Hekalis
Hekalis Logo Hekalis

Privacy Policy

Privacy Commitment

At Hekalis, medical secrecy starts with the code. We apply "Privacy by Design" principles to ensure that no health data is compromised.

Identity of the Data Controller

For data relating to the management of your account, Hekalis is the controller. For patients' health data entered into the software, the clinic or practitioner is the Data Controller, and Hekalis acts as a Processor (Article 28 of the GDPR).

Data Collected

  • Practitioners / Administrators: Full identity, professional email address, specialty, billing data.
  • Patients: Identity, history, constants, reports, prescriptions (encrypted flow transmitted only to the secure HDS tunnel).

Purposes

  • Management of the agenda and appointments.
  • Maintenance of the electronic patient record (EPR).
  • Issuance of secure prescriptions.
  • Legal traceability required by health authorities.

Your Rights (GDPR)

In accordance with the GDPR, you have the right of access, rectification, erasure, and portability of your data. For any request to exercise your rights: dpo@hekalis.app.