How we protect data
- TLS/HTTPS in transit: all traffic is encrypted between browsers, WhatsApp, and our services.
- Access controls: staff access is scoped to each practice.
- Data minimisation: we store only what is needed for bookings and reminders.
- Retention & deletion: appointment history is kept for operational continuity; deletion requests are handled on request.
- Voice metadata: call intent and notes are treated as patient data and scoped per practice; call audio is not stored by default.
POPIA support
- Data requests: submit access or deletion requests via tlatli@innovaseb.tech.
- Role allocation: practices act as responsible parties for patient data submitted through the service, and Innovaseb acts as operator for that data.
Related policies
Review the core policies that explain security and data handling.