Personal Data Protection Policy

The terms used in this Personal Data Protection Policy (hereinafter ​“Policy”) with capital letters have been defined in the ​“Definitions” document available here.

In the event of a conflict between the terms defined in this Policy and the terms of the ​“Definitions” document, the terms of this Policy shall prevail.

In accordance with the GDPR, there are two main roles:

• The Data Controller is the person who determines the reason why and how Personal Data are processed ;
• The Processor is the person processing Personal Data on behalf of the Data Controller. It acts under the authority of the Data Controller and on its instructions.

Siilo Holding BV is a 100% owned subsidiary of Doctolib SAS (a company incorporated under French law) and is fully integrated into the Doctolib Group. Doctolib largely harmonised data protection standards within the Group in order to achieve a harmonised and consistent level of data protection and data security.

The processing that takes place in connection with the use of the ​“Doctolib Siilo App” is therefore integrated into the Doctolib data protection information.

As Data Controller, Doctolib takes all appropriate measures to ensure the protection and confidentiality of the Personal Data it holds or processes in compliance with the provisions of the GDPR.

Creation and management of the Doctolib User Account

(creation of the User Account, verification of identity and right to practice of the Healthcare Providers, traceability requirements, etc.)

What Personal Data is used?

• Identification data: Surname, first name, avatar picture (optional), email address, medical registration number (when applicable), medical profession, titles, medical speciality, interests organisation/​association, copy of medical ID, driver’s licence, passport or ID, organisation specific profile fields, IP address.
• Contact data:Email address, phone number

On what legal basis is Personal Data processed by the Data Controller?

• For creation of the User Account and identity verification: 
• Necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the request of the data subject.

How long is Personal Data retained?

• For creation of the User Account and identity verification: 
• Duration of the contractual relationship
• In order to protect itself against any dispute, Doctolib is likely to keep certain information for up to 5 years from the end of the contractual relationship
• A copy of the identity document is deleted after verification.

__ __ __

Creation of a directory and User Profile Forms

What Personal Data is used?

• Identity data: Title, surname, first name.
• Professional data: Phone number, email address, avatar picture,medical registration number, interests, medical profession, organisation/​association, medical specialty.

On what legal basis is Personal Data processed by the Data Controller?

• Necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the request of the data subject or Legitimate interest. 

How long is Personal Data retained?

• Until deletion request.
  For information, the processing time for requests to delete Personal Data is a maximum of 30 days. In the event of a complex request, this period may be extended up to 60 days.

__ __ __

Provision of information about the Services

(new features, Service user guides, new products, etc.).

What Personal Data is used?

• Identification data: Title, surname, first name.
• Contact data: Address, email, phone number.
  

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest

How long is Personal Data retained?

• Duration of the contractual relationship.

__ __ __

Analysis of the use of the Services and devices

(navigation on the Sites, use of the Doctolib Siilo Services, use of the services) for the purposes of monitoring, research, improvement, and personalisation of the Services.

What Personal Data is used?

• Usage and connection information related to the use of the Doctolib Siilo Services: Type of activity, User ID, Installation ID, Web session ID, Client type, Doctolib Siilo version,location on the basis of IP address, Usage language, User agent, number of connections on Doctolib Siilo, device information, number of groups, number of messages sent/​received, how many and which days online, web app activation and current sessions.
• Usage and connection information related to the account events: User ID, account created or deleted, type of account (user or group), client type, used language.
• Usage and connection information related to the Doctolib Siilo Messenger: Type of message, timestamp, User/​Installation ID sender, type of session (webchat or not), client type, Doctolib Siilo version location on the basis of IP address, group ID destination, destination of message, user ID destination, message ID, topic ID (only applicable during a user message), envelop type, quote, length of (video or voice) call.
• Usage and connection information related to the registration process: step within registration process, status of entered data, client type, Doctolib Siilo version, device model, location on the basis of IP address, User ID (if registration is completed).

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest

How long is Personal Data retained?

• Duration of the contractual relationship.
• In order to protect itself against any litigation, Doctolib is likely to keep certain information for up to 5 years from its registration.
• The logs used to ensure the security of the Services are kept for a period of 1 year from their recording

__ __ __

Establishment of connections to Doctolib Siilo Messenger (e.g. recommend connections)

What Personal Data is used?

• Phone number
• Contact phone numbers (phonebook contacts) or address book data

On what legal basis is Personal Data processed by the Data Controller?

• The Data is processed by Siilo as a data controller on the basis of the following legal grounds:
• User’s phone number: Necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.
• Contacts’ phone numbers: Consent. The User is prompted through a pop-up to indicate whether they agree to Siilo accessing their phone book data.

How long is Personal Data retained?

• Duration of the contractual relationship.

__ __ __

Prevent and fight against computer fraud 

(spamming, hacking, DDoS attacks etc.).

What Personal Data is used?

• Usage and connection information related to the use of the Doctolib Siilo Services: Device information.
• NB: At the request of the judicial authorities, Doctolib can transmit the latest IP addresses collected, so that the Healthcare provider can be identified in cooperation with his Internet service provider.

