LEGAL NOTICE: This is a placeholder privacy policy. You MUST replace this content with a comprehensive policy drafted by a legal expert, especially considering GDPR and French health data laws (HDS).
Welcome to EndoGraph Pro. We are committed to protecting your privacy and handling your data in an open and transparent manner. This privacy policy sets out how we collect, use, and protect the personal information of our users (practitioners) and the data of their patients.
[Your Company Name], located at [Your Company Address], is the data controller for the practitioner's personal data.
For patient data, the practitioner is the Data Controller, and [Your Company Name] acts as the Data Processor on their behalf.
We collect the following information upon registration: [List practitioner data collected, e.g., First Name, Last Name, Email, Phone, Clinic Address, Specialty, RPPS Number].
The application is designed to store patient information entered by the practitioner, which includes sensitive health data: [List patient data fields, e.g., Name, Gender, DOB, SSN, Exam Results, Diagnostics, Treatments].
We process data to provide and improve our service, including account management, application functionality, security, and customer support. We do not use patient data for any purpose other than providing the service as instructed by the practitioner.
[Explain the legal basis, e.g., Contractual necessity for practitioner data, and the practitioner's own legal basis for processing patient health data].
We implement robust technical and organizational measures to protect data, including access control via Firebase Authentication, Firestore Security Rules, and data encryption in transit.
As a user, you have the right to access, rectify, or erase your personal data, restrict processing, and the right to data portability. You can manage your data in the 'Settings' section of the app.
[Describe your data retention policy. E.g., practitioner data is retained as long as the account is active. Deleting an account will permanently erase all associated practitioner and patient data.]
If you have any questions about this privacy policy, please contact us at [Your Contact Email].