This Privacy Policy describes how Vital2Doc collects, uses, and protects information provided by doctors and clinic staff using our iOS application and related services. Please read it carefully before using our platform.
1. Information We Collect
Account Information
- Full name, email address, and phone number provided at registration
- Medical license number and specialty for doctor accounts
- Clinic name, address, and clinic ID for staff accounts
- Profile photo (optional)
Usage & Device Information
- Device model, operating system version, and app version
- Session tokens and authentication logs (stored securely)
- Feature usage patterns to improve the application (anonymised)
- Push notification tokens for real-time alerts
Patient-Related Data (accessed, not owned)
- Patient vital sign readings shared via DrPulse consent assignments
- Medical documents uploaded by patients for review
- Encrypted chat messages between doctors and patients
Vital2Doc does not own patient data. We act as a processor on behalf of clinics. Patient data is only accessible after the patient grants explicit consent through the DrPulse application.
2. How We Use Your Data
| Purpose | Data Used | Basis |
|---|---|---|
| Providing core app functionality | Account info, assignments, messages | Contract performance |
| Authentication & security | Session tokens, device info | Legitimate interest |
| Patient assignment management | Doctor ID, patient consent records | Contract performance |
| Encrypted messaging | Public keys, encrypted message bodies | Contract performance |
| Product improvement (anonymised) | Aggregated usage statistics | Legitimate interest |
| Legal compliance & audit logs | Access logs, timestamps | Legal obligation |
3. Data Sharing
We do not sell, trade, or rent your personal information. Data is shared only in these circumstances:
- Within your clinic: Clinic staff can see doctor profiles and assignment statuses as permitted by their role.
- DrPulse platform: Patient vital data is pulled from DrPulse only when an accepted consent assignment exists.
- Infrastructure providers: Our hosting and database providers process data under strict data-processing agreements.
- Legal requirements: We may disclose data when required by law, court order, or to protect the rights and safety of users.
We never share identifiable patient data with advertisers, analytics companies, or any third parties for commercial purposes.
4. Security & Encryption
Security is a foundational design principle, not an afterthought. Key measures include:
- End-to-end encrypted chat: AES-256-GCM with ECDH P-256 key exchange. Keys are generated on-device and stored in the iOS Keychain. We cannot read your messages.
- Transport security: All API traffic uses TLS 1.3. Certificate pinning is implemented in the iOS app.
- Data at rest: All database records containing health information are encrypted with AES-256.
- Authentication: JWT tokens with short expiry, token versioning for immediate revocation, and biometric authentication support.
- Access controls: Role-based access ensures staff can only view data within their assigned clinic.
- Audit logging: All access to patient data is logged with user ID, timestamp, and action type.
5. HIPAA Compliance
Vital2Doc is designed to support HIPAA compliance for covered entities and their business associates:
- We implement all required Administrative, Physical, and Technical safeguards
- A Business Associate Agreement (BAA) is available for clinics upon request
- Minimum necessary data access principles are enforced at the API level
- We maintain breach notification procedures as required by 45 CFR §164.400
- Regular risk assessments and security reviews are conducted
- All staff with access to PHI receive privacy and security training
To request a Business Associate Agreement for your clinic, email privacy@vital2doc.com.
6. Data Retention
| Data Type | Retention Period | Notes |
|---|---|---|
| Account information | Duration of account + 2 years | Purged within 30 days of confirmed deletion |
| Chat messages | 3 years from creation | E2E encrypted; we hold ciphertext only |
| Medical documents | As required by applicable law | Minimum 7 years in most jurisdictions |
| Audit logs | 6 years | HIPAA requirement — cannot be purged early |
| Session tokens | Until logout or expiry | Max 30 days; revoked immediately on deletion request |
| Anonymised analytics | Indefinite | Cannot be linked back to individuals |
| Account deletion request record | 6 years | Retained for compliance & audit purposes |
7. Your Rights
You have the following rights regarding your personal data. Submit requests to privacy@vital2doc.com.
To delete your account: Open the Vital2Doc iPad app → Profile & Settings → scroll to bottom → tap "Request Account Deletion". Your account is deactivated immediately and a deletion request is sent to our team. You can also email support@vital2doc.com. Full deletion is completed within 30 days, subject to legal retention requirements.
We will respond to all other valid data requests within 30 days. For complex requests, we may extend this to 60 days with notice.
8. Cookies & Tracking
The Vital2Doc iOS app does not use browser cookies. Our website (vital2doc.com) uses only essential, first-party cookies for session management and does not use third-party tracking, advertising, or analytics cookies.
9. Children's Privacy
Vital2Doc is a professional medical application intended solely for licensed healthcare providers and clinic staff. It is not directed at, and does not knowingly collect data from, individuals under the age of 18. If we become aware that data has been collected from a minor, we will delete it promptly.
10. Policy Changes
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Post the updated policy with a new effective date on this page
- Send an in-app notification to all active users
- Email registered users for significant changes affecting their rights
Continued use of Vital2Doc after changes take effect constitutes acceptance of the updated policy.
11. Contact Us
For privacy-related questions, data requests, or to report a concern: