Last updated 10 June 2026. We review this regularly with our data protection adviser.
Precura provides screening blood tests and a place to keep your results. Your health data is special-category personal data under the GDPR, and we treat it that way. This page explains what we hold and how we handle it.
Precura, Stockholm, Sweden. We are the controller of your personal data. You can reach us at hello@precurahealth.com.
Your account details and personnummer; the tests you order and their results; and any past blood-test documents you choose to upload, together with the values read from them.
We handle your health data on the basis of your explicit consent under GDPR Article 9(2)(a). You can withdraw that consent at any time; doing so does not affect handling that already took place.
When you upload a blood-test document, the file is read automatically so the values can be pulled out and shown back to you. That reading is performed by a third-party document-processing service, Anthropic, located outside the EU in the United States, under the EU standard contractual clauses. The reading service is not used to train on your data. The values and your stored records are held on servers in the EU. You consent to this when you upload, and you can delete an uploaded document and its values at any time.
The finder on our site points you to the right test based on what you type. To do that, your message and the conversation so far are processed by an automated routing service (Anthropic, United States, under the EU standard contractual clauses). We do not store your messages: we keep only which test or topic the finder pointed to, linked to your account if you are signed in, and that routing record is deleted after 90 days. If you ask for a person, we email ourselves your contact details so we can reply - never the text of your message.
If you leave your email address on our pre-launch page, we store the address, your language choice, and the times you signed up and confirmed. We send you one confirmation email when you sign up; only confirmed addresses then receive a single email when Precura opens, and nothing else. The legal basis is your consent. We delete the list after the launch email has been sent, and you can withdraw before then at any time by writing to hello@precurahealth.com - we then remove your address right away.
Your account, results and stored records are held on servers in the European Union (Stockholm). Some processing - payments, email, document reading, finder routing, and parts of our hosting - happens with providers that operate in the United States, under the EU standard contractual clauses. Data is encrypted in transit and at rest, and your personnummer is additionally encrypted with a key held outside the database.
We use strictly necessary cookies only: your sign-in session, a short-lived cookie that protects the BankID sign-in flow, and a one-time welcome flag. No advertising cookies, no analytics cookies, no trackers. Every cookie is listed on the cookies page.
We use service providers to run Precura: Supabase (database and sign-in, EU), Vercel (hosting; some processing in the United States), Stripe (payments), Resend (email, United States), Anthropic (document reading and finder routing, United States), Idura (BankID verification, EU), and a Swedish laboratory partner that analyses samples. They act on our instructions under data-processing agreements; transfers outside the EU rely on the EU standard contractual clauses.
You can ask for a copy of your data, correct it, delete it, or withdraw consent. You can also complain to the Swedish authority, IMY (Integritetsskyddsmyndigheten). To exercise any of these, email hello@precurahealth.com.
Order records are kept for seven years under Swedish bookkeeping law. Results reviewed by a doctor are kept as a patient record. Uploaded documents and the values from them stay until you remove them or delete your account. Finder routing records are deleted after 90 days. If you delete your account, everything else is removed, and your name, personnummer and email are stripped from the records the law requires us to keep.
Questions about your data? Email hello@precurahealth.com.