Email Us: [email protected]24/7 Support: Available in English & Spanish
How we collect, use, and protect your information
ServMedica ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our telemedicine platform.
By using ServMedica's services, you acknowledge that you have read and agree to this Privacy Policy.
Types of data we gather to provide our services
The purposes for which we process your data
We do NOT sell your personal or health information
We share health information with licensed physicians on our platform who provide your care. They are bound by professional confidentiality.
Trusted partners for payment processing, cloud hosting, and notifications. All bound by strict data protection agreements.
When required by law, court orders, or to protect rights and safety. We comply with applicable healthcare regulations.
In medical emergencies, we may share necessary information with emergency services to protect your life or health.
We do NOT maintain long-term medical records
Automatically deleted within 7 days after your trip ends
Retained while active. Delete anytime via account settings
7 years per financial regulations (no health data)
We protect your health information with hospital-grade security standards — layered defenses, strict access controls, and continuous monitoring.
All data is encrypted using AES-256 at rest and TLS 1.3 in transit — the same standards trusted by governments and financial institutions. Your records are unreadable to anyone without authorized access.
We enforce role-based access so only authorized personnel can view your data. Multi-factor authentication is required for all staff and physician accounts, and access tokens expire every 15 minutes.
Our infrastructure is monitored around the clock by automated threat detection systems. Every access to protected health information is logged, and anomalies trigger immediate alerts to our security team.
Our platform runs on HIPAA-compliant infrastructure with SOC 2 controls. We conduct regular security audits, penetration testing, and vulnerability assessments to maintain the highest protection standards.
Patient data is partitioned by country at the infrastructure level. Medical records from one country are never co-mingled with another, ensuring compliance with local data residency requirements.
We maintain a dedicated incident response plan. In the unlikely event of a data breach, affected users will be notified within 72 hours along with relevant regulatory authorities as required by law.
You have control over your personal information. We follow GDPR-aligned principles regardless of where you are located, ensuring you can exercise these rights at any time.
Request a complete copy of all personal and health data we hold about you. We will provide it in a portable, machine-readable format within 30 days of your request.
If any of your personal or medical information is inaccurate or incomplete, you have the right to request corrections. We will update your records promptly and confirm the changes.
Request deletion of your personal data at any time. Health data is automatically purged after your trip, but you can request immediate deletion of all account data. Some transaction records may be retained as required by financial regulations.
You can ask us to limit how we process your data — for example, restricting use to essential service delivery only while a dispute is resolved or while you verify the accuracy of your information.
You have the right to receive your data in a structured, commonly used format and to transmit it to another service provider without hindrance from ServMedica.
You can object to the processing of your personal data for purposes such as analytics or service improvement. We will stop processing unless we have compelling legitimate grounds that override your interests.
To exercise any of these rights, contact our privacy team at [email protected]
We verify your location using GPS, IP geolocation, and network data to ensure physicians only treat patients in countries where they are licensed. Location data is used solely for service eligibility and physician matching — it is never sold or shared for advertising purposes.
Services are available in countries where ServMedica operates. Use of VPN or location-spoofing technology is prohibited and may result in account termination.
Services are for users 18+. Parents may use services for minor dependents with appropriate consent.
We use essential cookies for functionality and analytics cookies to improve our services. Manage via browser settings.
Data may be processed internationally with appropriate safeguards including standard contractual clauses.
We'll notify you of material changes via email or platform notification. Review periodically for updates.
By using ServMedica's services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described. ServMedica is a telemedicine consultation service and NOT a substitute for emergency care or health insurance.
View a simple text version for easy copying or printing