ClinicFlow

Privacy Policy

Effective Date: [Insert Date]

1. Introduction

Welcome to [Your Company Name] ("we," "our," or "us"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and other applicable data protection laws.

2. Data Controller

[Your Company Name] is the data controller responsible for the processing of your personal data. If you have any questions about this Privacy Policy or your rights, you can contact us at:

  • Email: [Insert Contact Email]
  • Address: [Insert Company Address]

3. Data We Collect

We collect the following types of personal data when you use our calendar scheduling and appointment services:

  • Personal Identification Information: Name, email address, phone number.
  • Appointment Details: Meeting date, time, duration, and purpose.
  • Account Information: Login credentials, profile preferences.
  • Technical Data: IP address, device information, browser type, cookies, and usage logs.
  • Communication Data: Messages exchanged with us via email or other support channels.

4. Purpose of Data Processing

We process your personal data for the following purposes:

  • To provide and manage our scheduling and appointment services.
  • To send appointment confirmations, reminders, and notifications.
  • To improve our website, services, and customer experience.
  • To comply with legal obligations and prevent fraudulent activities.

5. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Performance of a Contract: When data processing is necessary to provide our services.
  • Legitimate Interests: When we use your data to enhance our services while ensuring your rights.
  • Consent: For marketing and promotional communications (you may withdraw your consent at any time).
  • Legal Obligations: When required by law.

6. Data Sharing and Third-Party Services

We may share your personal data with:

  • Service providers assisting in hosting, payment processing, and communication.
  • Law enforcement agencies when legally required.
  • Third-party calendar integrations (such as Google Calendar, Microsoft Outlook) upon your consent.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, and resolve disputes.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of Access: Obtain a copy of your personal data.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten): Request deletion of your data under certain conditions.
  • Right to Restrict Processing: Limit processing of your data.
  • Right to Data Portability: Receive your data in a structured format.
  • Right to Object: Object to data processing based on legitimate interests.
  • Right to Withdraw Consent: Withdraw consent at any time for marketing communications.

To exercise your rights, please contact us at [Insert Contact Email].

10. International Data Transfers

If we transfer your data outside the European Economic Area (EEA), we ensure adequate safeguards are in place, such as Standard Contractual Clauses (SCCs) or reliance on countries with an adequacy decision by the European Commission.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance user experience. You can manage your cookie preferences via our Cookie Policy or browser settings.

12. Changes to This Privacy Policy

We may update this policy periodically. Any changes will be posted on this page with an updated effective date.

13. Contact Information

For questions or concerns regarding this Privacy Policy, you can contact us at:

  • Email: [Insert Contact Email]
  • Address: [Insert Company Address]

If you believe that our data processing is not in compliance with GDPR, you have the right to lodge a complaint with your local Data Protection Authority (DPA).

Last updated on [Insert Date].