PRIVACY POLICY

Introduction

Welcome to the Chatdok privacy policy. We place great importance on safeguarding your privacy and we want to inform you about the reasons we require certain information from you, how we utilize it, and the measures we take to keep it protected. According to Article 4 lit. 1 of the General Data Protection Regulation (“GDPR”), your personal data includes all information that relates or can be related to your person, in particular by means of assignment to an identifier such as a name or to an organization - or personnel number with which your person can be identified.

Outlined below are the topics that we will cover in this policy:

1. The scope of this policy
2. The types of data that we collect and the methods used to obtain it
3. The purposes for which we use your data
4. The ways in which we store and transfer your data
5. The reasons why we may share your data with others
6. How long we retain your data
7. Children's Privacy
8. Your rights concerning your personal information
9. Changes to this policy over time.

1. The scope of this policy

This policy outlines how we utilize your information to provide our healthcare services, websites, and app. This covers

- our private service,
- voice app service on various virtual assistants, including Alexa, Siri, and Google Assistant,
- Our apps (on android playstore, apple appstore, and web apps), including any beta versions.
- It also includes our website (www.chatdok.com) and any other domains associated with it.

We operate through Chatdok UG., and when we refer to "us" or "we" in this policy, we are referring to the company. Chatdok offers medical services, as well as technology and software to support these services.


2. The types of data that we collect and the methods used to obtain it

This policy explains the types of data we hold and how we obtain them, including personal details, health and medical data, details of your conversations with us, data from other sources, credit and debit card information, technical information and analytics, cookies, and information from third-party services.
Personal data
These includes information that can identify you, such as your name and medical history. When you register with us, we ask for your accurate personal details, including your name, date of birth, address, and email address.
Health data
We also collect information about your health, such as general health, symptoms, treatments, medications, consultations, procedures, and interactions with our services. We keep a record of your conversations with us, including consultations with our Chatdok Bot (on the app or virtual assistance), emails, calls, live chat conversations, and video and/or audio recordings from consultations.
Information obtained from external sources.
If you've agreed to share data from other apps, devices, and services with us like fitness or health tracking apps, we might receive some data about you and your health from them. Additionally, if you make a payment on the app, your credit and debit card details are processed by a third-party payment provider, and we only keep details of the transactions on our secure servers.
Data related to technology and analysis
We collect technical information and analytics, such as the IP address, browser information, login and operating system, device make and model, time zone, language and location settings, mobile network provider, information about your visit to our website or use of our app, information about the products or services you viewed or used, app response times and updates, information about your interactions, and any phone number used to call our customer service number.
Cookies
We use cookies to collect information about how you use our website and the pages you visit, but we do not use cookies on your medical or health information. We may also receive information about you from third-party services if you choose to connect your social media accounts or wearable device with our services.
We comply with data protection laws when we collect and use your data, and we keep your health and medical data secure by applying technical and organizational measures to protect it. If you have any questions or concerns about your data, please contact us at privacy@chatdok.com.


3. The purposes for which we use your data

We utilize your personal information for various purposes, and each has a legal basis for doing so.
Delivering a service to you
We need your data to provide you with the services you have signed up for, and this requires us to enter into a contract with you. If you use our paid services or purchase our products, we use your financial information to charge you accordingly. Regarding your health information, we use it to provide healthcare services such as diagnosis and treatment, as well as offer health advice. We do this as part of our legitimate interest or the public's interest and with your consent. The health data we use includes notes, recordings, and transcripts from your consultations, as well as data from our Chatdok Bot and Health Tracker. We may share this information with other health services to ensure you receive appropriate care, including your health provider if you use our private service, clinical partners, and referral services like therapists, pharmacists, and hospitals. Lastly, we use your location data to recommend services close to you, such as pharmacies and hospitals. We may obtain your location through your phone, internet browser, IP address, or postal address, depending on how you access our services.
Chatdok values your privacy and is committed to maintaining the confidentiality of your health and medical information. We will only utilize this data to enhance our services so as to serve you better, with your explicit consent. Your information will be made anonymous by eliminating personal identifiers such as your name, address, and contact details. This data may encompass medical records, consultation notes, recordings, transcripts, and usage patterns of features like Chatdok Bot, Health Tracker.
The purpose behind gathering this information is to enhance the healthcare experience for both you and fellow Chatdok users, while refraining from making significant decisions that could affect you. It's important to emphasize that your explicit consent will be sought each time Chatdok employs your personal data to ensure transparency and compliance with international best practices, especially in the EU.
Contributing to healthcare research
If you have given your explicit consent to it when requested, your health data may be used for research purposes to improve the understanding of health behavior, disease risk, or health outcomes. Chatdok aims to publish the research results in peer-reviewed journals or work with academic institutions. The data used for research purposes may include your medical records, consultations, and use of Chatdok's products like Chatdok Bot and Health tracker. However, any personal details that could identify you, including your name, address, and contact information, will be removed. Chatdok follows the ethical principles of the Declaration of Helsinki in conducting research. Additionally, your contact information may be used to invite you to participate in clinical trials, such as those that investigate the effectiveness of medicine reminders or exercise on mood.
Ensuring that our service meets standards for both quality and safety.
We ensure that our service is of good quality and safe by utilizing your medical and health information for regulatory, training, compliance, and safety purposes.
This implies that:


4. The ways in which we store and transfer your data

Chatdok relies on the following legal bases for data processing:

- Necessity of hiring (Art. 88 DS-GVO in connection with § 26 BDSG)
- Legitimate interest of Chatdok, affiliated companies or third parties with a legitimate interest in special application management (Art. 6 (1) lit. f DS-GVO);
- Consent, if provided by you and stipulated by law (Art. 6 (1) lit. a GDPR in conjunction with Art. 88 GDPR and Section 26 (2) BDSG);
- Compliance with legal regulations (Art. 6 (1) lit. c GDPR).

