Effective Date: January 4, 2026
Last Updated: January 4, 2026
Welcome to Hakim ("we," "us," or "our"). Hakim is committed to protecting your privacy and ensuring the security of your personal health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our telehealth platform and mobile applications (collectively, the "Services").
Please read this Privacy Policy carefully. By using our Services, you agree to the collection and use of information in accordance with this policy.
Account Information: Full name, email address, phone number, date of birth, gender, physical address and city, profile photo (optional)
Medical Information: Medical history, current symptoms and conditions, allergies and blood type, current medications, emergency contact information, family medical history, appointment notes, medical records from consultations, prescription information, lab results, AI-generated health summaries
Insurance Information: Insurance provider name, policy and group numbers, member ID, coverage details, insurance card images
Payment Information: Payment method details (processed securely through third-party payment processors), transaction history, billing address
Communication Data: Messages exchanged with healthcare providers, video consultation recordings (if consented), voice recordings, file attachments and images
Device Information: Device type and model, operating system and version, unique device identifiers, mobile network information, IP address, browser type
Usage Information: Pages visited and features used, time and date of visits, click patterns, search queries, app performance data
Location Information: Approximate location based on IP address, precise location (only if you grant permission)
Providing Healthcare Services: Facilitating telemedicine consultations, enabling communication between patients and providers, generating and maintaining medical records, processing prescriptions, managing appointments, providing AI-powered symptom checking
Payment Processing: Processing consultation fees, generating receipts and invoices, verifying insurance coverage, managing billing history
Platform Improvement: Improving user experience, developing new features, conducting data analysis (using de-identified data), training AI models, fixing bugs
Communication: Sending appointment reminders, notifying you of new messages, sending prescription notifications, providing customer support, service updates
Legal and Security: Complying with legal obligations, preventing fraud, protecting against security threats, enforcing Terms of Service
We do not sell your personal information. We share information only as described below:
With Healthcare Providers: We share your medical information with healthcare providers you consult through our platform. All providers are bound by professional confidentiality obligations.
With Service Providers: Cloud hosting providers (Supabase), payment processors (Chapa, Telebirr), communication services, analytics providers, customer support tools. All service providers are contractually obligated to protect your information.
For Legal Reasons: To comply with legal processes, protect rights and safety, prevent fraud or security threats, in connection with legal proceedings
Technical Safeguards: End-to-end encryption for messages and video consultations, encrypted storage of medical records, secure HTTPS connections, regular security audits, multi-factor authentication, automated threat detection
Organizational Safeguards: Role-based access controls, employee confidentiality agreements, regular security training, incident response procedures, data breach notification protocols
Despite our efforts, no security system is impenetrable. We cannot guarantee absolute security of your information.
Access and Portability: You can access your personal and medical information anytime through your account. You can request a copy of your data in a portable format.
Correction and Update: You can update your personal information through account settings. You can request correction of inaccurate medical information.
Deletion: You can request deletion of your account and personal information. Medical records may be retained for legal compliance (typically 7 years).
Consent Withdrawal: You can withdraw consent for non-essential data processing, opt-out of marketing communications, disable location services.
Object to Processing: You can object to automated decision-making and request human review of AI-generated health recommendations.
To exercise these rights, contact us at [email protected]
Account Information: Retained while your account is active
Medical Records: Retained for 7 years after last consultation (legal requirement)
Payment Records: Retained for 7 years (tax and audit purposes)
Communication Data: Retained for 3 years
Usage Data: Retained for 2 years
De-identified Data: May be retained indefinitely for research
Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. Parents or legal guardians may create family member profiles for minors under their care.
If you are located in the European Union or European Economic Area, you have additional rights under GDPR. We process your data based on consent, contractual necessity, legal obligation, and legitimate interests. For detailed GDPR information, see our GDPR Compliance Documentation.
Data Protection Officer: [email protected]
If you are located in the United States, your protected health information (PHI) is subject to HIPAA. We comply with HIPAA requirements including Business Associate Agreements with all service providers handling PHI, administrative, physical, and technical safeguards, and breach notification procedures.
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new Privacy Policy on our website, sending an email notification, and displaying a prominent notice in the app. Your continued use of our Services after changes become effective constitutes acceptance of the updated Privacy Policy.
For questions, concerns, or to exercise your privacy rights, contact us:
Email: [email protected]
Data Protection Officer: [email protected]
Response Time: We aim to respond to privacy requests within 30 days.
By using Hakim's Services, you consent to this Privacy Policy and our collection, use, and sharing of your information as described herein.