Privacy Policy for GoDocta / Urgent Care SKN

Last updated: Monday, October 20, 2025

Introduction

GoDocta and Urgent Care SKN (“we”, “us”, “our”) respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services (including in-clinic, via our website, mobile/virtual consultation platform, WhatsApp chat, and other channels). It also explains your rights in relation to your data.

If you have any questions about this policy or our data-practices, please contact us via the details in Section 13 below.

Applicability & Purpose

This policy applies to individuals whose personal data we collect, including:

1. Patients (existing and potential) of Urgent Care SKN
2. Users of our online/virtual consultation service
3. Visitors to our website, WhatsApp or other communication channels
4. Job-applicants, contractors, and third-party service providers (where relevant)

 

Our goal is to ensure:

• Compliance with the GDPR (and UK GDPR) if you are in or we are targeting persons in the EEA/UK, and
• Compliance with regional data-protection laws in the Caribbean and elsewhere where applicable. For example, Caribbean jurisdictions increasingly require lawful, fair, transparent processing, strengthened security for sensitive health data, rights of access/erasure, etc.
• That your data is handled with integrity, confidentiality, and respect.

 

What Data We Collect

We may collect the following types of personal data, as relevant:

(a) Identity & Contact Data

• Name, date of birth, gender
• Address, phone number, email address
• Emergency contact details

 

(b) Medical & Health Data (Special Category Data)

• Health history, symptoms, diagnosis, treatment information
• Lab/imaging results, prescription history
• Virtual consultation audio/video/chats
• (In some cases) genetic, biometric or lifestyle data

 

(c) Technical & Usage Data

• IP address, device identifiers, browser/app metadata
• Website/mobile-app usage, cookies, analytics

 

(d) Communications Data

• WhatsApp chat history, email correspondence, phone call logs

(e) Other Data

• • Payment and billing information (e.g., credit card details, invoices)
  • Job-application/contractor data (if relevant)

 

How We Use Your Data (Purposes)

We use your personal data for the following purposes:

• To provide medical care, virtual consultations, diagnostics, treatment and follow-up services
• To respond to your enquiries (via WhatsApp, phone, email) and schedule appointments
• To manage payments, insurance claims, billing and accounting
• To operate, maintain and improve our website, virtual platform, mobile apps and communication channels
• To send you information about your care, appointment reminders, health-related notifications (clinical, not promotional)
• To conduct internal research, quality-improvement and audit (in anonymised form unless consent given)
• Where applicable (with consent): to send marketing / promotional materials (e.g., news, offers),  you may opt-out at any time
• To comply with legal and regulatory obligations (e.g., health-care regulation, accounting, safety reporting)
• To detect, investigate and prevent fraud, abuse or other unlawful activities
• For human-resources or contractor-management purposes (when you apply for work or provide services to us)

 

Lawful Basis for Processing

Under the GDPR and similar laws, we rely on one or more of the following lawful bases:

• Consent: when you have given clear, informed consent for one or more specific purposes
• Contract: processing is necessary for performance of a contract with you (e.g., providing care or virtual consultation)
• Legal obligation: we need to process your data to comply with a legal obligation (e.g., medical record-keeping laws)
• Vital interests: to protect someone’s life (e.g., emergency treatment)
• Legitimate interests: for our legitimate business purposes, provided your rights and freedoms are not overridden

In the case of health and medical data (special-category data), additional conditions apply (e.g., consent, necessary for provision of health or social care) under Article 9 of the GDPR.

How Your Data Is Shared / Disclosed

We may share your data with:

• Our clinical staff (doctors, nurses, allied health professionals) and administrative staff to provide care
• Third-party service-providers (e.g., cloud/hosting providers, billing/insurance companies, tele-medicine platform providers) under contract and confidentiality obligations
• External laboratories, pharmacies, diagnostic centers (with your consent or as medically necessary)
• Regulatory authorities and public-health authorities where required by law
• In aggregate or anonymized form, for research, audit or quality-improvement purposes (so that you are not identifiable)

We will never sell your personal data to third-parties for marketing without your explicit consent.

International Transfers

If we transfer your personal data outside your jurisdiction (e.g., outside the EEA or to a country without equivalent data-laws), we will put in place appropriate safeguards (e.g., standard contractual clauses, data-transfer agreements) in accordance with Articles 44-49 of the GDPR.

Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected (including to satisfy legal, accounting, or regulatory requirements).
When determining retention periods, we consider:

• What the data are (e.g., routine contact details vs. complex medical records)
• Whether you are an active patient or former patient
• Any applicable jurisdictional requirement (e.g., health-care laws in the country of operation)
  After the retention period, we will securely destroy or anonymize your data.

 

Security of Your Data

We implement technical and organizational measures designed to protect your personal data against accidental loss, unauthorized access, disclosure, alteration or destruction. These measures include (but are not limited to):

• Encryption of data in transit and at rest
• Access controls (role-based, least-privilege)
• Regular security assessments and audits
• Secure backup and disaster-recovery procedures
• Staff training on data-protection and confidentiality
• Maintaining records of processing activities to demonstrate compliance.
  In the Caribbean region, local data-protection laws require appropriate security safeguards for sensitive health data. 

