Privacy Policy

1. Introduction

HealthLedger ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our software and services for medical and surgical clinics (the "Service"). Please read this privacy policy carefully.

2. Information We Collect

We may collect information about you in a variety of ways:

• Personal Data: Personally identifiable information, such as your name, email address, phone number, and clinic information that you voluntarily give to us when you register with the Service.
• Patient Data: Medical and payment information about patients that clinics enter into our system, including but not limited to names, contact details, medical history, and payment records.
• Derivative Data: Information our servers automatically collect when you access the Service, such as your IP address, browser type, operating system, access times, and pages viewed.
• Mobile Device Data: Device information if you access the Service via a mobile device, including device type, operating system, unique device identifiers, and mobile network information.

3. Use of Your Information

We use the information we collect to:

• Provide, operate, and maintain our Service
• Process transactions and send related information
• Send technical notices, updates, security alerts, and support messages
• Respond to customer service requests and support needs
• Monitor and analyze usage and trends to improve the Service
• Prevent fraudulent transactions and protect against criminal activity
• Comply with legal obligations and enforce our terms and policies

4. Disclosure of Your Information

We may share information we have collected about you in certain situations:

• With Payment Processors: To facilitate payments, we may share necessary information with third-party payment processors.
• With Communication Services: To send notifications via email and WhatsApp (to patients and admins only), we integrate with third-party communication services.
• For Legal Compliance: If required by law or in response to valid requests by public authorities.
• Business Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company.

5. Security of Your Information

We implement appropriate technical and organizational measures to protect the security of your personal information. We use encryption (SSL/TLS) to protect data transmitted between our servers and your devices. All stored data is encrypted at rest. Access to personal information is restricted to personnel who need to know that information to provide our Service.

6. Data Retention

We retain personal data only for as long as necessary to provide the Service and fulfill the purposes outlined in this policy. Patient records are retained according to applicable medical record retention laws. When we no longer need personal data, we securely delete or anonymize it.

7. Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal data:

• The right to access, update, or delete your information
• The right to rectification if your information is inaccurate or incomplete
• The right to object to our processing of your personal data
• The right to request restriction of processing your personal information
• The right to data portability
• The right to withdraw consent

8. Third-Party Services

We may employ third-party companies and individuals to facilitate our Service ("Service Providers"), provide the Service on our behalf, perform Service-related services, or assist us in analyzing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

9. Notification Policy

HealthLedger sends emails and WhatsApp messages to patients and clinic admins (owners/managers) only. Staff members only have access to the web entry/search interface and receive in-app alerts - they never receive external notifications via email or WhatsApp from our system.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.