This Privacy Policy was last updated on April 12, 2026.

Section I: Notice of Health Information Privacy Practices

This Privacy Policy summarises the health information Docologist and Doctors may collect or receive in connection with your use of the Platform. It describes how personal data such as personal information, health information, and medical records from time to time may be used and shared, and your choices regarding this data. Please review this section of our Privacy Policy (Section I, "Notice of Health Information Privacy Practices" or "Notice"), which highlights key points about our privacy practices.

The PLATFORM constitutes a technology platform that facilitates connections between patients and independent Registered Medical Doctors ("the Doctor" or "Medical Service Provider") who provide healthcare and health-related services using information and communication technologies ("the Services"). Docologist does not employ, control, or supervise these Doctors. The Doctors who deliver Services through Docologist are independent medical practitioners registered with the Bangladesh Medical and Dental Council, and they are under professional responsibility to maintain strict confidentiality of health information. Docologist does not access, interpret, or make decisions based on clinical Health Information, except as necessary to provide the technical functionality of the Platform.

Any health data or information related to a patient — such as patient history, physical findings, information about disease risks, medical data, medical images, medical or pathological investigation reports, lab reports, radiological investigations, medication, diagnosis, health education, counselling, treatment, clinical progress notes, supplementary data, handwritten, printed or electronically generated, or audio and visual recordings ("Health Information") — shall be covered by this Privacy Policy. You must first review and sign the Informed Consent for Telemedicine Services ("Informed Consent"), thus providing explicit consent to the collection, use, and sharing of your information as described in this Privacy Policy. To the extent anything in this Privacy Policy conflicts with the Informed Consent, the terms of the Informed Consent will control.

1. How is Patient Privacy Protected?

As a trusted partner in facilitating connections for online medical consultations provided by Doctors through the Platform (collectively referred to as "us", "we", "our"), we understand that information about you and your health is personal. Because of this, we strive to maintain the confidentiality of your health information. We continuously seek to safeguard that information through administrative, physical and technical means, and otherwise abide by applicable national and district guidelines. Your Health Information is protected by general laws and medical ethics under the Bangladesh Medical and Dental Council Telemedicine Guidelines July 2020 ("the Guidelines"), the Bangladesh Medical and Dental Council Code of Professional Conduct, Etiquette and Ethics ("the Code of Conduct"), and rules, regulations and directions related to data protection and privacy laws of Bangladesh.

2. How Do We Use and Disclose Health Information?

We may use and disclose your health information for normal business activities, the purposes described in the Informed Consent, and in case of any emergency situation related to you that the law sees as falling in the categories of consultation support, payment processing, and platform operations. Below we provide examples of those activities, although not every use or disclosure falling within each category is listed:

1. Patient Management – Health Information is stored and processed on the Platform to enable consultations between patients and Doctors. Such information is controlled by the treating Doctor, while Docologist acts as a technology service provider facilitating secure storage and transmission. We may disclose this information so that other doctors, nurses, and entities such as laboratories can meet your healthcare needs, as directed by your treating Doctor.
2. Platform Operations – Health Information may be used to improve platform functionality, user experience, and service quality. Docologist does not use Health Information to clinically evaluate, supervise, or direct Doctors in their medical practice.
3. Video Call – The consultation is provided by the doctor on a video call. The video call is encrypted by 256-bit encryption. Therefore, only the doctor and the patient can see the video. We do not record, screen-record, or take screenshots of video consultations at any time. No visual record of any consultation session is captured or stored by Docologist.
4. Audio Recording – We do not record audio during telemedicine consultations.

