Privacy Policy

At Codelines, we are committed to protecting your privacy and securing your personal information. This Privacy Policy explains how we collect, use, protect, and share your information when you use the TeleCare+ platform.

• Registration information: Name, email, phone number, password
• Professional information: Medical license number, specialty, qualifications, experience
• Financial information: IBAN, commercial registration, billing details
• Clinic/facility data: Name, location, operating hours, services offered
• Professional liability insurance information (if applicable)

• Personal information: Name, date of birth, gender, contact information
• Medical information: Medical history, symptoms, diagnoses, prescriptions, test results
• Appointment information: Date and time of consultations, reason for visit, notes
• Payment information: Payment method, transaction history (without storing full card details)

• Device information: Device type, operating system, browser, IP address
• Usage data: Pages visited, features used, session duration
• Cookies for improving user experience
• System logs for troubleshooting and problem resolution

2.1 Service Delivery

• Facilitate telemedicine consultations between patients and providers
• Manage appointment scheduling and reminders
• Process payments and billing
• Maintain medical records securely
• Enable communication between users and technical support

2.2 Platform Improvement

• Analyze usage patterns to improve features and performance
• Conduct research and development (using anonymized data)
• Personalize user experience
• Detect and prevent fraud and misuse

2.3 Legal Compliance

• Comply with Saudi healthcare laws
• Respond to legal requests from authorities
• Protect rights and safety of users
• Enforce terms of service and policies

• End-to-end encryption (SSL/TLS) for all data transmission
• Encryption of data at rest in databases
• Strict access controls and multi-factor authentication
• Continuous security monitoring and threat detection
• Regular backups and disaster recovery plans
• Periodic security audits and penetration testing
• Employee training on data privacy and security
• Compliance with National Cybersecurity Authority standards

4.1 With Service Providers

Patient medical information is shared only with the relevant healthcare provider for consultation or treatment. Other providers cannot access this information without explicit consent.

4.2 With Third Parties

We may share data with:

• Payment processors (to execute financial transactions)
• Cloud service providers (for data hosting - servers within Saudi Arabia)
• Analytics tools (anonymized data only)
• Technical support providers (with limited and controlled access)

All third parties are bound by strict data protection contracts and cannot use your data for their own purposes.

4.3 Legal Disclosure

We may disclose your information when legally required by:

• Saudi Ministry of Health
• Saudi Commission for Health Specialties
• Courts or judicial authorities
• Law enforcement agencies (in criminal investigations)
• Public health emergencies

• Access: Request a copy of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Restriction: Request restriction of data processing
• Portability: Obtain your data in a usable format
• Objection: Object to certain processing of your data
• Withdraw Consent: Withdraw your consent at any time (where applicable)
• Lodge Complaint: File a complaint with the National Cybersecurity Authority

To exercise any of these rights, please contact us at: telecare@codelines.sa

6.1 Medical Records

According to Saudi Ministry of Health regulations, medical records must be retained for at least 10 years after the last consultation. Service providers are responsible for complying with these retention requirements.

6.2 Financial Data

Financial records are retained for 7 years in accordance with Saudi Zakat, Tax and Customs Authority requirements.

6.3 Technical Data

System logs and usage data are retained for up to 12 months for security and improvement purposes.

The TeleCare+ platform is not intended for children under 18 years of age without parental or legal guardian consent. Parents or guardians must create accounts and manage appointments on behalf of children.

We use cookies and similar tracking technologies to:

• Maintain login sessions
• Remember your preferences (language, settings)
• Analyze platform usage and performance
• Prevent fraud and enhance security

You can control cookies through your browser settings. Note that disabling them may affect platform functionality.

We may update this Privacy Policy from time to time. You will be notified of material changes via email or prominent notice on the platform. Please review this page regularly to stay informed about our practices.

We comply with:

• Anti-Cyber Crime Law (1428H)
• Electronic Transactions Law (1428H)
• National Cybersecurity Authority controls
• Ministry of Health regulations for patient data protection
• Zakat, Tax and Customs Authority rules for financial data
• Saudi Commission for Health Specialties standards

For any questions or concerns about your privacy or this policy, or to exercise your data rights, please contact us: