الرئيسية
AR - USD
لغة الموقع
عملة الموقع

سياسة الخصوصية

 

Dektori Privacy Policy and Notice of Privacy Practices

Effective Date: August 18, 2025

 

1. Introduction

Dektori ("we,” "us,” or "our”) is committed to protecting your privacy and safeguarding the information you share with us. This Privacy Policy explains how we collect, use, store, and disclose personal and health information when you use our health education platform ("Platform”). It also describes your rights regarding your data.

While Dektori is not a healthcare provider, we voluntarily apply standards consistent with the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA), as well as other applicable privacy laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). By using the Platform, you consent to the practices outlined in this Policy and understand that your information may be transferred to and processed in the United States or other jurisdictions where our service providers operate.

 

2. Information We Collect

Dektori collects only the information necessary to provide and improve our services. Information is obtained directly from you, through automated technologies, and occasionally through third parties.

2.1 Information You Provide

When you create an account, book or participate in a consultation, subscribe to newsletters, or communicate with us, you may provide personal identifiers such as your name, date of birth, contact details, and demographic information. You may also provide information that qualifies as Protected Health Information (PHI), including your health history, symptoms, medications, test results, or consultation notes.

Payment details, such as billing addresses and transaction information, may also be collected. Sensitive payment card data is processed securely by providers like Stripe or PayPal; Dektori does not store complete credit card numbers.

We also collect the content of your communications with support staff or Providers, as well as feedback, attachments, or complaints. Newsletter subscriptions require an email address, which we use only for sending updates and materials you consent to receive.

2.2 Information Collected Automatically

When you use the Platform, we collect technical details such as your IP address, device identifiers, browser type, language settings, pages visited, and activity logs. This information supports security, performance, and reliability.

We may also infer approximate location from your IP address, or collect precise location data if you enable it on your device. Services like Google reCAPTCHA, Firebase, and authentication systems from Apple, Google, or Facebook may process technical signals to ensure secure login and session management. These services handle metadata only; they do not access your PHI.

Analytics tools such as Google Analytics and Tag Manager track general usage patterns to improve our services. These tools may use cookies or identifiers, but they are configured to avoid linking activity data with your personal consultation records.

2.3 Information from Third Parties

At times, we may receive information about you from third parties, such as when a Provider enters data on your behalf, a parent or guardian supplies details for a minor, or a payment processor updates billing information. If you log in through Apple, Google, or Facebook, we receive only limited account details necessary for authentication and account management.

Newsletter services and translation tools (such as Microsoft Translator) may also process limited information. These services are used only for their intended function and do not retain or repurpose your content.

 

3. How We Use Your Information

We use your information for purposes essential to operating and improving the Platform:

Providing Services: Personal information and PHI are used to connect you with Providers, allow Providers to review information you submit, and facilitate educational consultations.

Health Care Operations: Information may be used to assess service quality, train Providers, improve functionality, and support customer service. PHI may also be de-identified and used for analytics, research, or platform development.

Communications: We use your contact details to send confirmations, respond to inquiries, provide service announcements, and share updates. You may receive newsletters or promotional content, but you may opt out of marketing messages at any time.

Personalization and Improvement: Usage data helps us tailor your experience, recommend relevant services, and optimize the Platform’s performance and accessibility.

Analytics and Marketing: Non-identifiable data may be used to understand user behavior and for targeted outreach, always in compliance with law and without selling your personal data.

Legal and Safety Purposes: We may use your information to comply with laws, respond to lawful requests, prevent fraud, enforce our Terms, or protect the safety of users and the public.

We do not engage in automated decision-making that produces legal or significant effects, and we do not sell or rent personal information.

