Privacy Policy
Version 2026-05
This Privacy Policy describes how Dr. Doutor collects, uses and protects your personal data — including health data — when you use the platform.
1. Data we collect
Account: name, email, phone, password (stored irreversibly). Health: bookings, messages with your professional, documents you choose to share. Professionals: verification data (licence, KYC documents). Technical: access logs and device identifiers needed to secure the service.
2. Purposes
We use data to operate the platform (bookings, notifications, payments), verify professionals, prevent fraud and abuse, comply with legal obligations and — only with your express consent — send marketing communications or use anonymised data for research.
3. Consent
At signup you accept the Terms of Service and this policy; we record the accepted version and date. Optional consents (marketing, research) are managed under Profile → Privacy and can be withdrawn at any time without affecting the essential service.
4. Sharing
Your health data is shared only with the professional you book with. We use technical processors (hosting, email, payments) contractually bound to protect the data. We do not sell personal data.
5. Retention
We keep data while your account is active and for legally required periods. You can request account deletion under Profile → GDPR; data we are legally required to keep is retained for the applicable period and then deleted.
6. Your rights
You have the right of access, rectification, portability (export of your data), objection and erasure. These actions are available in the platform itself (Profile → Privacy / GDPR) or via our privacy contact.
7. Security
We apply appropriate technical and organisational measures: encryption in transit, encryption of sensitive clinical fields, access control and audit logging. No system is absolutely secure; we notify relevant incidents as required by law.
8. Changes
Material changes to this policy are announced on the platform. The current version is identified on this page.