We may also use your health information to:

• Comply with national or local laws that require disclosure.
• Assist in public health activities such as tracking diseases or medical devices.
• Inform authorities to protect victims of abuse or neglect.
• Comply with national health oversight activities such as fraud investigations.
• Respond to law enforcement officials or to judicial orders, subpoenas or other processes.
• Inform coroners, medical examiners and funeral directors of information necessary for them to fulfil their duties.
• Conduct internal analysis and service improvement using de-identified or aggregated data only.
• Avert a serious threat to health or safety.
• Assist in specialized government functions such as national security, intelligence and protective services.
• Inform military and veteran authorities if you are an armed forces member (active or reserve).
• Inform a correctional institution if you are an inmate.
• Inform workers' compensation carriers or your employer if you are injured at work.
• Doctors may recommend treatment alternatives during consultations.
• Send you service-related communications such as appointment reminders and platform updates.
• Transmission of summary of Health Information to stakeholders, such as lab, other doctors.
• Support platform operations related to consultation support, payment processing, and service delivery logistics.
• Communicate with other providers, health plans, or their related entities for consultation support, payment processing, and platform operations relating to care coordination.
• Provide information to other independent third parties with whom we do business, such as a record storage provider. However, you should know that in these situations, we require third parties to provide us with assurances that they will safeguard your information.
• We may also use or disclose your personal or health information for operational purposes, such as communicating with individuals involved in your care (family, friends, or hired care service providers) and sending appointment reminders.

Your Personal Information will be separated from the rest of the Health Information collected from you through the Platform or pseudonymized/anonymized before it is shared with a third party pursuant to the purposes mentioned above, unless the sharing of data/information is for the purpose of consultation support, payment processing, and platform operations.

All other uses and disclosures not described above may only be done with your explicit written authorization in the form of an Informed Consent for Telemedicine Services. We will also obtain your authorization before we use or disclose your health information for marketing purposes or before we would sell your information. You may revoke your authorization at any time; however, this will not affect prior uses and disclosures. In some cases, laws of Bangladesh may require that we apply extra protections to some of your health information, and in such cases we will abide by the obligations imposed by the law.

Docologist does not provide clinical oversight, medical judgment, or healthcare decision-making of any kind. All clinical decisions are the sole responsibility of the treating Doctor.

3. What are the Doctor's Responsibilities?

The Doctors are responsible to adhere to the Guideline, the Code of Conduct, general medical ethics and general data protection and privacy laws of Bangladesh. The Doctors must:

• Always maintain the highest standards of professional conduct.
• Protect patient's privacy and right to confidentiality, unless release of information is required by law or by public-interest consideration.
• Provide this Notice of duties and privacy practices.
• Abide by the terms of the Notice currently in effect.
• Tell you if there has been a breach that compromises your health information.

We reserve the right to change our privacy practices and make the new practices effective for all the information we maintain. Revised notices will be posted on the Docologist website and mobile application.

4. Medical Records Inspection

As per the laws prevailing in Bangladesh and if required by Guidelines and Code of Conduct, you may have the following options:

• Inspect and copy certain portions of your health information. To the extent permitted by law, we may deny your request. You may request that we provide your health records to you in an electronic format.
• Access personal data and receive copies of the data collected.
• You may have access to the reports, lab results, if any.
• Request amendment of your health information if you feel the health information is incorrect or incomplete. However, under certain circumstances we may deny your request.
• Request that we restrict how we use or disclose your health information. However, we are not required to agree with your requests, unless you request that we restrict information provided to a payor, the disclosure would be for the payor's payment or healthcare operations, and you have paid for the health care services completely out of pocket.
• Request that we communicate with you at a specific telephone number or address.
• Obtain a paper copy of this notice even if you receive it electronically.
• Request deletion of personal information through written instruction.

We may ask that you make some of these requests in writing.

5. Who Will Follow This Notice?

This Notice describes the privacy practices of:

• Any Doctors authorized to access and/or enter information into your health records.
• All departments and units of Docologist and affiliates through which online health services are provided.
• All affiliates and volunteers.

Section II: Docologist Platform Privacy Policy

Introduction

This Section of our Privacy Policy (Section II, "Platform Privacy Policy") explains how we collect, use, and disclose personal information from and/or about you when you use the Platform or the Services.

