Find a Doctor
Our Solutions
Our Solutions
Our Solutions
Financial Information
Financial Information

With E-Invoice and E-SMM integrations, you can effortlessly create and send your e-invoices through Callendoc. You can quickly complete your collections and make your business processes more efficient.
Appointment Management
Appointment Management

We offer an advanced appointment tracking system that allows you to manage your appointments effectively, taking into account your work schedule and consultation times.
Medical Tracking
Medical Tracking

With the patient information management system, you can quickly and easily record your patients' medical histories and consultation information, and access past findings with just a few clicks.

Patient Tracking
Patient Tracking

With the Patient Tracking System that works in conjunction with appointment, medical modules, and financial modules, you can record patient information and all visit protocols according to health systematics.

View All Solutions
PricingArticlesFree ResourcesSupport
About Us
Who We AreContactCareersAdvisory Board
For Patients
Doctors and SpecialistsFrequently Asked QuestionsCorporate AgreementsData SecurityPatient Membership AgreementContact
For Doctors
Our SolutionsIntegrationsArticlesPricingDoctor Membership AgreementPatient Information Text
Find a Doctor
Sign Up Now Sign In
Sign Up Now Sign In
Agreements

Doctor Information Text

Cookie Information Text
Data Security
Doctor Membership Agreement
Doctor Information Text
Data Security

CALLENDOC DATA PROTECTION POLICY - HEALTHCARE PROFESSIONAL VERSION

Last Updated: November 2025

CALLENDOC is committed to protecting your professional data and patient data in compliance with UK data protection law. This policy explains what personal data we collect about you as a healthcare professional, how we use it, who we share it with, and your rights.

1. DATA CONTROLLER INFORMATION

1.1 WHO WE ARE

Data Controller:
Callendoc Ltd.
London, United Kingdom

Callendoc Ltd. is the data controller responsible for determining how and why your professional data is processed.

Data Protection Officer (DPO): [email protected]

1.2 CONTACT INFORMATION

2. PROFESSIONAL DATA CATEGORIES WE COLLECT

2.1 IDENTITY & PROFESSIONAL DATA

  • Full name and professional title
  • Professional registration number
  • Qualifications and credentials
  • Areas of specialization
  • Professional indemnity insurance details
  • Date of birth

Purpose: Account creation, professional verification, compliance
Legal Basis: Contract, Legal obligation

2.2 CONTACT INFORMATION

  • Professional email address
  • Contact phone number
  • Professional address
  • Banking details for payment

Purpose: Platform communication, payment distribution, support
Legal Basis: Contract, Legitimate interests

2.3 PROFESSIONAL COMPLIANCE DATA

  • Professional registration verification records
  • Background check results
  • Insurance verification records
  • Professional conduct history
  • Regulatory body verification

Purpose: Professional verification, regulatory compliance
Legal Basis: Legal obligation, Legitimate interests

2.4 CONSULTATION & APPOINTMENT DATA

  • Consultation dates and times
  • Appointment status and duration
  • Consultation type (video/voice/text)
  • Patient anonymized data
  • Consultation notes you create

Purpose: Service delivery, record-keeping, fee management
Legal Basis: Contract, Legitimate interests

2.5 FINANCIAL & PAYMENT DATA

  • Banking details for fee payment
  • Transaction history
  • Invoice information
  • Payment records
  • Tax information

Important Note: Banking details encrypted and securely stored
Purpose: Payment distribution, financial records
Legal Basis: Contract, Legal obligation (tax)

2.6 COMMUNICATION DATA

  • Professional messages and notes
  • Support requests and responses
  • Complaint records
  • Professional correspondence
  • Email communications

Purpose: Service delivery, support, compliance
Legal Basis: Contract, Legitimate interests

2.7 TECHNICAL & USAGE DATA

  • IP address
  • Device information (type, OS)
  • Browser information
  • Cookie identifiers
  • Login dates and times
  • Features and pages accessed
  • Error reports

Purpose: Platform improvement, security, analytics
Legal Basis: Legitimate interests, Consent (analytics)

3. LAWFUL BASES FOR PROCESSING

3.1 UK GDPR LAWFUL BASES

(A) CONTRACT

We process data because:

  • Necessary to operate the Platform for your use
  • Required for consultation management
  • Necessary for payment distribution
  • Required for professional account management

(B) LEGAL OBLIGATION

We process data because:

  • Healthcare laws require professional verification
  • Tax laws require financial records
  • Professional regulation requirements
  • Court orders or legal requests
  • Regulatory body requests

(C) LEGITIMATE INTERESTS

We process data because:

  • Platform improvement and analytics
  • Fraud prevention and security
  • Professional conduct investigations
  • Business continuity
  • Regulatory compliance

(D) EXPLICIT CONSENT

We process data based on your explicit consent for:

  • Marketing communications (optional)
  • Analytics cookies (optional)
  • Biometric data (if applicable, optional)

Withdrawing Consent: You may withdraw consent anytime at [email protected] with no penalty.

