Chat Now
Home Book a Demo (Practitioners) Book on WhatsApp Staff Login
Legal

Privacy Policy

How we collect, use and protect personal information in accordance with POPIA.

Last updated: May 2026

1. Who We Are

ClearDoc ("ClearDoc", "we", "us", "our") is a South African software company that provides a white-label virtual clinical platform to healthcare practitioners and practices ("Subscribers"). We are committed to protecting personal information in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA).

For any data-related queries: hello@cleardoc.co.za

2. Who This Policy Applies To

This policy covers two groups of people:

  • Subscribers — practitioners, practice managers and staff who use the ClearDoc platform under a subscription agreement.
  • Patients — individuals whose information is captured through the platform by a Subscriber. ClearDoc acts as a data processor for patient data; the Subscriber (the practice) is the responsible party for that data under POPIA.

3. What We Collect

From Subscribers (practitioners and staff)
  • Full name, email address, phone number and professional title
  • HPCSA registration number and practice registration details
  • Practice name, logo, address and banking details (for invoicing)
  • Login credentials (passwords are hashed — we never store them in plain text)
  • Technical data including IP address and browser session information for security purposes
Patient data processed on behalf of Subscribers
  • Personal details: name, ID or passport number, date of birth, gender, contact information
  • Medical history, allergies, chronic conditions, current medications and SOAP consultation notes
  • Clinical documents: invoices, prescriptions, medical certificates and contraceptive cards
  • Consent records including timestamp and IP address at the time consent was given
  • Audit logs of all actions taken on a patient file

This data is owned by the Subscriber's practice. ClearDoc processes it only to deliver the platform's functionality.

4. How We Use Subscriber Data

  • To provision, maintain and improve your platform instance
  • To process your monthly subscription and issue invoices
  • To provide technical support and respond to queries
  • To send platform updates, security notices and service communications
  • To meet South African legal and regulatory requirements

We do not use Subscriber data for advertising. We do not sell it to any third party.

5. How We Use Patient Data

Patient data is used exclusively to provide the features of the platform on behalf of the Subscriber — specifically:

  • Storing and displaying patient records within the practice's dashboard
  • Generating clinical documents (invoices, prescriptions, certificates)
  • Sending documents to patients by email when instructed by the practice
  • Enabling QR-code document verification
  • Recording audit logs for POPIA and HPCSA compliance

ClearDoc does not access, analyse or share patient data for any purpose beyond delivering the platform service. The Subscriber is responsible for obtaining valid patient consent before capturing data.

6. Data Sharing

We do not share your data — or patient data — with any third party except:

  • Infrastructure and hosting providers who process data strictly to host the platform (under data processing agreements)
  • South African authorities where required by law

We do not use advertising networks, analytics platforms or data brokers.

7. How We Keep Data Safe

  • All data is transmitted over encrypted HTTPS connections
  • Access to patient records is restricted by role — each staff member sees only what their role permits
  • Every action on a patient file is recorded in a full, tamper-evident audit trail
  • Passwords are hashed using industry-standard algorithms — plaintext passwords are never stored
  • Sessions expire automatically after 8 hours of inactivity
  • Patient data is retained for as long as the practice subscription is active, and for the minimum period required by the Health Professions Act thereafter

8. Data Ownership and Portability

Patient data belongs to the Subscriber's practice, not to ClearDoc. On cancellation of a subscription, Subscribers may request a full export of their patient records and documents in a standard format before their account is deactivated. Requests must be made before the account closure date.

9. Your Rights Under POPIA

Both Subscribers and patients have the following rights:

  • Request a copy of the personal information we hold about you
  • Ask us to correct any inaccurate information
  • Request deletion of your information, subject to legal retention requirements
  • Object to the processing of your personal information
  • Lodge a complaint with the Information Regulator of South Africa (justice.gov.za/inforeg)

To exercise any of these rights: hello@cleardoc.co.za

10. Cookies

Our website uses essential session cookies only — for login security and CSRF protection. We do not use advertising, tracking or analytics cookies of any kind.

11. Changes to This Policy

We may update this policy from time to time. The most current version will always be available on this page with the date of last update. Subscribers will be notified of material changes by email.

12. Contact Us

Email: hello@cleardoc.co.za
WhatsApp: +27681565646
Website: https://www.cleardoc.co.za