THE PLATFORM WILL BE COLLECTING AND TRANSMITTING PERSONAL, MEDICAL AND HEALTH-RELATED INFORMATION ABOUT YOU. IN ORDER TO USE THE PLATFORM, YOU MUST AGREE THAT WE CAN COLLECT AND USE YOUR PERSONAL AND OTHER INFORMATION AS DESCRIBED IN THIS PLATFORM PRIVACY POLICY IN ADDITION TO GRANTING THE INFORMED CONSENT FOR OBTAINING TELEMEDICINE SERVICES. IF YOU DO NOT AGREE, PLEASE DO NOT USE THE PLATFORM.

Our privacy policy explains how we treat your personal data and protect your privacy when you use our Services. By using our Services, you agree that we can use such data in accordance with the privacy policy. We collect a variety of information that you provide directly to us. We process your information when necessary to provide you with the Services that you have requested when accepting our T&C, or where we have obtained your prior consent, or where we have a legitimate interest to do so. For example, we may have a legitimate interest to process your information for security, testing, maintenance, and enhancement purposes of the Services we provide to you, or for analytics, research, and reporting purposes. In extreme circumstances, due to life-saving measures arising from your health condition, we may be constrained to use or share your personal information with third parties for your own benefit, only where strictly necessary and in compliance with applicable laws. We will only use your personal information for providing and improving the Services. We process data based on user consent and legitimate healthcare purposes, and we only collect data strictly necessary for providing our services. Users can request account deletion at any time by contacting support@docologist.com.

Important Definitions

When we use the term "Personal Information" in this Privacy Policy, we mean information about you that is personally identifiable to you, such as your contact information (e.g. name, email address, mobile number, photograph, address, date of birth, mother's name, father's name, signature, national identity card number, birth and death registration number, finger print, passport number, bank account number, driving license, e-TIN number, electronic or digital signature, username, credit or debit card number, voice print, retina image, iris image, DNA profile, security related question or any other identification), personally identifiable health or medical information such as your patient records, reports, documents, images, diagnostics, data etc (digital or otherwise) utilized in the telemedicine consultation, and any other non-public information that is associated with such information.

When we use the term "De-Identified Information", we mean information that is neither used nor intended to be used to personally identify an individual. When we use the term "Cookies", we mean the small pieces of information that a Platform sends to your browser while you are viewing a website. When we use the term "Pixel", we mean the HTML code snippet that may be embedded in certain parts of the Platform to collect information about the device you use to access the Platform and your use of the Platform that may be shared with third parties in accordance with this Privacy Policy. Lastly, when we use the term "User", we mean the user of this Platform, either as a patient or doctor/health-care service provider.

Children Under Age 18

We do not knowingly allow individuals under the age of 18 to create Accounts that allow access to our Platform. We do not knowingly collect personal or health data from individuals under 18. If you believe that a child has provided us with personal data without appropriate parental consent, please contact us at support@docologist.com so that we can take appropriate action.

The Information We Collect or Maintain May Include:

For patients:

• Personal Information including your name, age, email address, password, gender, phone logs, email records, chat/text record, video integration logs etc and other registration information.
• Health Information that the patient provides us, which may include information or records relating to your medical or health history, health status and laboratory testing results, diagnostic images, and other health related information.
• Health information about you prepared or obtained by the Doctor(s) who provide clinical services through the Platform, such as medical and therapy records, treatment and examination notes, and other health related information.
• Information about the computer or mobile device you are using, such as what Internet browser you use, the kind of computer or mobile device you use, and other information about how you use the Platform.

For doctors:

• Full name, age, BMDC number, Gender, Professional Qualification, Experience Information, Chamber information. This information will be publicly accessible in our app and website. We also collect confidential personal data such as NID/Passport number, email address, Mobile number of the doctors. This information will be only accessible to our internal members of staff. Sensitive data such as passwords will not be accessible by anyone.
• Other information the Doctor inputs into the Platform or related services such as optional information like a photograph, that the Doctor elects to associate with the account, log-in details and password, demographic information such as gender, and user generated content that the doctors post or share while using the text messaging feature of the PLATFORM.