4. PURPOSES & USE OF YOUR DATA

4.1 PLATFORM SERVICE DELIVERY

  • Create and manage your professional account
  • Manage your professional profile
  • Manage appointment bookings and consultations
  • Process payments and distribute your fees
  • Provide customer support
  • Manage consultation records

4.2 PROFESSIONAL VERIFICATION & COMPLIANCE

  • Verify professional registration
  • Conduct background checks
  • Verify indemnity insurance
  • Maintain regulatory compliance records
  • Respond to regulatory inquiries

4.3 SECURITY & FRAUD PREVENTION

  • Detect unauthorized access
  • Prevent fraud and platform misuse
  • Protect against cyberattacks
  • Monitor suspicious activity
  • Investigate security incidents

4.4 LEGAL & REGULATORY COMPLIANCE

  • Comply with healthcare laws
  • Comply with tax obligations
  • Respond to legal requests
  • Investigate professional conduct complaints
  • Defend against legal claims

4.5 SERVICE IMPROVEMENT

  • Analyze Platform usage
  • Improve features and functionality
  • Develop new services
  • Troubleshoot technical issues

5. WHO WE SHARE YOUR DATA WITH

5.1 PROFESSIONAL REGULATORS

  • GMC, GDC, HCPC (registration verification)
  • Regulatory bodies (when legally required)
  • Professional conduct investigations
  • Complaint-related disclosures

5.2 SERVICE PROVIDERS & PROCESSORS

Cloud Infrastructure: AWS (EU/UK regions)
Payment Processors: Stripe, PayPal
Communications: SendGrid (email), Twilio (SMS)
Analytics: Google Analytics (anonymized)

All processors have Data Processing Agreements ensuring GDPR compliance.

5.3 AUTHORIZED THIRD PARTIES

  • Accountants and auditors (financial data only)
  • Lawyers (legal advice, disputes)
  • Insurance providers
  • Regulatory bodies (when legally required)

5.4 LEGAL REQUIREMENTS

We may disclose data when:

  • Required by law (court order, subpoena)
  • Necessary for public safety
  • To prevent crime or fraud
  • Required by healthcare regulators
  • Required by professional bodies

5.5 PATIENTS YOU CONSULT WITH

  • Professional profile (name, credentials, specialization)
  • Contact information for appointment coordination
  • Only information necessary for patient care

5.6 NO SELLING OR COMMERCIAL USE

Callendoc will NOT:

  • Sell your professional data
  • Share your credentials for commercial purposes without consent
  • Transfer your data to third-party providers

6. DATA RETENTION PERIODS

Professional Account Data: Duration of use plus 6 years after termination (legal requirement)

Consultation Records: 10 years minimum (professional standards)

Professional Verification Records: 10 years (regulatory requirement)

Transaction & Financial Data: 7 years (tax and financial regulations)

Professional Compliance Records: 10 years

Backup Data: 6 months

Analytics Data: 26 months (then anonymized)

You may request deletion subject to legal retention requirements.

7. YOUR DATA RIGHTS AS A HEALTHCARE PROFESSIONAL

7.1 RIGHT TO ACCESS

You have the right to:

  • Request a copy of your professional data
  • Know what data we hold about you
  • Know why we process your data
  • Know how long we retain it
  • Know who we share it with

How to Request: Email [email protected] with your full name and professional account email
Response Time: Within 30 calendar days
Cost: Free of charge

7.2 RIGHT TO RECTIFICATION

You have the right to:

  • Correct inaccurate professional information
  • Complete incomplete data
  • Update outdated information

How to Exercise: Update directly through your professional profile or email [email protected]

7.3 RIGHT TO ERASURE (Right to Be Forgotten)

You have the right to request deletion when:

  • Data no longer necessary for purpose
  • You withdraw consent
  • You object to processing
  • Processing unlawful

Exceptions (Data May Not Be Deleted):

  • Legal obligation to retain (healthcare, tax, professional records)
  • Financial or tax records (7 years)
  • Professional regulatory records (10 years)
  • Legal dispute or claim

7.4 RIGHT TO RESTRICT PROCESSING

You have the right to limit how we use your data, such as restricting to storage only or stopping marketing communications.

7.5 RIGHT TO DATA PORTABILITY

You have the right to:

  • Receive your professional data in portable format
  • Obtain data in machine-readable format (CSV, JSON)

7.6 RIGHT TO OBJECT

You have the right to object to:

  • Marketing communications (unsubscribe anytime)
  • Processing based on legitimate interests

7.7 RIGHT TO WITHDRAW CONSENT

You may withdraw consent:

  • At any time
  • Without penalty
  • Immediate effect

How to Withdraw: Email [email protected]

8. INTERNATIONAL DATA TRANSFERS

8.1 WHERE YOUR DATA IS STORED

Primary Storage:

  • United Kingdom data centers
  • AWS UK region (primary)
  • EU servers (backup)

Data Protection:

  • Stored in UK/EU only
  • Never transferred outside UK/EEA without safeguards
  • GDPR-compliant jurisdictions only

9. SECURITY MEASURES

Technical Safeguards:

  • TLS 1.2+ encryption in transit
  • AES-256 encryption at rest
  • Role-based access control
  • Multi-factor authentication
  • 24/7 security monitoring

