1. Introduction
This Privacy Policy explains how personal data is collected, used, and protected when using our WhatsApp-based hospital appointment booking service (“Service”). This Service complies with GDPR and German data protection laws (BDSG).
2. Data Controller
[Hospital / Clinic Name]
[Address]
Email: [Email]
Phone: [Phone]
3. Data Processor
[Your Company Name]
Acts as a Data Processor under Article 28 GDPR.
4. Categories of Personal Data
- Identification Data: Name, Phone Number
- Appointment Data: Date, Time, Doctor/Department
- Communication Data: WhatsApp messages, timestamps
5. Purpose of Processing
- Appointment booking and management
- Notifications and reminders
- Customer support
- Legal compliance
6. Legal Basis
- Consent (Art. 6(1)(a) GDPR)
- Contract (Art. 6(1)(b) GDPR)
7. Consent
Consent is collected before using the service and can be withdrawn anytime.
8. WhatsApp Communication
Communication is handled via WhatsApp (Meta Platforms Ireland Ltd.). Data may be processed outside the EU.
9. Data Retention
Data is stored for a maximum of 90 days unless required by law.
10. Data Security
- HTTPS encryption
- EU-based servers
- Access control systems
11. Your Rights
- Access, correction, deletion
- Withdraw consent
- Data portability
How to Exercise Rights
Send "DATA" or "DELETE" via WhatsApp or email us.
12. Supervisory Authority
You may lodge a complaint with a German Data Protection Authority.
13. Updates
This policy may be updated and communicated via website or WhatsApp.
14. Contact
Email: [Insert Email]
Address: [Insert Address]