the optimal treatment for maintaining a balanced glucose level, based on our unique personalized medicine decision-support tool.

HIPAA Privacy Notice: We are committed to protect the privacy of our users’ personal health information. Part of that commitment is complying with the Privacy Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which requires us to take additional measures to protect Protected Health Information (“PHI”) and to inform our users about those measures. This Privacy Policy describes how we may use and disclose your PHI which is collected by our Site, App and by all of our Services and how our users can get access to this information.


The Privacy Policy is a part of our Terms of Use and is incorporated therein by references. We encourage you to read the Privacy Policy carefully and use it to make informed decisions. By using our Services, you agree to the terms of this Privacy Policy and your continued use of the Services constitutes your ongoing agreement to this Privacy Policy.

In this Privacy Policy you will read about:

  • What types of information we collect and how we collect it
  • How we use Cookies
  • How we use the information we collect
  • How we receive Users’ information
  • Our legal basis for processing your information
  • With whom we share the information, and for what purpose
  • For how long we retain the information we collect
  • How do we safeguard your information
  • How to contact us

What type of information we collect?

We collect two types of data and information from our users. The first type of information is un-identified and non-identifiable information pertaining to a user(s), which may be made available or gathered via the user’s use of the Services (“Non-personal Information”). We are not aware of the identity of the user from which the Non-personal Information was collected. Non-personal Information which is being collected may include your aggregated usage information and technical information transmitted by your device, including certain software and hardware information (e.g. the type of browser and operating system your device uses, language preference, access time and the domain name of the website from which you linked to the Services; etc.), in order to enhance the functionality of our Services. We may also collect information on your activity on the Service (e.g. pages viewed, online browsing, clicks, actions, etc.). The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Information”). Such information includes:


    • Basic Registration information: In order to use our Services, you will be required to register to the Services. As part of the registration process, we may collect your full name and birth date. We may also require a code for your diabetes clinic. You may also choose to provide us with your email address.
    • Opening an account: You may also choose to open an account with us, thereby allowing the display of our recommendations on your device. In order to complete an account registration, we will also collect your email address and password.
    • Health information: After you have decided you use our Services and completed the basic registration process (without necessarily opening an account), you will have the option to grant us access to the information available to your physician on a Diabetes Management System (“DMS”), that you and your physician use. In order to provide our Services, we will need to retrieve and retain the health data associated with you, that is maintained in the DMS. Such information may include your blood glucose readings, insulin pump information (including serial number), device events and insulin doses, as well as other information provided from your devices, or which you choose to upload to the DMS through the DMS applications, such as treatment and diagnosis information. By using our Services and accepting our Terms and this Privacy Policy you acknowledge and agree that DreaMed will have access to all the data associated with you, which is relevant to the provisions of our Service, maintained on the DMS. We will take all necessary steps to protect your PHI as required under the Health Insurance Portability and Accountability Act of 1996. Please note that this Privacy Policy applies only to our practices in relation to the information we collect from your DMS. The information that the DMS collects from you is governed by the DMS’s terms of use and privacy policy, and we shall have no liability whatsoever with respect to the DMS practices and your use of the DMS services.


      You may also use the App as a DMS and provide us directly with your health information. This information may include blood glucose readings; Continuous Glucose Meters (“CGM”) which includes estimated glucose, events tracked by the CGM, including meals, insulin, calibration, exercise; insulin pumps data which includes bolus calculator parameters, basal rates, basal rate profiles, insulin to carb ratios, and insulin sensitivity factors as well as all events tracked by the pump, including meals, insulin dosed, temp basals and suspends events, and BG inputs.

      If you use the App as a DMS, we will also collect additional health information provided by you directly that may include your gender, age and birth date, weight, height, treatment and diagnosis information, health and well-being related information (including diet and activity information), information identifying the diabetes monitoring and treatment devices you use, and data you upload from your diabetes monitoring and treatment devices.

      By granting us access to sensitive Personal Information or providing it directly to us (e.g. health information), you explicitly consent to the collection, use and disclosure of your sensitive Personal Information in accordance with this Privacy Policy.

