Doctor Appointment System

# Privacy Policy — MediHero.Net **Effective Date:** June 4, 2026 **Last Updated:** June 4, 2026 **Operated by:** Sentrynex LLC **Contact:** [email protected] **Website:** https://medihero.net --- ## 1. Introduction MediHero.Net ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and safeguard your information when you use our telemedicine and healthcare appointment platform. By using MediHero.Net, you consent to the practices described in this Privacy Policy. --- ## 2. Information We Collect ### 2.1 Personal Information - **Account Data:** Name, email address, phone number, date of birth, gender - **Profile Data:** Profile photo, address, emergency contact information - **Medical Information:** Symptoms, medical history, prescriptions, appointment notes (provided by you or healthcare providers) - **Payment Information:** Billing address, payment method details (processed securely by third-party payment processors; we do not store full card numbers) ### 2.2 Automatically Collected Information - IP address and device information - Browser type and version - Operating system - Pages visited, time spent, and click patterns - Referral source and geographic location (country/city) - Cookies and similar tracking technologies ### 2.3 Healthcare Provider Data For doctors and clinics using our platform: - Professional credentials, license numbers, specializations - Clinic/availability schedules - Consultation fees and billing information --- ## 3. How We Use Your Information We use your personal data for the following purposes: | Purpose | Legal Basis | |---------|-------------| | Account creation and management | Contract performance | | Booking and managing appointments | Contract performance | | Facilitating telemedicine consultations | Contract performance / Consent | | Processing payments | Contract performance | | Sending appointment reminders and notifications | Legitimate interest / Consent | | Platform security and fraud prevention | Legitimate interest | | Compliance with legal obligations | Legal obligation | | Improving our services and user experience | Legitimate interest | | Marketing communications (with opt-out) | Consent | --- ## 4. How We Share Your Information We do **not** sell your personal data. We may share information with: - **Healthcare Providers:** To facilitate appointments and consultations you request - **Service Providers:** Payment processors, hosting providers, email/SMS services - **Legal Authorities:** When required by law, court order, or to protect rights and safety - **Business Transfers:** In the event of a merger, acquisition, or sale of assets All third-party processors are bound by data protection agreements. --- ## 5. Data Security We implement appropriate technical and organizational measures to protect your data: - **Encryption:** TLS 1.3 for data in transit; AES-256 encryption for sensitive data at rest - **Access Controls:** Role-based access, multi-factor authentication for staff - **Audit Logs:** Monitoring and logging of access to personal data - **Regular Security Assessments:** Vulnerability scanning and penetration testing - **Data Minimization:** We only collect data necessary for the specified purpose Despite our efforts, no internet-based service can be 100% secure. You are responsible for keeping your password confidential. --- ## 6. Data Retention We retain your personal data only as long as necessary: - **Active Accounts:** For the duration of your account plus any legal retention period - **Medical Records:** As required by applicable healthcare laws (typically 5–10 years depending on jurisdiction) - **Inactive Accounts:** After account deletion, residual data may be retained for legal, tax, or regulatory purposes - **Analytics Data:** Anonymized after 2 years You may request deletion of your data at any time (see Section 9). --- ## 7. Cookies and Tracking Technologies We use cookies to: - Maintain your session and login status - Remember preferences (language, timezone) - Analyze site traffic and usage patterns - Deliver relevant content **Cookie Categories:** - **Essential:** Required for the platform to function - **Functional:** Remember your preferences - **Analytics:** Help us understand how visitors use our site - **Marketing:** Used to deliver relevant advertisements You can manage cookie preferences through your browser settings. --- ## 8. International Data Transfers MediHero.Net is operated from the United States. Your data may be transferred to and processed in countries outside your residence, including the United States. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs), for transfers from the EU/EEA, UK, and other jurisdictions requiring them. --- ## 9. Your Rights Depending on your location, you may have the following rights: | Right | Description | |-------|-------------| | **Access** | Request a copy of your personal data | | **Rectification** | Correct inaccurate or incomplete data | | **Erasure ("Right to be Forgotten")** | Request deletion of your data | | **Restriction** | Limit how we process your data | | **Portability** | Receive your data in a structured, machine-readable format | | **Objection** | Object to processing based on legitimate interests | | **Withdraw Consent** | Withdraw consent at any time (for consent-based processing) | | **Complaint** | Lodge a complaint with a data protection authority | To exercise your rights, contact us at **[email protected]**. We respond within 30 days. --- ## 10. Children's Privacy MediHero.Net is not intended for children under 13 (or 16 in the EU without parental consent). We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us immediately. --- ## 11. California Privacy Rights (CCPA/CPRA) If you are a California resident, you have the right to: - Know what personal information we collect, use, and share - Request deletion of your personal information - Opt-out of the sale of personal information (we do not sell personal information) - Non-discrimination for exercising your privacy rights To make a CCPA request, email **[email protected]** with "CCPA Request" in the subject line. --- ## 12. Changes to This Privacy Policy We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be communicated via email or prominent notice on the platform. --- ## 13. Contact Us For questions, concerns, or requests regarding this Privacy Policy or your personal data: **Email:** [email protected] **Company:** Sentrynex LLC **Website:** https://medihero.net --- > **Disclaimer:** This Privacy Policy is a template and should be reviewed by a qualified legal professional before publication. It is provided for informational purposes and may need customization for your specific business operations, jurisdiction, and data practices.