hi-doctor.ai

Privacy Policy

Last updated: November 27, 2025

1. About Us

hi-doctor.ai is a website operated by HI DOCTOR AI, SOCIEDAD LIMITADA, a company registered in Spain with Tax ID B23893027, and registered address at CALLE LOPE DE RUEDA NUM 27, PUERTA CENTRO IZQUIERDA, MADRID, 28009, Spain.

We are a telemedicine service provider committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform.

2. Data Controller

HI DOCTOR AI, SOCIEDAD LIMITADA is the data controller responsible for processing your personal data. For any questions regarding this Privacy Policy or your personal data, please contact us at:

  • Email: hello@hi-doctor.ai
  • Address: CALLE LOPE DE RUEDA NUM 27, PUERTA CENTRO IZQUIERDA, MADRID, 28009, Spain

3. Personal Data We Collect

We collect and process the following categories of personal data:

3.1 Identity and Contact Data

  • Full name
  • Date of birth
  • Gender
  • National ID number (DNI/NIE)
  • Email address
  • Phone number
  • Residential address

3.2 Health Data (Special Category Data)

  • Medical history you provide in health questionnaires
  • Current symptoms and health conditions
  • Medications you are taking or have taken
  • Allergies and intolerances
  • Medical consultation notes and recommendations
  • Prescriptions issued

3.3 Technical Data

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Usage data and browsing patterns
  • Cookies and similar technologies (see our Cookie Policy)

3.4 Payment Data

  • Payment card details (processed securely by our payment providers)
  • Billing address
  • Transaction history

4. How We Use Your Data

We use your personal data for the following purposes:

4.1 Provision of Medical Services

  • To evaluate your medical questionnaire and determine treatment suitability
  • To enable our licensed physicians to review your case and provide medical consultations
  • To issue valid electronic prescriptions
  • To communicate consultation results and medical advice
  • To maintain your electronic medical record

4.2 Administrative and Legal Purposes

  • To create and manage your patient account
  • To process payments for consultations
  • To comply with legal and regulatory obligations
  • To respond to complaints and resolve disputes
  • To maintain records as required by healthcare regulations

4.3 Service Improvement

  • To improve our platform functionality and user experience
  • To conduct internal analytics and research
  • To send service updates and notifications

5. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Contractual necessity: Processing necessary for the performance of our contract with you to provide medical consultation services
  • Legal obligation: Processing necessary to comply with healthcare regulations and legal requirements
  • Vital interests: Processing necessary to protect your vital interests in emergency situations
  • Explicit consent: For processing special category health data, we obtain your explicit consent
  • Legitimate interests: For service improvement and fraud prevention, where our interests do not override your rights

6. Data Sharing

We may share your personal data with:

  • Licensed Physicians: Our registered medical professionals who review your case and provide consultations
  • Payment Processors: Secure payment service providers to process your consultation fees
  • Regulatory Authorities: When required by law or to comply with regulatory obligations
  • Legal Advisors: In connection with legal proceedings or to protect our rights
  • Service Providers: Third-party providers who assist with our operations (data hosting, customer support) under strict confidentiality agreements

We never sell your personal data to third parties.

7. International Data Transfers

Your data is primarily stored and processed within the European Economic Area (EEA). If any transfer outside the EEA is necessary, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other valid transfer mechanisms under GDPR

8. Data Security

We implement comprehensive security measures to protect your personal data:

  • Encryption: All data is encrypted in transit (TLS/SSL) and at rest using industry-standard encryption
  • Access Controls: Strict access controls ensure only authorized personnel can access your data
  • Secure Infrastructure: Our systems are hosted in secure data centers within the European Economic Area
  • Regular Audits: We conduct regular security assessments and vulnerability testing
  • Staff Training: All staff receive data protection and security training

9. Data Retention

We retain your personal data for the following periods:

  • Medical Records: Minimum 15 years from the last consultation, as required by Spanish healthcare regulations (Law 41/2002)
  • Account Data: For the duration of your account plus 5 years after deletion
  • Payment Records: 7 years for accounting and tax purposes
  • Technical Data: Generally up to 2 years, unless required for security purposes

10. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data we hold
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (subject to legal retention requirements)
  • Right to Restriction: Request limitation of how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw your consent at any time for consent-based processing

To exercise these rights, contact us at hello@hi-doctor.ai. We will respond within 30 days.

11. Automated Decision-Making

We do not make decisions based solely on automated processing that significantly affect you. All medical decisions and prescription issuance are made by licensed healthcare professionals.

12. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe we have collected data from a minor, please contact us immediately.

13. Cookies

We use cookies and similar technologies to enhance your experience. Please refer to our Cookie Policy for detailed information about the cookies we use and how to manage them.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated date. For significant changes, we will notify you via email or platform notification.

15. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos - AEPD):

  • Website: www.aepd.es
  • Address: C/ Jorge Juan, 6, 28001 Madrid, Spain

16. Contact Us

For any questions about this Privacy Policy or your personal data, contact us:

  • Company: HI DOCTOR AI, SOCIEDAD LIMITADA
  • Tax ID: B23893027
  • Address: CALLE LOPE DE RUEDA NUM 27, PUERTA CENTRO IZQUIERDA, MADRID, 28009, Spain
  • Email: hello@hi-doctor.ai

Thank you for trusting hi-doctor.ai with your healthcare needs.

© 2026 HI DOCTOR AI, SOCIEDAD LIMITADA. All rights reserved.

    Privacy Policy – hi-doctor.ai