Privacy Policy

Effective Date: July 25, 2025

1. INTRODUCTION

Welcome to BookaDerma. This Privacy Policy outlines the collection, processing, use, storage, and disclosure of personal data in accordance with applicable data protection laws and regulations. By accessing or using BookaDerma's website (www.bookaderma.com) and related services, you confirm that you have read, understood, and agreed to this Privacy Policy. If you do not agree with any provisions, please discontinue using our services.

2. INFORMATION WE COLLECT

We collect and process the following categories of personal data:

Personal Identifiable Information (PII):

Name, contact details, date of birth, gender, government-issued identification numbers (if required for verification), and other personal identifiers.

Account Information:

Login credentials, preferences, and communication records.

Health and Medical Data:

Medical history, dermatological conditions, prescriptions, and related healthcare information.

Financial Information:

Payment details, transaction history, and billing information processed securely through third-party payment gateways in compliance with applicable financial regulations.

Technical and Usage Data:

IP address, browser type, operating system, device information, pages visited, session duration, and online activity.

Communications Data:

Correspondence, inquiries, and interactions with customer support or medical professionals.

3. LEGAL BASIS FOR PROCESSING PERSONAL DATA

We process your personal data based on the following legal grounds:

  • Consent: When you provide explicit and informed consent for processing your data.
  • Contractual Necessity: To fulfill our obligations in providing telehealth services.
  • Legal Obligation: Compliance with applicable laws and regulatory requirements.
  • Legitimate Interests: To improve services, conduct analytics, and ensure security.

4. PURPOSES OF DATA PROCESSING

Your personal data is processed for the following purposes:

  • Provision of Services: Facilitating teledermatology consultations, verifying identity, and managing accounts.
  • Payment Processing: Secure transactions through third-party payment providers.
  • Regulatory Compliance: Compliance with laws governing telemedicine and healthcare services.
  • Marketing and Communication: Sending service updates, promotions, and relevant notifications (subject to user consent). Users may opt out at any time.
  • Security and Fraud Prevention: Protecting against unauthorized access, fraud, and misuse.

5. DISCLOSURE OF PERSONAL DATA

We may disclose personal data under the following circumstances:

  • Healthcare Providers: Sharing relevant medical data with dermatologists and clinics.
  • Third-Party Service Providers: Engaging IT, payment processing, and cloud storage services under strict confidentiality agreements.
  • Legal and Regulatory Authorities: Where required by law, court order, or government regulation.
  • Business Transfers: In the event of mergers, acquisitions, or asset transfers, user data may be transferred.

6. PROTECTION OF PERSONAL INFORMATION

We implement stringent security measures, including:

  • Industry-standard encryption protocols (SSL/TLS) and multi-layered security frameworks.
  • Strictly limited access to personal information to authorized personnel.
  • Retention of medical records for fifteen (15) years, as required by law.

7. USER RIGHTS UNDER APPLICABLE DATA PROTECTION LAWS

We recognize your rights under the Data Privacy Act of 2012, including:

  • Right to Access: Obtain a copy of your personal data.
  • Right to Rectification: Request corrections to inaccurate or incomplete data.
  • Right to Data Portability: Receive your data in a structured, commonly used format.
  • Right to Restrict Processing: Request temporary or permanent cessation of data processing.
  • Right to Object: Object to data processing for specific purposes, including direct marketing.
  • Right to Erasure (Right to be Forgotten): Request deletion of personal data, subject to legal exceptions.
  • Right to Withdraw Consent: Withdraw previously granted consent at any time.
  • Right to Seek Indemnity: Claim damages for any damages resulting from the processing of inaccurate, incomplete, outdated, or unlawfully obtained personal data.

8. COOKIES AND TRACKING TECHNOLOGIES

We utilize cookies and similar technologies to enhance user experience, analyze website traffic, and improve services. You may control cookie settings through your browser or opt out where applicable.

9. THIRD-PARTY LINKS AND EXTERNAL WEBSITES

Our platform may contain links to third-party websites. While we strive to partner with reputable providers, we do not control or assume liability for their privacy practices. Users are encouraged to review third-party privacy policies before sharing any personal data.

10. CHANGES TO THIS PRIVACY POLICY

We reserve the right to update this Privacy Policy at our discretion. Material changes will be communicated via email or website notifications. Continued use of our services after modifications constitutes acceptance of the revised policy.

11. CONTACT INFORMATION

For inquiries, concerns, or data-related requests, please contact our Data Protection Officer at:

📧 Email: privacy@bookaderma.com

12. LIMITATION OF LIABILITY IN CASE OF DATA BREACH AND DATA LOSS

BookaDerma employs robust security measures to protect personal data; however, no system can guarantee absolute security due to the evolving nature of cyber threats. In the event of a data breach, hacking incident, or unauthorized access beyond our reasonable control, we will take immediate steps to mitigate risks, notify affected users as required by law, and collaborate with cybersecurity experts and relevant authorities to investigate and resolve the issue.

To the extent permitted by law, our liability is limited to the scope of our direct involvement in the incident. BookaDerma shall not be held liable for any direct, indirect, incidental, special, or consequential damages resulting from unauthorized access, hacking, security breaches, or data loss beyond our reasonable control.

To enhance security, users are strongly encouraged to:

  • Safeguard their login credentials and use strong passwords.
  • Enable two-factor authentication (2FA) if applicable.
  • Monitor account activity and report any suspicious incidents immediately.

By using our services, you acknowledge that you understand and accept these risks and limitations. If you suspect any unauthorized access to your account, please contact us immediately at privacy@bookaderma.com.