DocNearby
DocNearby

Privacy Policy

Last updated: October 18, 2025

1. Introduction

HashData LLC, doing business as DocNearby ("DocNearby," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, mobile application, or use our services.

Company Information:
HashData LLC (DBA DocNearby)
1309 Coffeen Avenue STE 1200
Sheridan, Wyoming 82801
Email: support@docnearby.io

2. Information We Collect

2.1 Personal Information

We collect personal information you provide directly to us, including:

  • Account Information: Name, email address, password, phone number
  • Profile Information: Professional credentials (for practitioners), specialties, languages spoken
  • Health Information: Medical history, symptoms, consultation notes (stored securely and encrypted)
  • Payment Information: Billing address (payment details are processed by Stripe and not stored on our servers)
  • Communication Data: Messages between patients and practitioners

2.2 Automatically Collected Information

  • Usage Data: Pages visited, time spent on pages, click-through rates
  • Device Information: IP address, browser type, operating system, device identifiers
  • Location Data: Approximate location based on IP address (with consent for precise location)
  • Cookies and Tracking Technologies: Session cookies, analytics cookies

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our services
  • Process appointments and payments
  • Facilitate communication between patients and practitioners
  • Verify practitioner credentials and licenses
  • Send important updates and notifications
  • Provide customer support
  • Comply with legal obligations
  • Prevent fraud and ensure platform security
  • Conduct research and analytics to improve our services

4. Legal Bases for Processing (GDPR/POPI)

For users in the European Economic Area (EEA) and South Africa, we process personal data based on:

  • Contract: Processing necessary for service delivery
  • Consent: Where you have given specific consent
  • Legitimate Interest: For service improvement and security
  • Legal Obligation: To comply with applicable laws
  • Vital Interest: To protect health and safety

5. Information Sharing and Disclosure

5.1 Service Providers

We share information with trusted third parties who assist us in operating our platform:

  • Stripe: Payment processing (subject to Stripe's privacy policy)
  • Cloud Hosting: Secure data storage and platform hosting
  • Analytics: Service usage analytics (anonymized data)
  • Communication: Email and SMS services for notifications

5.2 Healthcare Practitioners

Patient information is shared with chosen practitioners for appointment purposes only.

5.3 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes
  • Protect our rights and property
  • Ensure user safety
  • Investigate potential violations

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All sensitive data is encrypted in transit and at rest
  • Access Controls: Strict access controls and authentication requirements
  • Regular Audits: Security assessments and vulnerability testing
  • Staff Training: Regular privacy and security training for all employees
  • Secure Infrastructure: Industry-leading cloud security practices

7. Data Retention

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

Medical records and consultation data are retained for 7 years after the last interaction, or as required by applicable healthcare regulations.

8. Your Rights and Choices

8.1 General Rights

  • Access: Request access to your personal data
  • Correction: Update or correct your information
  • Deletion: Request deletion of your account and data
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to certain processing activities

8.2 GDPR Rights (EU/EEA Users)

If you are in the EU/EEA, you have additional rights under GDPR:

  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with supervisory authorities

8.3 CCPA Rights (California Users)

California residents have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Say no to the sale of personal information
  • Access personal information
  • Delete personal information
  • Equal service and price, even if you exercise privacy rights

8.4 POPI Rights (South African Users)

Under the Protection of Personal Information Act (POPI), South African users have the right to:

  • Access personal information we hold about you
  • Correct or delete personal information
  • Object to the processing of personal information
  • Lodge complaints with the Information Regulator
  • Withdraw consent where processing is based on consent

8.5 Other International Rights

Canada (PIPEDA): Right to access and correct personal information, file complaints with Privacy Commissioner

Australia (Privacy Act): Right to access, correct, and complain about handling of personal information

Brazil (LGPD): Rights similar to GDPR including access, correction, deletion, and portability

Other Jurisdictions: We comply with applicable privacy laws in all jurisdictions where we operate

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure adequate protection through:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by relevant authorities
  • Other approved transfer mechanisms

10. Cookies and Tracking

We use cookies and similar technologies to:

  • Remember your preferences
  • Maintain your session
  • Analyze platform usage
  • Improve user experience

You can control cookies through your browser settings. Note that disabling cookies may affect platform functionality.

11. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

12. Third-Party Links

Our platform may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes via:

  • Email notification
  • Platform notification
  • Website posting

Continued use after changes indicates acceptance of the updated policy.

14. Contact Us

For privacy-related questions, concerns, or to exercise your rights, contact us:

Privacy Contact Information

Email: support@docnearby.io
Subject Line: Privacy Request
Mail:
HashData LLC (DBA DocNearby)
Attn: Privacy Officer
1309 Coffeen Avenue STE 1200
Sheridan, Wyoming 82801

We will respond to your request within 30 days (or as required by applicable law).

15. Supervisory Authority Contact (EU/EEA)

If you are in the EU/EEA and have concerns about our data processing, you may contact your local data protection authority or the lead supervisory authority.

Your Data Matters: We are committed to protecting your privacy and handling your data responsibly. This policy reflects our dedication to transparency and compliance with global privacy standards including GDPR, CCPA, and other applicable regulations.