Age Requirement

You must be at least 18 years old to use our Services. If you are aged 13–17, your account must be created and managed by a parent or legal guardian.

1. Data Controller

The entity responsible for data processing is:

PocDoc Inc.
505 Montgomery St. Fl#10, Suite 200
San Francisco, CA 94111, USA
Email: hello@pocdoc.health

For questions about data protection or to exercise your privacy rights, please contact our Data Protection Officer at dpo@pocdoc.health.

2. Scope of Data Collection and Processing

We use the term “personal data” to mean information that identifies you or from which you could be identified—such as your name, email address, health metrics, or IP address.

2.1 Account Creation

When you sign up for PocDoc, you provide an email address. We use this for:

• Account Verification
• Service updates and security alerts
• Password resets
• Billing notifications (if you purchase premium features)

2.2 Using the Application

To power and continuously improve our App, we collect:

• Analytics & crash reports via Google Play, App Store, and Sentry (device type, OS version, error logs)
• User-provided health data (weight, height, lab results, medication schedules), processed only to deliver App features

We also collect certain personal details to give you a seamless experience—and you can delete or modify these at any time within your PocDoc profile and settings (e.g. date of birth, email).

PocDoc may also import your medical records and raw device data from connected providers (e.g. hospitals, labs, wearables). We don’t control what your provider shares—but it may include your name, address, phone number, and clinical details. You can view this data in the App and request its deletion at any time.

2.3 Communications

• Essential Communications: Account-related messages (security alerts, password resets) you cannot opt out of.
• Optional Communications: Newsletters, product updates, surveys—you may unsubscribe at any time.

2.4 Data Download & Deletion

You can delete your account and all associated data directly from your PocDoc settings. You may also request a full export of your data by emailing hello@pocdoc.health. We’ll provide your data within 30 days (or sooner if required by law).

2.5 Selling Data

We do not sell your data. All personal data processing is solely to provide and improve our Services.

2.6 Visiting Our Website

When you visit https://pocdoc.health, our servers automatically log:

• IP address, date/time of access, browser type/version/language
• Operating system and pages you view

We retain these logs for up to 12 months for security, system stability, performance tuning, and internal analytics. No personal user profile is built; this processing is based on our legitimate interest.

2.7 Newsletters & Direct Marketing

If you opt in, we send newsletters to your email address. You can unsubscribe at any time via the link in every message. We may use a third-party email platform to manage delivery and engagement tracking—again, under our legitimate interest.

2.8 Contacting Us

When you submit support requests or general inquiries (via form or email), we process the information you provide to respond and keep records of your communications. We may retain your inquiries and the information contained in it and use it to respond to your inquiry or to keep a record of your complaint, request, or similar concern.

2.9 Payments & Purchases

If you purchase premium features, you’ll supply billing details (name, address, payment method). All transactions are handled by PCI-compliant processors; we never store your full card data. We use your purchase information to fulfill orders and send receipts under our legitimate interest.

2.10 Social Media

We maintain profiles on Twitter, LinkedIn, Facebook, and Instagram. Any data you share on those platforms is governed by their own policies.

2.11 Links & Third-Party Integrations

You may connect third-party services to PocDoc. Each integration shares only the data you authorize, managed via secure OAuth flows—you can revoke access at any time. Our site may also link to external websites or embed third-party content; we aren’t responsible for their policies or practices as these external sites have their own terms and privacy policies.

3. Data Subprocessors

We rely on trusted subprocessors under strict data-processing agreements:

• Stripe, Inc. — Payment processing (PCI/DSS-compliant)
• Google Analytics & Tag Manager — Website usage analytics
• Sentry, Inc. — App crash reporting
• Resend — Transactional email delivery
• TikTok Ads — Marketing analytics
• AppsFlyer — Mobile attribution and analytics
• Intercom — Customer support and in-app messaging

For a complete list, see our Subprocessor List.

4. Data Retention

We keep your data only as long as needed to provide the Services, to comply with legal obligations, or as otherwise stated below:

• Account Data: Until you delete your account, plus up to 90 days for backup recovery.
• *Inactive Accounts: Deleted 12 months after last login.
• Support Inquiries & Logs: Retained up to 2 years.
• Web-server Logs: Retained up to 12 months for security and analytics.

To delete your account, email hello@pocdoc.health. We’ll confirm deletion within 30 days; full removal from backups may take up to 90 days.

5. Security of Your Personal Data

We implement robust safeguards, including:

• Encryption in transit (HTTPS) and at rest
• Access controls and regular security audits
• HIPAA-aligned infrastructure in modern, compliant cloud environments

You can help protect your account by choosing a strong password, never sharing it, and logging out of shared devices. In the event of a breach, we will notify you and relevant authorities as required by law.

6. Your Rights

Under applicable privacy laws, you may:

• Access the personal data we hold about you
• Rectify inaccurate or incomplete data
• Erase your data (subject to certain legal exceptions)
• Restrict or object to processing
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority

To exercise any right, contact dpo@pocdoc.health. We may require proof of identity before processing requests.

7. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. The latest version, with its “Last Modified” date at the top, will always be available at https://pocdoc.health/privacy. We encourage you to review it periodically.

8. Our Approach

We know how critical it is that your health information is safe and secure. We believe in transparency—our Privacy Policy and Terms of Service are written in clear, simple language.

• User Control: You decide what to share and can delete your data at any time.
• No Data Sales: We never sell your data; every use is to improve your PocDoc experience.

9. Entire Agreement

This Privacy Policy, together with our Terms of Service, constitutes the entire agreement between you and PocDoc regarding the collection, use, and protection of your personal data. It supersedes any prior privacy statements or agreements.

10. Severability

If any provision of this Privacy Policy is held invalid or unenforceable, the remaining provisions will remain in full force and effect.

Your Privacy

This isn’t just any information—it’s your health information.

• We do not sell your information.
• We will never share your data without your permission.
• We do not use your data for marketing or advertising.
• You can delete all your stored health data at any time.