Privacy Policy
Last updated: 2026-05-13. Effective immediately.
1. Data we collect
- Account data: name, email, mobile number, role (patient, doctor, clinic admin).
- Health data (patients only): appointments, encounters, prescriptions, lab orders, lab results, insurance claims you choose to record with us.
- Payment data: amounts and statuses of invoices. Card and wallet details are handled directly by our payment providers (Paymob, Stripe) and never touch our servers.
- Usage data: pages visited, device type, IP address, timestamps — used for security and aggregated analytics.
- Communication content: messages, review text, and reply threads exchanged through Ehgzli.
2. Why we collect it
- To run the service you signed up for (booking, telehealth, records, billing).
- To comply with applicable medical-records, billing, and tax law in your jurisdiction.
- To detect fraud, abuse, and security incidents.
- To improve the product and to send strictly transactional notifications you've opted into.
3. How we use it
We process your data on the legal bases of (a) contract performance (you asked us to run the booking/records flow), (b) legitimate interest (security, fraud prevention, product analytics on aggregated data), and (c) explicit consent (marketing communications you opt into).
4. How we share
We share your data only with:
- The clinic / doctor you booked with — they see your appointment, encounter, prescription, and lab data so they can treat you. They are independent data controllers for the clinical record.
- Payment processors (Paymob, Stripe) — only the transaction amount and reference, never your medical data.
- Insurance payors — only when you choose to submit a claim, and only the data needed to process that claim.
- Sub-processors (hosting, email, SMS, WhatsApp delivery, error tracking) under written data-processing agreements that bind them to confidentiality and security standards.
- Authorities — only when compelled by valid legal process and only to the extent required.
We do not sell your data. Ever.
5. How long we keep it
Account data is retained while your account is active. Health records follow the medical-records retention period mandated by your jurisdiction (typically 10 years for adult records, longer for pediatric). Billing records follow tax-law retention (typically 5—10 years). When you delete your account we anonymize or remove personally identifiable data; clinical and billing records that we are legally required to retain are kept in restricted storage until their statutory expiry.
6. Your rights
You have the right to:
- Access the data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your data, subject to retention obligations above.
- Export your data in a portable format.
- Object to or restrict certain processing.
- Withdraw consent for any consent-based processing (e.g., marketing) at any time.
- Lodge a complaint with your local data-protection authority.
Exercise these rights by emailing privacy@ehgzli.com. We respond within 30 days. privacy@ehgzli.com
7. Cookies
We use strictly-necessary cookies for session, authentication, and CSRF protection. We use first-party analytics cookies (aggregated, no third-party trackers) only after you accept the cookie banner. You can clear or block cookies in your browser; doing so may sign you out and disable parts of the booking flow.
8. Security
All traffic to Ehgzli is encrypted in transit (HTTPS). Data at rest is encrypted on our managed database. Access to production data is restricted to a small operations team and audited. We follow the Ehgzli Constitution's data-sovereignty (Clause 24), telemetry-privacy (Clause 28), and STRIDE threat-modelling (Clause 33) discipline. We will notify affected users without undue delay if a breach is detected, in line with statutory requirements.
9. Contact & Data Protection Officer
Questions, requests, or complaints:
Ehgzli — Data ProtectionEmail: privacy@ehgzli.com
General: /contact
See also: Terms of Service