Privacy Policy
Last updated: July 3, 2026
1. Introduction
Welcome to MedxSpace ("we", "our", or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy applies to all information collected through our website (medxspace.com) and our clinic management software platform.
By accessing or using our services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy.
2. Information We Collect
We collect personal information that you voluntarily provide to us when you register for our services, including:
- Clinic Information: Name, address, email, and contact details of the medical practice.
- Practitioner & Staff Data: Names, roles, phone numbers, and professional credentials.
- Patient Data (acting as a Data Processor): We process patient names, phone numbers, ages, genders, and medical notes on behalf of our clinic clients.
3. WhatsApp Business API Integration
Our platform utilizes the WhatsApp Business API to send transactional messages (such as appointment confirmations, queue updates, and billing receipts) to patients on behalf of clinics.
- We only send WhatsApp messages to phone numbers that have explicitly opted-in or provided consent to the respective clinic.
- Phone numbers and message templates are shared securely with Meta (WhatsApp's parent company) strictly for the purpose of message delivery, in compliance with WhatsApp Business Terms of Service.
- We do not sell, rent, or share patient phone numbers for third-party marketing purposes.
4. How We Use Your Information
We use the information collected or received to:
- Facilitate account creation and logon processes.
- Provide, operate, and maintain our clinic management system.
- Send administrative information to you (e.g., changes to our terms, SLA agreements).
- Send transactional notifications to your patients via SMS or WhatsApp (only as directed by the clinic).
- Ensure the security and integrity of our platform.
5. Data Security & Storage
We implement robust, industry-standard security measures, including Row-Level Security (RLS) and encrypted database storage, to protect your personal information and Electronic Health Records (EHR) from unauthorized access, alteration, or disclosure.
However, please remember that no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure.
6. Sharing Information with Third Parties
We only share information with third parties under the following circumstances:
- Service Providers: We share data with trusted third-party vendors, service providers, contractors, or agents who perform services for us (e.g., cloud hosting via Supabase, messaging via Meta/WhatsApp).
- Legal Obligations: We may disclose information if legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, or court order.
7. Your Rights & Choices
Depending on your region, you may have specific rights regarding your personal data, including the right to request access, correction, or deletion of your personal information. Clinics can manage, update, or delete their data directly through the MedxSpace dashboard.
Patients wishing to exercise data rights regarding information stored by a clinic using MedxSpace should contact the clinic directly, as MedxSpace acts only as a Data Processor.
8. Contact Us
If you have any questions or comments about this Privacy Policy or our data practices, particularly concerning our WhatsApp integration, please contact us at:
MedxSpace Privacy Team
support@medxspace.com