We May Use Personal Information for the Following Purposes

• To provide the Services.
• To improve healthcare quality through the performance of quality reviews and similar activities.
• To create De-Identified Information such as aggregate statistics relating to the use of the Services.
• To notify the Users when Platform updates are available.
• To market and promote the Platform and the Services to Users using non-health, non-medical data only. We do not use health or medical data for marketing purposes.
• To fulfil any other purpose for which you provide us Personal Information.
• For the purposes described in Section I relating to the use of Health Information.
• For the purpose of transmitting or informing in-person care providers or medical institutions/hospitals/clinics for providing life-saving support.
• For any other purpose for which you give us authorization.

We May Also Disclose Personal Information That We Collect, or You Provide

• To our subsidiaries and affiliates.
• To contractors, service providers and other third parties we collaborate with in furtherance of our business and who are bound by contractual obligations to keep personal information confidential.
• As required by law, which can include providing information as required by a court order.
• When we believe in good faith that disclosure is necessary to protect your safety or the safety of others, to protect our rights, to investigate fraud, or to respond to a government request.
• To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Docologist's assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Information maintained by the Platform is among the assets transferred.
• For any other purpose disclosed by us when you provide the information.

Information We Collect via Technology

As you use the Platform or the Services, certain information may be passively collected by Cookies, navigational data like Uniform Resource Locators (URLs) and third-party tracking services, including:

• Platform Activity Information. We may keep track of some of the actions you take on the Platform, such as the content of searches you perform on the Platform.
• Access Device and Browser Information. When you access the Platform from a computer or other device, we may collect anonymous information from that device, such as your Internet protocol address, browser type, connection speed and access times (collectively, "Anonymous Information").
• Cookies. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies to make the Platform and Services easier to use, to improve user experience and platform functionality, and to protect both you and Docologist. You can instruct your browser, by changing its options, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. If you do not accept Cookies, however, you will not be able to stay logged in to the Platform. We may also use Pixels to improve user experience and platform functionality by, for example, summarizing usage patterns. Some browser privacy controls may not be fully supported across all parts of our Platform.
• Mobile Services. We may collect non-personal information from your mobile device or computer. This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used include how you use the application(s) and information about the type of device or computer you use. In addition, in the event our application(s) crashes on your mobile device we will receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of our application(s).
• Analytics and Usage Data. We collect aggregated, de-identified information about how users interact with the Platform (such as feature usage patterns and session activity) solely to improve our services. This information cannot be used to identify any individual user. We do not use any third-party analytics SDKs or advertising SDKs on our mobile app. We do not allow any third-party SDK to access or process identifiable health data. Any usage data collected is aggregated and de-identified before analysis.

Limitation of Email Communications

While we take reasonable steps to protect all communications, standard email may not be fully encrypted end-to-end and should be used with discretion. We avoid transmitting sensitive health data via email wherever possible, and we minimise the amount of sensitive health information shared via this channel. Emails we send you may include identifiers such as your name, email address, visit number, patient number, or service date. We recommend that you do not share sensitive health information over email unless you initiate the communication.

Limitation of SMS/Text Message Communications

While we take reasonable steps to protect all communications, standard SMS/text messages may not be fully encrypted and should be used with discretion. We avoid transmitting sensitive health data via SMS wherever possible, and we minimise the amount of sensitive health information shared via this channel. SMS messages sent by us will include your telephone number and will be identifiable as originating from Docologist.

Device-Level Data Security

While we implement safeguards to minimize local storage risks, users are responsible for securing their own devices. We recommend using a device PIN or password and keeping your operating system updated to protect data stored on your device.

