Privacy Policy

• Account data: name, email, phone, password (stored only as a salted PBKDF2 hash — never in plain text), role and language preference.
• Patient request data: the treatment you are interested in, free-text descriptions, and any photos or medical images (e.g. X-rays) you choose to upload.
• Consent records (special-category data): when you sign a digital consent form we record the form contents, your accepted clauses, a drawn signature, a one-time-passcode verification, device/IP metadata, and a biometric video of the signing.
• Payment data: processed by Stripe. We do not store full card numbers; we keep subscription/credit status and invoices.
• Usage data: log data, approximate location from IP (country/city), and security events.

To create and operate your account; to deliver quotes and messages between patients and clinics; to produce and store legally-defensible consent evidence; to process payments and credits; to provide customer support; to detect and prevent fraud and abuse; and to comply with legal obligations.

We process personal data on the bases of: performance of a contract (operating the service); your explicit consent (in particular for special-category health and biometric data); our legitimate interests (security, service improvement); and compliance with legal obligations. For health and biometric data we rely on your explicit, withdrawable consent, captured at the point of signing.

Biometric signing videos are encrypted at rest using AES-256-GCM envelope encryption and stored in access-controlled object storage. Consent submissions are hash-chained and their integrity hash is anchored to a public, independent timestamping service (OpenTimestamps) so the record can be shown to be tamper-evident. Access to this evidence is restricted to the issuing clinic and to you.

We share data only as needed to provide the service: with the clinic you interact with; with infrastructure and processor partners (e.g. Cloudflare for hosting/storage, Stripe for payments, and email/SMS delivery providers) acting under data-processing agreements; and where required by law. We do not sell your personal data.

Our infrastructure may process data in multiple regions. Where data is transferred across borders we rely on appropriate safeguards (such as standard contractual clauses) as required by GDPR and KVKK.

We keep account and transactional data for as long as your account is active and as required for legal, tax and dispute-resolution purposes. Consent evidence is retained for the period necessary to establish or defend legal claims. You may request deletion subject to these legal retention duties.

We apply encryption in transit (TLS) and at rest for sensitive data, hashed passwords, role-based access control, and tamper-evident audit trails. No system is perfectly secure, but we work to protect your data against unauthorised access, alteration and disclosure.

Subject to applicable law you may request access to, correction, deletion or portability of your data, restrict or object to certain processing, and withdraw consent at any time (which does not affect processing already carried out). To exercise these rights, contact us using the details below.

We use strictly-necessary cookies for authentication and your language preference. We do not use advertising cookies.

The service is not directed to children. Where a patient is a minor, a parent or legal guardian must provide and sign any required consent.

We may update this policy and will revise the "last updated" date above. For privacy questions or to exercise your rights, contact us at [email protected].