    • Information shared through third parties apps: You may instruct us to share information (including Personal Information, such as glucose levels) with systems such as Apple Health and to access and collect information from those systems, for the purpose of improving the Services which we provide to you. Before you allow us to share or collect such information, you should also review the applicable privacy policy of that system (e.g. Apple’s privacy policy can be found here).
    • Voluntary information: We also collect information which you provide us voluntarily. For example, when you respond to communications from us, contact our support, communicate with us via email or the Services or share additional information about yourself or about others through your use of the Services.
    • Device Information: We may also collect Personal Information from your device (e.g., IP address-) and information on your activity on DreaMed Services (e.g. pages viewed, online browsing, clicks, actions etc.).
    • Third parties’ SDKs: Within our App, we may use Software Development Kits (SDK) provided by third parties. If you grant us your explicit consent to such use and integration (through the App), we may gather additional Personal Information about your activities, and behavior, such as Wi-Fi, Bluetooth, accelerometer, gyroscope, GPS, etc. For additional information about SDKs we advise you to visit the third parties’ website(s) to learn more.
    • Access to Third Parties: you will be able to grant access to DMS or App information to additional third parties. They will be able to view and comment on health and other information in your account.

Clinic Workforce:

  • Registration information: When you register to access the Service , you will be asked to provide us certain details such as: full name; e-mail or physical address, and other information, such as the name of the clinic you are associated with, as further described in our registration process.
  • Prior to your registration to the Service , and in order to enable such registration, we may receive Personal Information about you from the clinic you are associated with. This may be required in order to verify your identity and eligibility to gain access to the Service . If you are not found eligible to gain access to the Service , we will discard your Personal Information.
  • Device Information: We may also collect Personal Information from your device. Such information includes geolocation data, IP address, unique identifiers (e.g. MAC address and UUID) and other information which relates to your activity through the Site.
  • Health Information: We may also collect other information of PWD you provide to us through the App. This may include gender, age and birth date, weight, height, treatment and diagnosis information, health and well-being related information (including diet and activity information), information identifying the diabetes monitoring and treatment devices you upload for individuals, and data that you upload from their diabetes monitoring and treatment devices.

If we combine Personal Information with Non-personal Information, the combined information will be treated as Personal Information for as long as it remains combined. We may anonymize or de-identify the information collected by the Services or via other means so that the information cannot, on its own, personally identify you. We may use this de-identified information for our internal purposes, such as performing statistical analysis. You may refuse to disclose certain information, but please bear in mind this may result in preventing you from using the Services to some extent, and in some cases may result in your inability to use the Services.


When you use our Service, we may store cookies on your device (as well as other tracking technologies like web beacons, pixels etc.) in order to facilitate and customize your use of our Services. A cookie is a small data text file, which a website or application stores on your device (if your web browser permits) that can later be retrieved to identify you to us. Our cookies may store information regarding your registration to our Services. You are always free to decline or disable our cookies if your browser permits, but such disabling may cause some of the features of our Service to not operate properly and your online experience may be limited.

How we use the information we collect

We may use the information for the following:

  • o set up your account and to provide our Services, including our recommendations regarding the optimal treatment for maintaining a balanced glucose level;
  • To optimize our Services and your experience using, among other things, research and analytics in order to improve and customize the Services;
  • To generate aggregated statistics about the users of our Services for the purposes of producing analysis of quality assurance of our Services;
  • To identify and authenticate your access to certain features of the Services;
  • To communicate with you in order to keep you informed of our latest updates and features;
  • To detect and prevent illegal activity or any other type of activity that may jeopardize or negatively affect the integrity of the Services;
  • To support and troubleshoot our Services, to respond to your queries and communicate with you;
  • To comply with our obligations under the Health Insurance Portability and Accountability Act of 1996;
  • To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request.

We will not sell our database to third parties and will share the information only to the extent required to allow us to provide and improve our services.

Our legal basis for processing your information

We collect and process your PHI only where you authorize us to do so and in order to provide you with the Services. You may revoke your authorization at any time by sending us a written request to support@dreamed.ai.If you choose to revoke your authorization, we will no longer use or disclose your PHI.

With whom we share the information we collect

We do not rent, sell, or share your Personal Information with third parties except as described in this Privacy Policy.

We may transfer or disclose Personal Information to our subsidiaries, affiliated companies, subcontractors, SDKs, or such other trusted third party service providers or partners, who are located in different jurisdictions across the world, for the purpose of: (a) storing or processing such information on our behalf (e.g. on cloud computing services) or to assist us with our business operations, to authenticate your access and to provide and improve our Services; (b) performing research, technical diagnostics, analytics or statistical purposes;.

We will also share Personal Information with third parties if you explicit consent to such sharing.

We may also disclose Personal Information if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of yourself, our users, us or any third party; or (vi) for the purpose of collaborating with law enforcement agencies or in case we find it necessary in order to enforce intellectual property or other legal rights.

We may share anonymized aggregated statistical data, which cannot be used to identify an individual user, with third parties such as regulators and business partners and in academic publications.

