Privacy Policy
Last updated: December 2025
At HealthSlot, the privacy and security of your data is our priority. This policy explains how we collect, use, and protect your information.
1. What data we collect
Professional data (account users)
- First and last name
- Email address
- Phone number (for WhatsApp Business)
- Professional information (specialty, bio, location)
- Availability and schedule settings
- Billing data for subscriptions
Patient data (contact records)
Important: Patients do not have accounts on HealthSlot. They are contact records created by professionals.
- Patient name
- WhatsApp number
- Email (optional)
- Professional notes (optional)
- Appointment history
2. How we use your data
- Appointment management: Schedule, confirm, remind, and reschedule sessions
- WhatsApp communication: Send automatic reminders and notifications to patients
- Service improvement: Analyze anonymous usage to improve the platform
- Support: Respond to your inquiries and requests
- Billing: Process subscription payments
3. Sharing data with third parties
We only share data with essential services to operate HealthSlot:
- Meta (WhatsApp Business API): To send reminder messages to patients. Only the phone number and message content are shared.
- Supabase: Database infrastructure where data is stored securely.
- Lemon Squeezy: Subscription payment processing. Lemon Squeezy acts as the Merchant of Record and handles tax compliance. We do not store card data.
- PostHog: Anonymous platform usage analytics.
We never sell your data or your patients' data to third parties for advertising purposes.
4. Data security
- HTTPS/TLS encrypted connections
- Database with restricted access and encryption at rest
- Secure authentication via Supabase Auth
- Patient data access limited to the professional only
- Automatic daily backups
5. Your rights
You have the right to:
- Access: Request a copy of all your data
- Rectification: Correct inaccurate data
- Deletion: Request that we delete your account and data
- Export: Download your data in CSV format
- Portability: Take your data to another service
To exercise these rights, contact us at privacy@healthslot.app
6. Data retention
- Active account: We keep your data as long as your account is active
- Cancellation: After cancellation, your data is kept for 30 days in case you change your mind
- Deletion: After 30 days, data is permanently deleted
7. Cookies and tracking
We use essential cookies to:
- Keep you logged in
- Remember your preferences
- Anonymous usage analytics (PostHog)
We do not use advertising or third-party tracking cookies.
8. Changes to this policy
We may update this policy occasionally. We will notify you by email of important changes. The last updated date always appears at the beginning of this document.
9. Contact
For privacy questions, contact us:
- Email: privacy@healthslot.app
- Form: healthslot.app/contact