Privacy Policy

Introduction

At Doctor's Timesaving Toolbox ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal and medical data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our medical practice automation platform.

Our platform is designed with GDPR compliance as the foundation, and where applicable, we maintain compatibility with other regulatory frameworks including HIPAA healthcare providers can use our services without compromising patient confidentiality or regulatory requirements.

Data Controller

Doctor's Timesaving Toolbox (Oceanidon 9, Larnaca, 6041, Cyprus) is the data controller for personal data processed in connection with the Service, unless otherwise stated.

Information We Collect

Personal Information

• Account information (name, email, professional credentials)
• Payment information (processed securely through Stripe)
• Professional information (medical specialty, practice details)

Medical Data

• Patient notes and medical documentation you input
• Generated medical documents
• Voice recordings and handwritten notes (temporarily processed for transcription)

Usage Data

• Platform usage statistics and analytics
• Device and browser information
• IP addresses and location data

Legal Bases for Processing

We process your personal data based on: performance of our contract with you, compliance with legal obligations, our legitimate interests in operating and improving our services and ensuring security, and where applicable, your consent or explicit consent for special category data.

AI Services and De-identification

We use third-party AI services to assist with document generation. Before transmitting any input to external AI providers, we apply technical and organizational measures designed to de-identify patient-related information. We do not knowingly or intentionally transmit patient-identifiable personal data to external AI service providers. These providers may act as processors or sub-processors under our instructions.

How We Use Your Information

• To provide and maintain our medical document generation services
• To process AI-powered document creation and correction
• To ensure data security and compliance with applicable regulations security
• To communicate with you about your account and our services
• To improve our platform and develop new features
• To comply with legal obligations and regulatory requirements

Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described below:

• Service Providers: We may share data with trusted third-party service providers who assist in operating our platform (e.g., cloud hosting, payment processing)
• Legal Requirements: We may disclose information when required by law or to protect our rights and safety
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred
• With Your Consent: We may share information with your explicit consent

Data Security

We implement comprehensive security measures to protect your data:

• End-to-end encryption for data transmission and storage
• Regular security audits and compliance assessments
• Access controls and authentication requirements
• Secure cloud infrastructure with multiple backups
• Data handling procedures designed for compliance with applicable regulations procedures

Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request transfer of your data to another service
• Opt-out: Opt-out of certain data processing activities

To exercise these rights, please contact us at privacy@fanos.dev

Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Data retention periods may vary by jurisdiction where applicable regulatory requirements apply, including GDPR and HIPAA.

Cookies and Tracking

We use cookies and similar technologies to enhance your experience, analyze usage, and maintain platform security. You can control cookie preferences through your browser settings.

Professional Use Only

Our services are intended for healthcare professionals and are not directed at children under 13. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through our platform. Your continued use of our services after such changes constitutes acceptance of the updated policy.