Platform Security

We implement strong administrative, technical and physical safeguards to protect PHI held electronically on our servers. While these measures are designed to significantly reduce risk, no system can be completely secure, and we cannot guarantee that our systems and your PHI will never be accessed by unauthorized third parties. In the event of a breach, we will notify affected users and relevant authorities as required by law.

The Rights You Have Over Your PHI (Protected Health Information)

• Right to obtain a copy of your medical record. We are allowed to charge you a fee if we think it's appropriate.
• Right to request that we limit how we use and share your PHI. There may be occasions when we cannot agree to your request.
• Right to request that we change or update information held in your medical record. There may be occasions when we cannot agree to your request.
• Right to request how we send you PHI. The electronic nature of our service limits our ability to agree to such requests.
• Right to a paper copy of this Privacy Policy. The electronic nature of our service limits our ability to agree to such requests.

How to Contact Docologist to Use Your Rights

Please write to us at: support@docologist.com

What if I Have a Complaint?

If you believe that your privacy has been violated, you may file a complaint with us.

Email: complaints@docologist.com

De-Identified Information

We may use De-Identified Information for research, analytics, and service improvement purposes.

Information You Share With Third Parties

This Platform Privacy Policy applies only to information we collect through the Platform and in email, text and other electronic communications set through or in connection with the Platform. This Platform Privacy Policy DOES NOT apply to information collected by any third party. When you click on links on the Platform you may leave our Platform. We are not responsible for the privacy practices of other sites, and we encourage you to read their privacy policies.

Modification of Information

Members will be able to update some of their information through the Platform. Requests to modify any information may also be submitted to support@docologist.com.

Limitations on Deletion of Information

Users can initiate account deletion directly within the App via the Profile settings, or by contacting support@docologist.com. You may also request deletion of your Personal Information by us; however, we may be required (by law or otherwise) to keep this information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete Personal Information, it will be deleted from the active database, but may remain in our archives and we may also retain anonymous information about your use of our services. Once we disclose some of your Personal Information to third parties, we may not be able to access that Personal Information any longer and cannot force the deletion or modification of any such information by the parties to whom we have made those disclosures. After we delete Personal Information, we may retain De-Identified Data and will continue to use De-Identified Data as permitted under this Platform Privacy Policy.

Steps We Take to Keep Your Information Secure

We employ reasonable physical, electronic and managerial security methods to help protect against unauthorized access to Personal Information, such as encryption. But please be aware that no data transmission over the Internet or data storage facility can be guaranteed to be perfectly secure. As a result, while we try to protect your Personal Information, we cannot ensure or guarantee the security of any information you transmit to us.

Right to Non-Discrimination

Docologist will not discriminate against you for exercising any of your privacy rights under law, or as set forth in this Platform Privacy Policy.

Changes to the Platform Privacy Policy

We may change the Platform Privacy Policy from time to time in the future. We will post any revised version of the Platform Privacy Policy on this page. Continued use of our services following notice of such changes will indicate your acknowledgement of such changes and agreement to be bound by the terms and conditions of such changes. By using the Platform, you are agreeing to our collection, use and disposal of Personal Information and other data as described in this Platform Privacy Policy, both as it exists now and as it is changed from time to time.

All capitalized terms in the Privacy Policy (Sections I and II) not defined herein shall have the meaning set forth in the Docologist Terms of Use.

If you have questions or concerns about our Privacy Practices, or would like to report a violation, please contact us by sending an email to complaints@docologist.com.

Section III: Google Play Telehealth Category – Additional Disclosures

The following additional disclosures are provided in accordance with Google Play's Developer Policy for Health apps and apply to all users who access Docologist through an Android device.

1. Sensitive Health Data — Collection and Purpose

Docologist collects sensitive personal and health data solely for the purpose of facilitating telemedicine consultations and related healthcare services. The categories of sensitive data we collect include, but are not limited to:

• Health and medical information — symptoms, medical history, diagnoses, prescriptions, lab results, and diagnostic images shared during consultations.
• Health metrics — where voluntarily provided by the user, such as height, weight, blood pressure readings, or blood glucose levels.
• Communications content — text messages and chat transcripts created during teleconsultation sessions.
• Device and usage data — device type, operating system version, IP address, and in-app activity logs collected for security, quality assurance, and platform improvement.

