Loading document…
Cookies on ELISA
We use necessary cookies for the site to work and, optionally, analytics cookies to improve it. Cookie policy.
Last updated · May 27, 2026
This agreement governs ELISA's processing, as processor, of the personal data provided by the controller clinic.
Controller: the clinic, podiatrist, lab or professional organization using the platform.
Processor: ELISA, per the Legal notice.
Provision of the SaaS orthotic insole design service, including storage of scans, STL files, patient references and case-related data.
While the contractual relationship is active and during applicable legal retention periods after termination.
Process data only on the controller's instructions.
Ensure confidentiality through authorized personnel.
Apply appropriate technical and organizational measures (encryption, access control, audit, backups).
Assist the controller in responding to data subject rights and security breach obligations.
Return or delete the data at the end of the relationship, per controller instruction.
The controller authorizes the use of published sub-processors (Supabase, Stripe, email provider).
ELISA will give prior notice of any addition or replacement of sub-processors.
Data is hosted on European infrastructure (EEA). International transfers are made with adequate safeguards under the UK GDPR (UK adequacy regulations, the International Data Transfer Agreement (IDTA) or other valid mechanisms).
ELISA will notify the controller of any security breach without undue delay after becoming aware, with the available information.
ELISA is a professional digital design platform. ELISA does not diagnose diseases, prescribe treatment or replace qualified healthcare professionals. Clinical assessment, diagnosis, treatment decisions, design validation, fitting and patient follow-up remain the responsibility of the qualified professional or organization using the platform.