 

Your Rights

Under applicable data-protection law (including the GDPR/UK GDPR and regional laws) you have the following rights:

• Right to be informed about how your data is used
• Right of access –  you may request a copy of the personal data we hold about you
• Right to rectification – you may ask us to correct inaccurate or incomplete data
• Right to erasure (right to be forgotten) – under certain circumstances you may request deletion of your data
• Right to restrict processing – you may ask us to suspend processing of your data in certain circumstances
• Right to data portability – you may ask for a copy of your data in a structured, commonly-used format
• Right to object – you may object to our processing of your data based on legitimate interests or for direct-marketing
• Rights in relation to automated decision-making / profiling – where relevant you may ask for meaningful human intervention

If you wish to exercise any of these rights, please contact us using the contact details in Section 13. We will respond within the timeline required by applicable law (for example, within one month under the GDPR) unless an extension is permitted.

 

Cookies & Similar Technologies

Our website and mobile-apps use cookies and similar tracking technologies to distinguish you from other users, improve your experience and collect analytics. You may configure your browser or device to refuse cookies but this may limit certain functionality or services.

 

Children’s Data

We do not knowingly collect personal data from children under the age of 16 without parental / guardian consent (or as permitted by local law). If you believe we have collected data from a child without such consent, please contact us and we will take appropriate steps to delete the data.

 

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on our website and indicate the date of last revision. We encourage you to review it periodically.

Contact Information

If you have any questions about this policy or our data-protection practices, or wish to exercise your rights, please contact:

Data Protection Contact:
GoDocta / Urgent Care SKN
Medical Associates Building

Victoria Road, Basseterre
Email: privacy@godocta.com

If you are located in a jurisdiction in which you may lodge a complaint with a supervisory authority, you also have the right to do so (for example, in the UK via the Information Commissioner’s Office).

Other Important Information

a) Links to Third-Party Sites

Our website may contain links to external sites. We are not responsible for the privacy-practices of those sites; please review their policies before providing personal data.

b) Virtual / Telehealth Services

When you use our virtual consultation platform, the same principles apply. Additional safeguards (e.g., video encryption) are used to protect remote-care data.

c) International & Regional Context

Because we operate in the Caribbean, and may serve patients or users from other countries (including the EU/UK), your data may be subject both to EU/UK GDPR and regional/local data-protection laws. We endeavor to ensure compliance in all jurisdictions where we operate or serve users. For Caribbean jurisdictions, these laws generally require lawfulness, fairness, transparency, secure processing, rights of access/erasure, and may define “sensitive personal data” (such as health data) more strictly.

d) Duty of Confidentiality

Medical information is subject to special confidentiality obligations. Our staff are bound by professional confidentiality and applicable healthcare-law duties in addition to data-protection law.

e) Consent for Marketing

Where we rely on consent for marketing communications, you have the right to withdraw your consent at any time (without affecting processing based on prior consent). We will provide an easy-opt-out mechanism (e.g., “unsubscribe” link).

We thank you for trusting GoDocta / Urgent Care SKN with your personal data. We are committed to handling it responsibly and safeguarding your rights.

End of Privacy Policy

 

GoDocta & Urgent Care SKN Privacy Explained

Last updated: Monday, October 20, 2025

At GoDocta and Urgent Care SKN, your privacy and trust matter to us.
We only collect the information we need to provide you with safe, reliable, and convenient healthcare, both in person and online.

What We Collect

When you use our services, we may collect:

• Your name, age, contact information, and health details so our doctors can care for you.
• Notes, lab results, and consultation details related to your visits.
• Information you share through our website, WhatsApp, or during a virtual consultation.
• Payment details when you pay for services.
• Technical info (like your device type or IP address) to keep our systems secure and improve your experience.

Why We Collect It

We use your information to:

• Provide and manage your medical care.
• Book appointments and follow up on visits.
• Send you test results, reminders, or wellness messages.
• Improve our clinic and digital services.
• Comply with legal or health-care regulations. We never sell your data to anyone.

Who Sees Your Information

Your information is only shared with:

• Our trusted doctors, nurses, and care team.
• Labs, pharmacies, and specialists involved in your treatment.
• Technology partners who help us deliver secure tele-health, billing, and support.
  Everyone we work with is required to keep your information private and secure.

Where We Store It

Your information may be stored securely on servers in our home country or in approved international data centers (Amazon AWS, Google Cloud or similarly appropriate and secure). If we send data outside your country, we make sure it’s protected under strict privacy agreements.

How We Keep It Safe

We use strong security measures, 256 bit encryption, access controls, HIPAA Compliance and staff training to protect your data from loss, misuse, or unauthorized access.

How Long We Keep It

We keep your medical information only as long as the law or medical regulations require, then safely delete or anonymize it.

Your Rights

You have the right to:

• See what information we hold about you.
• Correct or update your details.
• Ask us to delete your data (when legally possible).
• Limit or object to how we use it.
• Withdraw your consent for marketing messages.

To make a request, email us at privacy@godocta.com.

Children’s Privacy

If you’re under 16, we’ll need your parent or guardian’s permission to collect or use your data.

Changes

We may update this summary or our full Privacy Policy from time to time. The most recent version will always be posted at www.godocta.com/privacy.

\Questions or Concerns?

GoDocta / Urgent Care SKN
Email: privacy@urgentcareskn.com

We take your privacy seriously. Thank you for trusting us with your care.