PRIVACY POLICY

This Privacy Policy explains how WevAii (“we”, “us”, “our”) collects, uses, stores, and protects personal data when you use our website and services related to appointment automation for clinics.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and applicable Cyprus and EU data protection laws.

1. Who We Are

Company Name: WevAii
Email: wevaii.support@gmail.com

We provide appointment automation, booking systems, and related digital services for clinics and healthcare providers.

2. What Personal Data We Collect

We may collect and process the following types of personal data:

a) Data You Provide Directly

  • Name

  • Email address

  • Phone number

  • Business or clinic name

  • Appointment-related information

  • Messages sent via contact forms or email

b) Patient Data (on behalf of clinics)

When acting as a service provider for clinics, we may process:

  • Patient name

  • Contact details (email, phone)

  • Appointment details (date, time, service, practitioner)

⚠️ We process patient data only on behalf of clinics and according to their instructions.

3. How We Use Personal Data

We use personal data to:

  • Provide and manage appointment automation services

  • Set up and maintain booking systems

  • Send appointment confirmations and reminders

  • Communicate with clients

  • Provide customer support

  • Improve our services

  • Meet legal and regulatory obligations

4. Legal Basis for Processing (GDPR)

We process personal data based on one or more of the following legal grounds:

  • Consent – when you explicitly provide data

  • Contractual necessity – to deliver our services

  • Legitimate interest – to improve and secure our services

  • Legal obligation – where required by law

5. Data Sharing & Third Parties

We may share data only with trusted third parties necessary to deliver our services, such as:

  • Booking and scheduling software providers

  • Email and SMS notification services

  • Payment processors (if enabled)

  • Cloud hosting providers

All third parties are GDPR-compliant and process data under strict confidentiality agreements.

We do not sell or rent personal data.

6. Data Storage & Security

We take appropriate technical and organizational measures to protect personal data, including:

  • Secure servers

  • Encrypted connections

  • Access controls

  • Regular system monitoring

Data is stored only for as long as necessary to fulfill its purpose or comply with legal requirements.

7. Cookies & Tracking Technologies

Our website may use cookies to:

  • Improve functionality

  • Analyze website traffic

  • Enhance user experience

You can manage or disable cookies through your browser settings.

8. Your Rights Under GDPR

You have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Request deletion of data (“right to be forgotten”)

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent at any time

To exercise your rights, contact us at wevaii.support@gmail.com.

9. Patient Data & Clinics’ Responsibility

When we process patient data on behalf of clinics:

  • The clinic is the Data Controller

  • We act as the Data Processor

  • Clinics are responsible for informing patients and obtaining consent

10. Data Retention

We retain personal data only for as long as:

  • Necessary to provide services

  • Required by law

  • Needed for legitimate business purposes

After this period, data is securely deleted or anonymized.

11. International Data Transfers

If data is transferred outside the EU, we ensure:

  • Adequate safeguards

  • GDPR-compliant transfer mechanisms

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
Any changes will be posted on this page with an updated revision date.

13. Contact Us

If you have questions about this Privacy Policy or how we handle data, contact:

📧 Email: wevaii.support@gmail.com