We keep your personal health and medical information on secure servers and not on your mobile device. This information may include your primary care details, medications, and any diagnosis of illness or other health problems. You are responsible for keeping your password or authentication method confidential and not sharing it with anyone.
We use encryption to protect the data transmitted to and from the app. After receiving your information, we implement strict security measures and procedures to prevent unauthorized access. We will do everything reasonable to ensure that your data is securely handled.


5. The reasons why we may share your data with others


In order to offer you our services effectively, we may need to share certain information with:
Service Providers
We engage with service providers who deliver services to you on our behalf, such as virtual assistant, chatbot, etc. We may share your personal data with them so they can process it to provide these services, but they are bound by our instructions and cannot use the data for their own purposes. Moreover, on our behalf, they are obligated to comply with data protection laws and contractual terms that outline how they can handle data
Partners
In case you utilize Chatdok services through your health insurer or one of our associates, who may be your employer, we might disclose some of your information to them. This information could involve your name, date of birth, email address, policy number, and location. We might also inform them that you have enrolled with us and made use of our services. However, we will not disclose any information regarding your medical records or consultations, unless you provide your consent or you request specific sick note to that effect.
Other healthcare providers
If necessary for your healthcare, we may disclose your data to other healthcare providers such as our clinical partners, doctors, specialist referral services, therapists, pharmacists, hospitals, accident and emergency services, testing service providers, and diagnosis centers chosen by you for imaging.
Sharing your information with these providers may be required by law to protect you or others, or to carry out a public task. Before sharing your information, we may need your consent, or we may rely on our legitimate interests to provide you with healthcare.
Anonymous data trends
We may display general trends on our website or provide commercial partners with data that is not linked to you personally. This type of data is known as "aggregated" data and does not contain personal information.
Examples of aggregated data that we might share include the total number of service users or trends in a specific geographical location.


6. How long we retain your data

We adhere to guidelines from the GDPR, HIPAA and Ministry of Health regarding the duration for which we keep your medical records, also known as the "retention period."
Additionally, we may keep certain non-personal information for an extended period to help enhance our services and business operations. However, we may retain data longer if required to do so by law. Here's a summary of the retention periods for different types of records we hold:

· Doctor's records (medical records, consultations, Chatdok Bot interactions) are kept for 10 years after your death or after you've permanently left the country. We may retain them longer if there are genetic implications for your family, based on advice from clinicians.
· Video consultations and voice consultations are kept in the same manner as doctor's records, subject to potential changes in retention periods based on our product.
· Chatdok Bot interactions are kept in the same manner as GP records, and are available in the app for 1 month. After 1 month, we can provide them if you request them.
· Health tracker records are kept for 2 years after you close your account, unless you agree to them being part of your medical record.
· Communications with support teams, such as phone calls, emails, and live chats, are kept for 1 year after you leave Chatdok's services.
· Maternity records are kept for 25 years after the birth of your last child.
· Records on any treatment for a mental disorder are kept for 20 years after the date of your last consultation, or 10 years after your death if that comes sooner.

If you wish to access any of this information during its retention period, please contact us at privacy@chatdok.com


7. Children's Privacy

Our websites are not intended for children under the age of 13, and we don't knowingly collect or sell personal information from children under 13. If you're under 13, please don't use or provide any information on our websites without your parent's consent. If you're the parent or guardian of a child under 13 whom you believe has provided us with their personal information, you can contact us using the information below to request that it be deleted.


8. Your rights concerning your personal information

You have certain rights regarding your personal information under data protection laws. You can withdraw or modify your consent for the use of your data at any time through the app or the Chatdok website. You also have the right to request a copy of the personal data we hold about you, to correct or delete inaccurate information, to restrict automated decisions made with your data, and to request your data in a portable format or to be sent to someone else.
Under applicable data protection laws, you have the following rights:
Right to information, Art. 15 DS-GVO
You have the right to information about the stored personal data concerning you.
Right to rectification, Art. 16 DS-GVO
If you find that incorrect data about you is being processed, you can request rectification. Incomplete data must be completed taking into account the purpose of the processing.
Right to deletion, Art. 17 DS-GVO
You have the right to request the deletion of your data if there are certain reasons for deletion. This is particularly the case if they are no longer required for the purpose for which they were originally collected or processed.
Right to restriction of processing, Art. 18 DS-GVO
You have the right to restriction of processing of your data. This means that while your data will not be erased, it will be marked to restrict further processing or use.
Right to data portability, Art. 20 GDPR
You have the right to receive the personal data that you have provided to Chatdok in a structured, common and machine-readable format. Furthermore, you have the right to transmit this data to another responsible person without hindrance from Chatdok.
Right to object to unreasonable data processing, Article 21 GDPR
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Article 6 lit. e or f of the GDPR takes place to file an objection. Since Chatdok processes and uses your personal data primarily for the purposes of the contractual relationship with you, Chatdok has a legitimate interest in processing your data, which, on the other hand, will cancel your request for restriction.
Please contact our Data Protection Officer with proof of identity to exercise any of these rights. We have one month to respond to your request in accordance with data protection laws.
To do any of these things, please write the Data Protection Officer. Contact us at:

Germany:
Chatdok UG,
Am Kohnen 85, 40599, Düsseldorf

UK:
Chatdok Ltd.
236a Evelyn Street Deptford SE8 5BZ

Or Email: Privacy@chatdok.com


9. Changes to this policy over time.

We may make changes to this policy periodically, and if we do, we will notify you and provide an opportunity for you to review the changes. If you continue to use our services after we have updated the policy, we will assume that you agree to the changes. However, if you don't agree to the changes, you can choose to stop using our services at any time.

Got it