Skip to content
Hi-Doctor
My account

LEGAL · HI-DOCTOR

Privacy policy

How we handle your data.

Last updated · April 2026·HI DOCTOR AI SL·hello@hi-doctor.ai

The Spanish version of this document is the authoritative legal text. The English translation is provided for convenience only.

Data controller

HI DOCTOR AI SL — hello@hi-doctor.ai. We process your data under Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018 on Personal Data Protection and the Guarantee of Digital Rights (LOPDGDD).

Data Protection Officer

You can reach our Data Protection Officer (DPO) at dpo@hi-doctor.ai for any question about how we process your personal or health data.

What data we process

  • Identification data: name, email, phone number.
  • Health data provided in the questionnaire.
  • Payment data (processed by our certified payment provider).

Purpose

  • Delivering the medical consultation and issuing a prescription where appropriate.
  • Operational communications (email, the platform's private chat).
  • Meeting legal obligations.

Legal basis

Explicit consent (art. 6.1.a GDPR), performance of the contract (6.1.b) and compliance with a legal obligation (6.1.c). For health data, art. 9.2.h GDPR — processing by healthcare professionals.

Retention

We keep your data while your account remains active, and for up to five years after the last consultation to meet medical-legal obligations (AEMPS).

Recipients

Your data is not shared with third parties for commercial purposes. Our data processors (EU hosting, email delivery, PCI DSS-certified payment provider) sign GDPR-compliant processor agreements under art. 28 GDPR.

International transfers

By default, your data is hosted on servers located within the European Union. If a processor outside the EEA is exceptionally used, the appropriate safeguards under Chapter V GDPR apply (EU-approved Standard Contractual Clauses).

Security measures

We implement the technical and organisational measures required by art. 32 GDPR: encryption in transit and at rest, role-based access control, audit logging, encrypted backups, ongoing staff training, and incident-response procedures.

Your rights

  • Access, rectification, erasure, objection, restriction, portability.
  • Withdrawing your consent at any time.
  • Filing a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos — aepd.es).

Exercise your rights by writing to hello@hi-doctor.ai. We reply within 30 days at the latest.

NEED MORE INFORMATION

Let's talk.

If anything here is unclear, or you'd like to exercise a right, our privacy and legal team responds directly.

Contact the teamhello@hi-doctor.ai

HI-DOCTOR NEWSLETTER

We'll tell you when we add new treatments.

At most 2 emails a month. No spam. Updates on online health, EU telemedicine, and clinical guides signed by licensed doctors.