 

4. How We Share and Disclose Information

Your information is shared only as necessary and with safeguards:

  • Healthcare Providers: PHI is shared with independent Providers offering health education through the Platform. These Providers are obligated to keep it confidential.
  • Authorized Representatives: If you act on behalf of a minor or another person, or if someone acts for you, information may be disclosed to them with your consent or as allowed by law.
  • Service Providers: Trusted partners (such as payment processors, hosting services, translation providers, or analytics partners) may access information strictly to perform contracted services under confidentiality obligations.
  • Affiliated Entities: Data may be shared with Dektori’s corporate affiliates for internal operations under terms consistent with this Policy.
  • Business Transfers: In the event of a merger, acquisition, restructuring, or sale of assets, your information may be transferred to the successor entity with protections intact.
  • Legal Requirements: We may disclose information if required by law, in response to lawful requests, or to report abuse, neglect, or threats to safety.
  • De-identified or Aggregated Data: We may share data stripped of personal identifiers for research, analytics, or service development. This information cannot reasonably be traced back to you.

 

5. Cookies and Tracking Technologies

When you use the Platform, we and our service providers may employ cookies, pixels, SDKs, and other tracking technologies to support functionality, security, and analytics.

Cookies help maintain secure sessions, recognize returning users, and remember preferences. Some are essential for login and navigation, while others help analyze usage trends. For example, authentication services like Apple, Google, and Facebook use cookies or tokens to verify identity, while our chatbot uses session cookies to continue conversations across pages.

Other integrations, such as Google reCAPTCHA, Firebase, and analytics tools, collect technical data to improve stability and detect fraudulent or automated activity. Marketing tools such as Google or Facebook pixels may be used for limited outreach campaigns, but these are configured not to collect PHI.

You may manage cookies through your browser settings. While most cookies can be declined or cleared, disabling certain cookies may impact functionality of the Platform.

 

6. International Users and Data Transfers

Dektori is based in the United States, and information you provide may be transferred to and stored on servers in the U.S. or other jurisdiction. By using the Platform, you consent to such transfers, even where data protection laws may differ from those in your home country.

For residents of the European Economic Area, United Kingdom, Switzerland, and similar jurisdictions, we apply additional safeguards. These may include reliance on Standard Contractual Clauses, adequacy decisions such as the EU–U.S. Data Privacy Framework, or explicit consent where required.

6.1 Legal Bases for Processing

Where GDPR or similar laws apply, we rely on:

  • Contractual necessity to provide requested services,
  • Consent for specific uses such as marketing or processing sensitive health data,
  • Legal obligations such as tax or compliance reporting,
  • Vital interests in rare cases of urgent risk, and
  • Legitimate interests to improve and secure our Platform, balanced with your privacy rights.

 

7. Data Security

We employ administrative, technical, and physical safeguards to protect your personal information and PHI. Measures include encryption of data in transit and at rest, role-based access controls, auditing and monitoring of systems, firewalls, malware detection, regular patching, secure data backups, and incident response procedures.

Service providers handling PHI must sign Business Associate Agreements (BAAs) obligating them to meet HIPAA-level protections. Despite our efforts, no method of storage or transmission is completely secure, and we cannot guarantee absolute security. You also play a role by using strong passwords, safeguarding your account credentials, and notifying us promptly of any suspected unauthorized access.

 

8. Children’s Privacy

The Platform is not intended for children under 13, and we do not knowingly collect information from them without parental consent. Users between 13 and 18 may only access Dektori with the involvement of a parent or guardian. By using the Platform, you confirm that you are either at least 18 years old, or that you are between 13 and 18 and have parental or guardian consent.

If you are a parent or guardian and believe that your child’s data has been collected without consent, please contact us immediately so we may take corrective action.

 

9. Changes to this Policy

We may update this Privacy Policy periodically as our services or applicable laws evolve. When updates occur, we will revise the effective date and post the updated policy on our website. Substantive changes will be highlighted where appropriate. Continued use of the Platform after updates signifies acceptance of the revised terms.

 

10. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy, or if you wish to exercise your privacy rights, you may contact us at:

Email: info@dektori.com

We will review and respond to inquiries promptly, generally within five (5) business days, or sooner if required by law. Dektori will never retaliate against you for raising a privacy concern or filing a complaint.

 


تستخدم منصة دكتوري ملفات تعريف الارتباط (Cookies) لضمان تجربة تصفح آمنة ومحسّنة. لمزيد من التفاصيل، يُرجى الاطلاع على سياسة الخصوصية. اقرأ أكثر قبول ملفات تعريف الارتباط اختر ملفات تعريف الارتباط