Privacy Policy

PratiConnect is committed to protecting your privacy and personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our platform.

Data Controller

Data Collection

We collect different types of data depending on whether you are a practitioner or a patient:

Purpose of Processing

• Providing and managing our services
• Managing appointments and consultations
• Secure storage of health data
• Payment and billing processing
• Improving our services
• Complying with our legal obligations

Legal Basis

• Contract performance: Processing necessary for service delivery
• Consent: For the processing of health data and marketing communications
• Legitimate interest: For improving our services and preventing fraud
• Legal obligation: For complying with our accounting and tax obligations

Data Retention Period

We retain your data for the duration necessary to fulfill the purposes for which it was collected:

• Account data: duration of the contractual relationship + 3 years
• Health data: 20 years from the last consultation (legal obligation)
• Billing data: 10 years (legal obligation)
• Connection logs: 1 year

Data Sharing

We may share your data with:

• Technical service providers (hosting, payment)
• Health authorities in case of legal obligation
• Legal advisors in case of litigation
• Certified HDS subcontractors for health data

We never sell your personal data to third parties.

Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption of data in transit (TLS) and at rest (AES-256)
• HDS certified hosting for health data
• Multi-factor authentication
• Regular security audits
• Ongoing staff training

Cookies

Our site uses cookies to improve your experience. Cookies are small text files stored on your device.

You can manage your cookie preferences at any time via our cookie banner or in your browser settings.

Your Rights

In accordance with GDPR, you have the following rights:

• Right of access: Obtain confirmation of the processing of your data and access it
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your data under certain conditions
• Right to restriction: Limit the processing of your data
• Right to portability: Receive your data in a structured, machine-readable format
• Right to object: Object to the processing of your data for legitimate reasons
• Withdrawal of consent: Withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal

To exercise these rights, contact us at dpo@praticonnect.com or through our contact form.

International Transfers

Your data is hosted in the European Union. In case of transfer outside the EU, we ensure an adequate level of protection through standard contractual clauses approved by the European Commission.

Complaint to the CNIL

If you believe that the processing of your data violates the applicable regulations, you can lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés) at www.cnil.fr.

Policy Updates

We may update this privacy policy at any time. The date of the last update is indicated at the top of this page. We encourage you to regularly consult this page.