Yes, we are supporting GDPR on our paid plans. 

How we are compliant (short list)

Update to Privacy Policy

We have updated our privacy policy to make third party information more clear as well as adding specific GDPR language to it. You can see the privacy policy at: https://doxy.me/privacy-policy

Enable Custom TOS or Privacy Policy

Because GDPR requires specific opt-in for anyone that needs to comply with GDPR, you will need to upgrade your account to our Professional or Clinic plan so you can enable our custom TOS checkbox for your patients. You can use our Privacy Policy link if you don't have your own you want to use: https://doxy.me/privacy-policy

We don't store identifiable data on your patients

As with all our Plans we do not store Personally Identified Information about your patients. While certain information might be gathered for system performance and high-level analytics, PII is not store persistently. Specifically things like: name in check-in box, audio or video media, other data shared while using the Doxy.me application.

Don't your data centers need to be in the EU now?

Not necessarily. GDPR does not require that our data centers be in the EU. GDPR allows a company to transfer data outside of the EU as long as practices are put in place to make sure that personal data is properly protected. We are certified under the EU-U.S. and Swiss-U.S. Privacy Shield frameworks to satisfy this requirement and also offer up our Data Processing Agreement (DPA). 

What if I have a Data Subject Right (DSR) request to delete or update data?

Any other requests to correct, access, or delete information, will be handled by emailing support@doxy.me. We'll respond to this requests within 3 days. 

Did this answer your question?