User’s rights and retention

We respect your privacy rights and strive to comply in all aspects with the Health Insurance Portability and Accountability Act of 1996. For example, you have the right under HIPAA to inspect or get copies of your PHI contained in a designated record set. Generally, a “designated record set” contains medical records we may have about you. Therefore you may contact us at any time and request:

  • to access, delete, change or update any Personal Information and PHI relating to you (for example, if you believe that your Personal Information is incorrect, you may ask to have it corrected or deleted).
  • that we will cease any further use of your Personal Information and PHI (for example, you may ask that we will stop using or sharing your Personal Information with third parties) or that we shall remove your Personal Information.

Please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements.

Please note that these rights only relate to information processed by the Company and does not apply to all the information that Tidepool (or any other similar platform) may process or retain about you. For information processed by Tidepool or other platform, you should refer to each platform directly.

For EU users: Please note that the following rights specifically apply regarding your personal information: (1) Receive confirmation as to whether or not personal information concerning you is being processed, and access your stored personal information, together with supplementary information; (2) Receive a copy of personal information you directly volunteer to us in a structured, commonly used and machine-readable format; (3) Request rectification of your personal information that is in our control; (4) Request erasure of your personal information; (5) Object to the processing of personal information by us; (6) Request to restrict processing of your personal information by us; (7) Lodge a complaint with a supervisory authority.

Please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements.

If you wish to exercise any of the above mentioned rights or raise a complaint on how we have handled your Personal Information or PHI, please contact us directly at support@dreamed.ai.

If you are not satisfied with our response or believe we are collecting or processing your Personal Information not in accordance with applicable laws, you can complain to the applicable data protection authority. In addition, if you believe your privacy rights have been violated, or if you are dissatisfied with our privacy practices or procedures regarding your PHI, you may file a complaint with the Secretary of the U.S. Department of Health and Human Services.

We will retain your personal information for the duration required to provide our services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we will keep records containing client personal data, account opening documents, communications and anything else as required by applicable laws and regulations.

We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion.

How do we safeguard and transfer your information?

We take great care in implementing and maintaining the security of our services and your information in accordance with the requirements of all applicable laws (including with the requirements under the Security Rule of the HIPAA). We employ industry standard procedures and policies to ensure the safety of our users’ information and prevent unauthorized use of any such information. Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our services, and we make no warranty, express, implied or otherwise, that we will prevent such access.

Since we operate globally, it may be required to transfer your Personal Information to other countries worldwide. In these instances, we will take steps to ensure that a similar level of protection is given to your Personal Information through adequate legal mechanisms, in accordance with the GDPR.

Affiliates and corporate transaction

We may share your information, including your Personal Information, with any subsidiaries, joint ventures, or other companies under a common control (collectively “Affiliated Companies“). We may share Information, including Personal Information, in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy.


The Services are not designed to the use of any children under 16 years of age. If you have reason to believe that a child under the age of 16 has provided Personal Information to the Company through the use of any of the Services without the consent of their parent or legal guardian, you should immediately contact us and we will endeavor to delete that information from our records.

Additionally, no information should be submitted to or posted to any of the Services by users under 18 years of age without the consent of their parent or legal guardian. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children to never provide Personal Information and PHI on any of the Services without their permission.

Parents or other legal guardians which have adequate authorizations may use the Service to provide Personal Information on children under the age of 18, subject to any other legal requirement.

California “Do Not Track” Disclosure.

In case you are using our Services in the state of California, United States we inform you that the Company does not respond to Do Not Track requests or signals at this time in accordance with the California Online Privacy Protection Act (“CalOPPA”) Amendment of 2013.

Updates or amendments to the Privacy Policy

We may revise this Privacy Policy from time to time, in our sole discretion, and the most current version will always be posted on our Site (as reflected in the “Last Revised” heading). We encourage you to review this Privacy Policy regularly for any changes. In case of material changes we will notify you through our Services or by email. Should you object to any such modifications, you must cease using our Site and Services and request that we delete your account. Your continued use of the Services, following the notification of such amendments on our Site or the App, constitutes your acknowledgement and consent of such amendments to the Privacy Policy and your agreement to be bound by the terms of such amendments.

How to contact us

If you have any general questions about the Services or the information that we collect about you and how we use it, please contact us at support@dreamed.ai.

Details of Company

DreaMed Diabetes LTD14 Kaplan st., the Endocrinology Center, Schneider Children’s Medical Center,Petah Tikva, 4920235, Israelinfo@dreamed.ai