Privacy Policy

Dropat Technologies Ltd. ("Dropat," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our shift exchange platform and related services.

This policy applies to all users of Dropat's services, including our website, mobile applications, and any related services. By using our services, you consent to the collection and use of information in accordance with this policy.

Personal Information

We collect the following types of personal information:

• Name, email address, and phone number
• Medical license number and credentials
• Hospital or clinic affiliation
• Specialty and professional qualifications
• Profile photo and professional information
• Shift schedules and availability

Usage Information

• Device Information: We collect information about the mobile device you use, such as the hardware model, operating system version, unique device identifiers (e.g., IDFA for iOS, Advertising ID for Android), and mobile network information. This is used for security, bug fixing, and ensuring compatibility.
• Location Data: We collect your approximate location based on your IP address to provide relevant content and for security analysis. We do not collect precise GPS location data in the foreground or background.
• Usage Data: We collect information about your interactions with our services, such as which features you use, the shifts you view or post, and the times you access the app. This helps us improve our user experience.

Verification Documents

• Medical license certificates
• Employment verification documents
• Professional certification records
• Identity verification documents

We use your information for the following purposes:

• Providing and maintaining our shift exchange services
• Verifying your professional credentials and identity
• Facilitating connections between medical professionals
• Sending notifications about shift opportunities and updates
• Improving our platform and user experience
• Ensuring platform security and preventing fraud
• Complying with legal obligations and regulations
• Providing customer support and assistance

We process your information based on legitimate business interests, contractual necessity, legal compliance, and your consent where required by applicable law.

We may share your information in the following circumstances:

• With Other Users: Basic professional information to facilitate shift exchanges
• With Service Providers: We engage third-party companies to perform services on our behalf, such as cloud hosting (e.g., Amazon Web Services), communication services (for emails and notifications), and data analytics. They are only given access to the information necessary to perform these functions and are contractually obligated to protect it.
• Legal Requirements: When required by law or to protect rights and safety
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Consent: When you explicitly consent to sharing

We do not sell, rent, or trade your personal information to third parties for marketing purposes. All data sharing is conducted with appropriate safeguards and legal protections.

We implement comprehensive security measures to protect your information:

• 256-bit SSL encryption for data transmission
• Advanced encryption for data storage
• Multi-factor authentication options
• Regular security audits and penetration testing
• HIPAA-compliant security practices
• SOC 2 Type II certification
• Employee security training and access controls

While we implement industry-leading security measures, no system is completely secure. We continuously monitor and update our security practices to protect your information.

We retain your information for as long as necessary to:

• Provide our services and maintain your account
• Comply with legal and regulatory requirements
• Resolve disputes and enforce agreements
• Maintain security and prevent fraud

You may request the deletion of your account and associated personal data at any time. You can initiate this process directly from the "Account" -> "Request Account Deletion" section within the Dropat application. Alternatively, you may submit a deletion request through our online web form, which is publicly accessible here: https://dropat.mdsolutions-services.com/support/request-delete. Upon receiving a deletion request through either method, we will permanently delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes (such as fraud prevention).

You have the following rights regarding your personal information:

• Access: Request copies of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request transfer of your data to another service
• Restriction: Request limitation of processing activities
• Objection: Object to certain types of processing
• Withdrawal: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within 30 days.

We use cookies and similar technologies to:

• Maintain your login session
• Remember your preferences and settings
• Analyze platform usage and performance
• Provide personalized content and features
• Ensure platform security

You can control cookie settings through your browser preferences. However, disabling certain cookies may affect platform functionality.

Your information may be transferred to and processed in countries other than Egypt. When we transfer your information internationally, we ensure appropriate safeguards are in place:

• Standard contractual clauses approved by data protection authorities
• Adequacy decisions by relevant regulatory bodies
• Certification schemes and codes of conduct
• Your explicit consent where required

Dropat is designed for licensed medical professionals who are at least 18 years old. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes through:

• Email notification to your registered address
• In-app notifications
• Prominent notices on our website

Your continued use of our services after the effective date of changes constitutes acceptance of the updated Privacy Policy.

If you have questions about this Privacy Policy or our privacy practices, please contact us: