Privacy Policy

1. Introduction

Kaizen Star Technologies LLC ("we", "our", "us") is the developer and operator of MedicoPlus — a cloud-based clinic and hospital management software platform serving healthcare providers in the UAE, GCC, and India. Our registered office is at Office 204, Mozna Building, Al Nahda, Dubai, UAE.

This Privacy Policy describes how we collect, use, store, and protect personal data in connection with the MedicoPlus platform and this website (clinicsoftware.ae). We are committed to handling all personal data in compliance with applicable UAE laws, including Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL).

2. Data We Collect

We collect the following categories of data:

• Clinic and hospital user data: names, roles, contact details, login credentials for clinic staff using MedicoPlus.
• Patient data: demographic information, Emirates ID data, medical history, clinical encounter records, prescriptions, lab and radiology results, insurance details — entered by licensed healthcare providers through the MedicoPlus platform.
• Contact form data: name, email, phone number, and message submitted through this website's enquiry or demo request forms.
• Technical data: IP address, browser type, pages visited, session duration — collected via Google Analytics and server logs for platform performance monitoring.

3. How We Use Your Data

• To deliver and operate the MedicoPlus clinic management platform for your facility.
• To fulfil UAE healthcare authority compliance obligations including NABIDH (DHA), Riayati (MOHAP), and Malaffi (DOH Abu Dhabi) health information exchange reporting.
• To provide implementation support, training, and ongoing technical assistance.
• To respond to demo requests and sales enquiries submitted via this website.
• To monitor platform performance, diagnose issues, and improve the software.
• To communicate product updates, compliance requirement changes, and support notifications to registered users.

4. UAE PDPL Compliance

We process personal data in accordance with Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL) and its implementing regulations. Our legal bases for processing include:

• Contract performance: processing necessary to deliver the MedicoPlus software service under our agreement with your clinic or hospital.
• Legal obligation: processing required to comply with UAE healthcare authority regulations (DHA, DOH, MOHAP).
• Legitimate interests: platform security, fraud prevention, and service improvement.
• Consent: where required for optional communications, we obtain explicit consent.

5. Healthcare Data Handling

Patient data processed through MedicoPlus is handled with the highest level of security controls appropriate to sensitive healthcare information:

• All data is encrypted in transit using TLS 1.2 or higher.
• Access to patient records is role-based — each staff member sees only the data relevant to their function.
• Audit trails log all access and modifications to patient records.
• Automated backup systems protect against data loss.
• Healthcare providers (clinics and hospitals) remain the data controllers for their patients' clinical records. Kaizen Star Technologies LLC acts as a data processor on their behalf.

6. Data Residency

MedicoPlus is available in two deployment configurations:

• Cloud deployment: Data is hosted on UAE-based servers. Patient data does not leave UAE jurisdiction unless your facility requests integration with a cross-border health information exchange.
• On-premise deployment: The MedicoPlus application and all patient data reside entirely on servers within your clinic or hospital premises. Kaizen Star Technologies LLC does not access this data without explicit authorisation from your facility.

7. Third-Party Sharing

We do not sell, rent, or trade personal data. Data is shared only in the following circumstances:

• UAE health authorities: Patient encounter data is transmitted to NABIDH (DHA), Riayati (MOHAP), and/or Malaffi (DOH) as required by UAE law and as directed by your licensed healthcare facility.
• Service providers: We use trusted sub-processors for hosting, analytics (Google Analytics), and live chat (Tawk.to). These providers process data only as instructed and under data processing agreements.
• Legal requirements: We may disclose data if required by UAE law, court order, or competent regulatory authority.

8. Data Retention

We retain data for as long as required to deliver services and comply with UAE healthcare regulations. Clinical records are retained in accordance with DHA, DOH, and MOHAP retention requirements (minimum 10 years for adult patient records as per UAE healthcare standards). Contact form and enquiry data is retained for up to 2 years.

9. Your Rights

Under the UAE PDPL, you have the right to:

• Access: request a copy of personal data we hold about you.
• Correction: request that inaccurate personal data be corrected.
• Deletion: request erasure of personal data where no legal obligation requires us to retain it.
• Restriction: request that we limit processing of your data in certain circumstances.
• Objection: object to processing based on legitimate interests.

Patient rights requests relating to clinical records must be directed to the clinic or hospital that provided your care — they are the data controller for your medical records. For all other requests, contact us using the details below.

10. Cookies

This website uses cookies for analytics (Google Analytics) and live chat functionality (Tawk.to). By using this website you consent to the use of these cookies. You can disable cookies in your browser settings, though this may affect website functionality.

11. Contact

For privacy-related enquiries, data access requests, or concerns:

• Email: [email protected]
• Address: Kaizen Star Technologies LLC, Office 204, Mozna Building, Al Nahda, Dubai, UAE
• Phone: +971 50 386 9500