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest

How long is Personal Data retained?

• The logs used to ensure the security of the Services are kept for a period of 1 year from when they were recorded. 
• In order to protect itself against any litigation, Doctolib is likely to keep certain information for up to 5 years from its registration.

__ __ __

Improvement of Services ; production of statistics ; Data anonymisation

e.g.: use of data for product improvement purposes; communication of aggregated statistics.

What Personal Data is used?

• User Account data : Phone number, email address.
• Usage and connection data relating to the use of the Services and the Doctolib Siilo Services: Group ID destination (only applicable during a group message), destination of message (user or group), user ID destination (only applicable during a group message), message ID.
• Client type: Type of activity and action, Doctolib Siilo version. 
• Answers to various questions on the health sector or on the care pathway and medical care. Answers to site surveys.
• Step within registration process, Status of entered data 
• Back-end Data: Siilo account ID, location coordinates, city, region and country, email domain

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest

How long is Personal Data retained?

• Specific durations according to the data concerned:
• Duration of the contractual relationship for the management and creation data of the User Account as well as for the data of the customer database

or

• Until a deletion request is received for User Profile data

or

• 1 year from their registration for connection and usage data for the Sites, the Doctolib Siilo Services

or

• 1 month from sending Doctolibthe answers to the questionnaires

or

• Until there is an objection for User Account data

or

• Until there is an objection or a deletion request for prospect data

__ __ __

Conduct optional surveys

on Doctolib Siilo’s Services and their possible developments, analysis of the satisfaction rate (NPS score), ​“user research” workshops allowing Doctolib Siilo to improve its product, etc

What Personal Data is used?

• According to the surveys:
• Identification data: Last name, first name.
• Contact data: Phone contacts telephone number and email address.
• Professional data: Title
• Other: Miscellaneous questions on the health sector or on the course of care and medical care, satisfaction note.

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest: in-product surveys
• Consent: surveys sent by email.
• Legitimate Interest

How long is Personal Data retained?

• The answers to the questionnaires are kept for 1 month after being sent to Doctolib.
  At the end of this period, the Personal Data is anonymised.

__ __ __

Marketing campaigns on social media and third party websites

- Display of targeted Doctolib advertising campaigns,

- Generation of campaign performance and analysis reports.

What Personal Data is used?

• Identification data: Title, surname, first name.
• Contact data: Email address, telephone number.
• Professional data: Specialization

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest

How long is Personal Data retained?

• Until opt-out directly managed through the social media and third party websites

__ __ __

Creation and management of a prospect database

(Management and optimisation of the prospect database, creation of reports, organisation of events and webinars).

What Personal Data is used?

• Identification data: Title, surname, first name
• Contact data: Telephone number, email address.
• Professional data: Specialization.

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest

How long is Personal Data retained?

The earlier of:

• 3 years from the last contact with the prospect

• Until objection or request for deletion.

__ __ __

Creation and management of the customer database

(Management and optimisation of the customer database, creation of reports, training of Doctolib support teams, organisation of events, webinars, and collection of testimonials, etc.).

What Personal Data is used?

• Identification data: User ID, title, last name, first name, avatar picture.
  
• Contact details: Phone number, email. address, phone contacts telephone numbers, findable group name, group description
  
• Professional data: Specialization, medical registration number, medical profession, interest, organisation/​association, photograph of medical ID, driver’s licence or passport.
• Account data: Number of contacts, device information, number of groups, organisational role, how many messages sent/​received, how many and which days online, web app activation and current sessions, who chats with whom, at what time exactly, time and duration of VoIP/​video calls, message size, which groups are active, group names of private groups, composition of groups
• Other: Responses to surveys.

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest

How long is Personal Data retained?

• Duration of the contractual relationship

__ __ __

Customer relationship management

Management of support requests. 

What Personal Data is used?

• Identification data: User ID, surname, first name.
• Professional data: Specialization, organisation/​association.
• Account data: content of the support request and further exchanges

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest or necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the request of the data subject for Doctolib 

How long is Personal Data retained?

• Duration of the contractual relationship
• In order to protect itself against any litigation, Doctolib is likely to keep certain information for up to 5 years from its registration
• 30 days for the attachments

__ __ __

Information on changes to the Services.

What Personal Data is used?

• Identification data: Surname, first name;
• Contact data: Phone number, email address;
• Account data: Subscribed services;

On what legal basis is Personal Data processed by the Data Controller?

• For the updates necessary to maintain the compliance of the Services: legal obligation 
• For updates not necessary to maintain the compliance of the Services: performance of the contract.

How long is Personal Data retained?

• Duration of the contractual relationship.

__ __ __

Commercial referencing

Information to prospects concerning the Services subscribed by Healthcare Providers.

What Personal Data is used?

• Identification data: Surname, first name.
• Professional data: Specialization.
• Account data: Subscribed services.

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest

How long is Personal Data retained?

• Duration of the contractual relationship

or

• Until opposed.

