Embedded Files
When users utilize this service, the service will acquire the following information from the users. This information does not include personally identifiable information (such as name, E-mail address, credit card information, etc). The details are as follows:
A. Type of Information Obtained:
A. Type of Information Obtained:
Data Controller and Processor Roles (GDPR) In the context of the General Data Protection Regulation (GDPR) and similar data protection laws, you (the Healthcare Provider) act as the Data Controller for all patient information entered into the application. You are strictly responsible for obtaining any necessary consent from your patients. The Developer does NOT act as a Data Processor or Data Controller for patient information, as the application operates entirely offline and the Developer has no technical access to your medical records.
1. De-personalized application usage analytics (including approximate location such as city/country derived from IP address).
2. System errors happened during application usage
B. Type of information captured by application that remains private and not transmitted out of device:
B. Type of information captured by application that remains private and not transmitted out of device:
1. Images captured. The images saved by user in the application are stored locally on device memory and not transmitted anywhere.
2. User-created data (appointments details, patients details) is stored locally on device. It is not transmitted to the developer or any third parties, except when the user explicitly initiates a backup to their personal Google Drive storage. User-created data (appointments details, patients details) is stored locally on device. It is not transmitted to the developer or any third parties, except when the user explicitly initiates a backup to their personal Google Drive storage. We do not store, process, host, or have any access to this Protected Health Information (PHI)
C. Acquisition Method:
C. Acquisition Method:
It is provided to the service from the users' smartphone through Google Cloud software and stored in Google Cloud.
The Application is intended for use by medical professionals aged 18 and older. We do not knowingly collect personal information from individuals under the age of 18.
D. Purpose of Use:
D. Purpose of Use:
1. Collect attributes of the usage information, analyze and create statistical data regarding the usage information.
E. Procedure to Stop the Acquisition
E. Procedure to Stop the Acquisition
To improve our service, we collect anonymous usage statistics. This data is de-personalized and cannot be used to track your precise location (GPS). Users cannot opt-out of this essential analytics collection via device location settings, as it does not rely on GPS sensors.
F. Google Drive Data Backup
F. Google Drive Data Backup
DoctorPlanner offers an optional feature to back up your medical records and app data to your personal Google Drive. This feature is user-initiated.
1. How we access your data (Google Drive API): Our application uses the https://www.googleapis.com/auth/drive.file scope. This means:
Limited Access: The application can only access, open, and edit files that were created by this app. The application cannot see or access any other files in your Google Drive.
Usage: This access is used strictly to upload your backup file and to retrieve it when you choose to restore your data.
2. Data Sharing and Disclosure:
The data transferred to Google Drive remains under your control.
We (the developers of DoctorPlanner) do not have access to your Google Drive files.
We do not share, sell, or transfer this data to any other third-party services or advertising platforms.
The use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
By default, DoctorPlanner utilizes the user's standard personal Google Drive account for backups. Standard personal cloud accounts are generally not compliant with the Health Insurance Portability and Accountability Act (HIPAA) as they lack a Business Associate Agreement (BAA). Healthcare Providers subject to United States HIPAA regulations acknowledge that utilizing a non-enterprise, personal cloud storage account for syncing patient data is done entirely at their own risk.
G. Contact Us
G. Contact Us
If you have any questions regarding this Privacy Policy, please contact us at: doctorplanner1492@gmail.com
Google Sites
Report abuse