We do not collect any category of sensitive data listed above for advertising purposes, and we do not sell or rent your health data to any third party for commercial gain. We do not permit third-party advertisers to access any health or medical data collected through the Platform. We do not allow third-party SDKs (including analytics or advertising SDKs) to access or process identifiable health data. Doctors providing services through Docologist are independent medical practitioners and act as independent data controllers in respect of health information they generate during consultations; Docologist acts as a data processor facilitating the delivery of those services. Docologist remains responsible for safeguarding platform-level data processing and security. All doctors are contractually required to comply with strict data protection and confidentiality obligations consistent with this Privacy Policy.

2. Data Sharing with Third Parties

We share your personal and health data only as described in Sections I and II of this Privacy Policy. For clarity, we do not share your sensitive health data with third-party advertising networks, data brokers, or analytics providers in a form that is personally identifiable to you. Any aggregated usage data collected for platform improvement is de-identified before analysis and is not shared with third-party analytics providers. Legitimate data-sharing scenarios include:

• Referring doctors, laboratories, or diagnostic centres, strictly for the purpose of your ongoing care and only with your consent or on the direction of your treating doctor.
• Third-party service providers (e.g., cloud storage, payment processors) who are contractually bound to process your data only on our instruction and to maintain appropriate security standards.
• Regulatory or law-enforcement authorities where required by law.

3. User Consent and Control

Before any sensitive health data is collected or processed, Docologist obtains your explicit informed consent through the Informed Consent for Telemedicine Services. You retain the right to:

• Withdraw your consent at any time by contacting support@docologist.com, without affecting the lawfulness of processing carried out prior to withdrawal.
• Request access to, correction of, or deletion of your personal data (subject to legal retention obligations).
• Revoke device permissions (camera, microphone) at any time through your Android device settings; revoking certain permissions may limit specific features of the app.

4. Data Retention and Deletion

Health and personal data is retained in accordance with applicable medical record retention laws in Bangladesh. Clinical and health records are generally retained for a minimum of five (5) years from the date of last consultation, or longer where required by law, regulatory obligation, or ongoing legal proceedings. Account and transactional data is retained for the duration of your account and for a minimum of three (3) years thereafter. When a retention period expires, or upon your verified deletion request (subject to legal obligations), data is securely deleted from our active systems. Archived or backup copies may persist for a limited additional period before deletion on the next scheduled purge cycle. De-identified data derived from your records may be retained for research, quality improvement, and regulatory reporting purposes. Users can request permanent deletion of their data from our systems by contacting support@docologist.com, subject to legal and medical record retention obligations.

5. Security Measures

We implement industry-standard technical and organisational measures to protect sensitive health data transmitted through and stored by the Docologist platform, including:

• Encryption in transit — all data exchanged between your device and our servers is encrypted using TLS 1.2 or higher. Video consultations are protected with 256-bit encryption.
• Encryption at rest — health records and personal data stored on our servers are encrypted at rest.
• Access controls — access to patient health data is restricted to authorised personnel on a strict need-to-know basis, enforced through role-based access controls and audit logging.
• Vulnerability management — we conduct periodic security assessments and apply security patches promptly.

Notwithstanding the above, no system is entirely immune to security incidents. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant authorities as required by law.

6. Children's Privacy (Google Play)

The Docologist app is not directed at children under the age of 18 and is not listed in Google Play's "Designed for Families" programme. We do not knowingly collect personal or health data from individuals under 18. If you believe that a child has provided us with personal data without appropriate consent, please contact us immediately at support@docologist.com so that we can take appropriate action.