__ __ __

Contract, billing and payment management

Invoicing, collection, reporting and statistics.

What Personal Data is used?

• Identification data: first name, surname, address, email, telephone number, customer account number, SIRET, VAT number, CoC number (Netherlands).
• Economic and financial data: bank account number, mandate information, reason for rejection of payment, method of payment, payment schedule, PO number.

On what legal basis is Personal Data processed by the Data Controller?

• Invoicing and collection: Legal obligation (for the Netherlands: art. 52 AWR).

How long is Personal Data retained?

• 7 years (for the Netherlands).

__ __ __

Management of the records of processing activity.

What Personal Data is used?

• Practitioners: first name, surname, address, email, telephone number.
• Legal representative: first name, surname, address, email, telephone number
• DPO: first name, surname, address, email, telephone number.

On what legal basis is Personal Data processed by the Data Controller?

• Legal obligation (art.30.2 GDPR).

How long is Personal Data retained?

• Duration of the contractual relationship.

__ __ __

Partner relationship management.

What Personal Data is used?

• Identification data: first name, surname, telephone number, email address
• Professional data: name of the company, job title
• Economic and financial data: bank account details.

On what legal basis is Personal Data processed by the Data Controller?

• Legitimate interest

How long is Personal Data retained?

• During the contractual relationship.

__ __ __

For security reasons, especially to ensure the continuity of its Services, some of your Personal Data may be kept by Doctolib in protected backup files for seven (7) additional days. Indeed, for backup purposes, daily automated ​“snapshots” are taken that are stored for no more than seven (7) days. These snapshots are encrypted at rest.

Your Personal Data is stored, if applicable, for a longer period of time to comply with Doctolib legal obligations or for the duration of the statute of limitations for litigation purposes.

In accordance with GDPR, you have the following rights over your Personal Data:

Right of access (article 15 GDPR): you may at any time access your personal information held by Doctolib.

Right to rectification (article 16 GDPR), and right to erasure (article 17 GDPR): you may request the modification or deletion of your Personal Data.

Right to restriction of processing (Article 18 GDPR): you have the right to restrict the processing carried out on your Personal Data only when one of the following situations arises: (i) when you dispute the accuracy of your data, (ii) when the you believe that the processing of your Personal Data is unlawful, or (iii) when the you need this restriction for the recognition, exercise or defence of your rights in court.

Right to data portability (article 20 GDPR): you have the option of requesting the recovery of the Personal Data that you provided to Doctolib, for personal use or to transmit this data to a third party of your choice. This applies only when this Personal Data is subject to an automated processing based on your consent or if the processing is necessary for the performance of a contract to which you are a party.

Right to object (article 21 GDPR): you may oppose the processing of your Personal Data for direct marketing purposes and/​or may oppose the processing carried out on the basis of Doctolib’s legitimate interest.

Right to define the fate of your Personal Data after death and to choose to whom Doctolib should communicate (or not) your Personal Data to a third party that you would have previously designated. As soon as Doctolib learns about your death and in the absence of any instructions from him, Doctolib undertakes to destroy your Personal Data, unless the retention of this data is deemed necessary for probative purposes or to meet a legal obligation (such as keeping the patient record).

You also have the right to lodge a complaint with a supervisory authority, and particularly with your national DPA.

For more information or to exercise your rights, you can contact Doctolib in writing at the following address: Siilo Holding B.V, Privacy Department, Keizergracht 585, 1017 DR Amsterdam, Netherlands or by email at privacy@​Siilo.​com. In this case, you must indicate which Personal Data you would like Doctolib to correct, update or delete, by specifically identifying yourself with a copy of an identity document (identity card or passport) or any other element allowing you to prove your identity.

Link to social media

You have the option of clicking on the icons dedicated to the social media X , Facebook and LinkedIn, appearing on the Sites or on the Doctolib Siilo App. By clicking on these icons, you will be redirected to external websites.

Social media makes it possible to improve the user-friendliness of the Sites or the Doctolib Siilo App and help promote them through sharing. Video sharing services make it possible to enrich the Sites or the Doctolib Siilo App with video content and increase their visibility.

When you click on these icons, Doctolib does not collect or process your data nor are they shared by the user via X, Facebook and LinkedIn. . These are only links sending you back to these social media when you click on the icons. When you are referred to social media, your interactions and information collected by the social media are subject to the confidentiality settings defined by you with each social media:

X (Twitter) - United States / Facebook - United States / LinkedIn - United States /.

Doctolib may modify, complete, or update this Policy in order to take into account any legal, regulatory, jurisprudential and/​or technical developments.

In the event of significant modifications (relating to the purposes of processing, the Personal Data collected, the exercise of rights, the transfer of Personal Data) to the terms of this Policy, Doctolib undertakes to inform you by any written means at least fifteen (15) days prior to their effective date.

Any access of and use of the Doctolib Siilo Services after this period will be subject to the terms of the new Policy. 

You are informed that the only authentic version of the Policy is the one found online, which you acknowledge without restriction.

You are required to refer to the online version of the Policy on the date of your access and on each use of the Services.