Privacy Policy

1. Data Controller

The data controller responsible for your personal data is:

2. Types of Data Collected

We collect and process the following types of data:

• Account information (name, email, role, organization)
• Medical and clinical data (patient records, visit notes, prescriptions)
• Usage data (login times, feature usage, session information)
• Technical data (IP address, browser type, device information)
• Communications (support requests, feedback)

3. Legal Basis for Processing (GDPR)

• Performance of contract (Art. 6(1)(b) GDPR)
• Legal obligation (Art. 6(1)(c) GDPR)
• Vital interests (Art. 6(1)(d) GDPR - patient safety)
• Consent (Art. 6(1)(a) GDPR)

4. How We Use Your Data

• Provide and maintain the platform
• Improve and personalize user experience
• Communicate with you about updates and changes
• Comply with legal obligations
• Detect, prevent, and address security issues

5. Data Retention

We retain personal data for as long as necessary to provide services and comply with legal obligations. Medical records are retained according to healthcare regulations (typically 10 years in Germany).

6. Your Rights (GDPR Art. 15-22)

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restriction of processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

7. Data Security (HIPAA Compliance)

We implement industry-standard security measures including encryption, access controls, audit logging, and regular security assessments to protect your data in accordance with HIPAA and GDPR requirements.

8. Third-Party Services

We may use third-party service providers to help us operate the platform. These providers are contractually bound to protect your data and use it only for specified purposes.

9. Cookies and Tracking

We use essential cookies for authentication and session management. We do not use third-party tracking or advertising cookies.

10. Changes to Privacy Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date.