7. Device Access Used by the App

The Docologist Android app requests access to certain device capabilities solely to deliver its core telehealth functionality. No access is requested beyond what is necessary for the stated purpose:

• Camera — required to conduct video consultations with your doctor.
• Microphone — required for audio during video consultations only. We do not record or store audio at any time.
• Photos, media, and files — used to allow you to select and upload medical documents, images, or lab reports for your doctor's review. You retain full control over which files you share; the app accesses only the files you explicitly select.
• Push notifications — used to deliver appointment reminders, incoming consultation call alerts, and other service notifications.
• Background and lock-screen access — used to maintain an active video consultation connection when the app is minimised or the screen is locked, and to display an incoming call screen on the lock screen so you can accept or decline a call without first unlocking your device.
• Vibration — used to alert you to incoming consultation calls and appointment notifications.
• Internet connectivity — required for all core platform functions including login, consultation, and data sync.

All permissions are requested at runtime with a plain-language explanation of why each is needed. You may revoke any permission through your device settings at any time; revoking certain permissions will limit specific features of the app.

8. Third-Party Service Providers

The Docologist app uses third-party service providers to deliver its core functionality. Each provider is used solely for the technical purpose described and is contractually prohibited from accessing or sharing your identifiable health or medical data for advertising, marketing, or any other purpose:

• Video call service — powers real-time video and audio during consultations. This provider may process device identifiers and network metadata (such as IP address) solely to route and optimise the media stream. No health or medical information is shared with this provider.
• Push notification service — delivers appointment reminders and incoming call alerts to your device. This provider processes a device-level notification identifier and minimal device metadata required solely for notification delivery.
• Backend data service — provides the database and authentication infrastructure on which health records, user accounts, and consultation metadata are stored. This provider operates under a data processing agreement requiring appropriate security measures and processing data only on our instruction.
• Incoming call UI service — renders the incoming call screen on your device's lock screen. This component operates entirely on-device and does not transmit any data to external servers.
• Usage analytics — aggregated, de-identified usage data is collected internally to understand platform usage patterns and improve the service. No third-party analytics SDK is used in the mobile app. No personally identifiable or health-related information is included in this data.

9. Google Play Data Safety — Summary

The following summarises the data practices declared in the Google Play Console Data Safety form for this app. The full details are described in Sections I, II, and III of this Privacy Policy.

Data collected:

• Personal information (name, email address, phone number, date of birth) — collected for account creation and authentication; required.
• Health and medical information (symptoms, medical history, diagnoses, prescriptions, lab results, diagnostic images) — collected to provide telemedicine services; required.
• Communications content (in-consultation text messages) — collected to support the consultation; required.
• Photos and media (medical documents, images, and video files you upload) — collected to share with your treating doctor; optional.
• Device identifiers — collected for push notification delivery, security, and platform improvement; required.
• App activity (in-app interactions, feature usage) — collected in aggregated, de-identified form for platform improvement; required.

Data sharing and selling:

• No data is sold or rented to any third party.
• No data is shared with third-party advertising networks or data brokers.
• Health and medical data is shared only with your treating doctor through the platform, and with laboratories or referral providers strictly on your treating doctor's direction or with your consent.
• Minimal technical metadata (limited to what is necessary to establish and route a video call) is shared with our video infrastructure provider solely for that purpose; no health information is included.
• A device notification identifier is shared with our push notification provider solely for the purpose of delivering notifications to your device.

Security practices:

• All data in transit is encrypted using TLS 1.2 or higher; video consultations use 256-bit encryption.
• Data at rest is encrypted on our servers.
• Users can request account and data deletion at any time by emailing support@docologist.com.

10. Applicable Policies and Contact

This Section III supplements Sections I and II of this Privacy Policy and should be read together with them. In the event of any conflict between this Section III and earlier sections solely in relation to Google Play users, this Section III will prevail. For all privacy-related enquiries, requests, or complaints, please contact our Privacy Officer at:

• Email: complaints@docologist.com
• Support: support@docologist.com