Organizational Safeguards:

  • Annual data protection training
  • Incident response procedures
  • Background checks for staff
  • Confidentiality agreements

Physical Security:

  • ISO 27001 certified data centers
  • 24/7 surveillance and monitoring
  • Biometric access controls
  • Environmental protections

10. CONTACT & COMPLAINTS

10.1 DATA PROTECTION CONTACT

Data Protection Officer (DPO): [email protected]
Response Commitment: Within 30 calendar days

10.2 COMPLAINTS PROCEDURE

Step 1: Contact Callendoc

Step 2: Callendoc Investigation

  • Investigation within 20 days
  • Written response to complaint
  • Remedial action if necessary

Step 3: Regulatory Complaint

If dissatisfied, you may complain to:

Information Commissioner's Office (ICO)
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Phone: 0303 123 1113
Website: www.ico.org.uk

11. REGULATORY BODY COMPLAINT

You may also report data protection concerns to your professional regulatory body:

  • GMC: General Medical Council (doctors)
  • GDC: General Dental Council (dentists)
  • HCPC: Health and Care Professions Council

12. INCIDENT RESPONSE

If your professional data is breached:

  • You will be notified within 72 hours
  • Notification includes scope and remediation steps
  • UK GDPR requirement for breach notification

13. CHANGES TO THIS POLICY

We may update this policy for:

  • Changes in our data practices
  • Regulatory changes
  • Technology improvements

Changes will be posted with updated effective date. For material changes, we notify you via email.

ACKNOWLEDGMENT

By using Callendoc as a healthcare professional, you:

  • Acknowledge reading this Data Protection Policy
  • Understand your rights under UK GDPR
  • Consent to data processing as described
  • Accept the security measures implemented
  • Know how to exercise your rights

Questions or concerns? Contact: [email protected]

This Data Protection Policy complies with:

  • UK General Data Protection Regulation (GDPR)
  • Data Protection Act 2018
  • Privacy and Electronic Communications Regulations (PECR) 2003
  • Professional Conduct Standards (GMC, GDC, HCPC)
  • Healthcare Data Protection Laws

Last Updated: November 2025
Effective Date: November 2025

Sign Up
Basic Logo
Consult online immediately with our specialist physicians!
+44
+44
  • At least 6, maximum 16 characters
  • At least 1 uppercase letter
  • At least 1 lowercase letter
  • At least 1 number
  • At least 1 special character (!@#$%^&* etc.)

Or

Sign Up with Google Icon Sign Up with Google
Sign In
Basic Logo
Sign in now,create your appointments!
+44
+44
Forgot your password?

Or

password Sign In with Password Sign In with Google Icon Sign In with Google
Forgot My Password
+44
+44
Day
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Month
01
02
03
04
05
06
07
08
09
10
11
12
Year
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996
1995
1994
1993
1992
1991
1990
1989
1988
1987
1986
1985
1984
1983
1982
1981
1980
1979
1978
1977
1976
1975
1974
1973
1972
1971
1970
1969
1968
1967
1966
1965
1964
1963
1962
1961
1960
1959
1958
1957
1956
1955
1954
1953
1952
1951
1950
1949
1948
1947
1946
1945
1944
1943
1942
1941
1940
1939
1938
1937
1936
1935
1934
1933
1932
1931
1930
1929
1928
1927
1926
1925
1924
1923
1922
1921
1920
1919
1918
1917
1916
1915
1914
1913
1912
1911
1910
1909
1908
1907
1906
1905
1904
1903
1902
1901
1900
Cookie Preferences

We use cookies to ensure our site works properly, to personalise content and advertisements, to provide social media features and to analyse our site traffic. We also share information about your site usage with our social media, advertising and analytics partners.

1st Party Cookies Necessary Cookies

Cookies used for the stable operation of the Callendoc website.

Cookie Name
Purpose
Duration
privacy_policy_accept
Stores information about whether the cookie policy has been accepted.
1 Year
allowed_cookies
Stores information about which cookies you have accepted.
1 Year
XSRF-TOKEN
Enables automatic verification of your visitor identity in the background
2 Hours
callendoc_session
Used to enable the site to recognise you
2 Hours
3rd Party Cookies Analytical Cookies

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information about metrics such as visitor numbers, bounce rate, traffic source, etc.

Cookie Name
Purpose
Duration
_hjAbsoluteSessionInProgress
_hjFirstSeen
_hjSession_hjSessionUser
These cookies, set by Hotjar, provide us with valuable insights on how we can improve your user experience.
0,5 Saat
Advertising Cookies

On our sites, we may collect information about your online activities to present advertisements related to products and services customised to your individual interests. For this purpose, we may also obtain information from third-party websites where our advertisements are served.

Cookie Name
Purpose
Duration
_fbp
These cookies, set by Facebook, track visitor, session, and campaign data and also monitor site usage for the website’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to identify unique visitors.
2 Yıl
Save Special Preferences
Accept All Cookies

Başarılı

Choose Your Cookie Preferences

Cookies are used on our site to provide you with the best service. For details Cookie Information Text you can review or customise cookies.

Customise Cookies
Accept All Cookies