ClinicOS ("we", "us") operates a WhatsApp-first operations platform for dental clinics. This policy explains how we process personal data when you use our website, dashboard, and messaging services.
Data we collect
- Account data: name, email, clinic affiliation, authentication logs.
- Patient contact data: phone numbers, names, conversation content, attachments.
- Technical data: IP address, device/browser, usage logs, delivery status from Twilio.
- AI processing: message text for translation, triage, and suggested replies (OpenAI).
How we use data
We process data to deliver multilingual inbox, appointment reminders, medical tourism coordination, and clinic operations. We do not sell patient data. AI outputs are assistive only — not medical diagnosis.
Processors & transfers
We use Supabase (EU/US hosting per project region), Vercel, Twilio, OpenAI, and optionally Resend for email. Data may be transferred outside Turkey with appropriate safeguards (SCCs / DPA where applicable).
Retention
Conversation history is retained while the clinic subscription is active. Clinics may request export or deletion subject to legal retention requirements.
Your rights
Under KVKK and GDPR (where applicable), data subjects may request access, correction, deletion, or restriction. Contact: privacy@clinicos.app.
Security
We use TLS, role-based access, clinic-scoped database policies, and audit logging. Clinics must obtain patient consent before WhatsApp clinical communication.