Privacy Policy

Hauffi is a healthcare appointment booking platform that connects patients with registered healthcare practitioners. We act as the data controller for the personal information you provide to us.

For privacy inquiries, contact our Privacy Officer:
Email: admin@hauffi.com
Registered in South Africa

We collect only what is necessary to deliver our service.

Account information

• Full name
• Email address
• Phone number
• Role-specific profile information you choose to provide, such as medical aid selection for patients or practice details for doctors
• HPCSA registration number (doctors, for verification)
• Practice name, address, and consultation fee (doctors)

Identity verification documents (healthcare practitioners only)

• HPCSA registration certificate, to confirm registration status and credentials
• Government-issued identity document (SA ID or passport), to confirm that the person registering is the practitioner named on the HPCSA certificate

These documents are collected with your explicit consent, stored in an encrypted private vault, and used exclusively for credential verification. See Section 15 for full details.

Booking and billing data

• Appointment dates, times, and status
• Doctor selected by the patient
• Payment method preference, either cash or medical aid
• Medical aid name and plan (if applicable)
• Walk-in payment authorization metadata, masked card details, payment references, refunds, and cancellation outcomes when the on-demand feature is used (no full card numbers or CVVs are stored by Hauffi)
• Cancellation reasons selected from a predefined dropdown; no free-text medical disclosures are required

Device data

• Push notification token

Location data

• Foreground device location used to find nearby doctors
• Precise latitude/longitude may be stored with on-demand walk-in requests while the request is active and for related operational, billing, fraud-prevention, and dispute-resolution purposes

We do not collect sensitive medical records, diagnoses, prescriptions, or any clinical information.

We process your personal information under the following legal bases:

• Contract performance: processing necessary to provide the booking service you requested
• Legitimate interests: sending reminders and notifications that directly benefit your use of the service
• Consent: push notifications, which you may withdraw at any time in your device settings
• Legal obligation: retaining records as required by applicable law

Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

If we later want to use your personal information for a materially new purpose that requires a different legal basis, we will update our notice and obtain fresh consent where required before doing so.

• Create and manage your account
• Book, confirm, remind, and manage appointments
• Send push notification reminders (24 hours before appointments)
• Notify patients when an earlier appointment slot becomes available
• Verify healthcare practitioner credentials (HPCSA)
• Improve service quality and resolve disputes
• Comply with legal obligations

We do not sell, rent, or share your personal information with third parties for marketing or advertising purposes.

We do not currently run unsolicited promotional email marketing. If we introduce promotional email campaigns in the future, we will update this policy and use appropriate consent and unsubscribe controls before sending them.

We share limited data only in these circumstances:

• With your doctor: a patient's name, phone number, payment preference, and appointment details are visible to the practitioner they have booked with
• With patients: a doctor's name, specialty, practice address, consultation fee, and available slots are visible to authenticated patients
• Service providers: Supabase (database, authentication, storage), Expo (push notifications), Google (maps and places), Paystack (patient walk-in billing), Smile Identity (doctor identity verification), Browserless (automated HPCSA public-register checks when enabled), Resend (transactional email), and OpenAI (AI analytics assistant, practice data only, no patient records). Each is used to provide a specific part of the service. OpenAI does not train on API data.
• Legal requirements: if required by law, court order, or to protect the rights and safety of our users

No other sharing occurs without your explicit consent.

Hauffi uses infrastructure that may process data outside your country of residence, including in the United States and European Union (Supabase), the United States (Expo push services, OpenAI, Browserless, Resend), jurisdictions used by Paystack for payment processing, and the jurisdictions used by Smile Identity for identity verification.

We ensure appropriate safeguards are in place for all cross-border transfers, including standard contractual clauses where required by applicable law (e.g., GDPR, POPIA).

• Account data: retained while your account is active
• Appointment records: retained while your account is active and removed from live systems when your account is deleted, subject to limited backup retention
• Push tokens: retained while your account is active and cleared when you sign out or delete your account
• Verification documents (practitioners): retained while your account is active and deleted from live systems when the account is deleted or when we process an approved deletion request, subject to limited backup retention

You may request early deletion at any time by contacting admin@hauffi.com.

We implement industry-standard security measures including:

• TLS encryption for all data in transit
• AES-256 encryption for data at rest
• Row-level security at the database level (your data is accessible only to you and your booked practitioners)
• Regular security reviews and access controls

No system is completely secure. If you suspect unauthorised access to your account, contact us immediately at admin@hauffi.com.

If we discover that a breach of your personal data has occurred, we will investigate immediately and:

• Notify you within 30 days of discovering the breach, as required by POPIA
• Notify the South African Information Regulator where required by law
• Describe the nature of the breach and the data affected
• Provide recommendations on protective measures you can take

If you suspect unauthorised access to your account or believe a breach has occurred, contact us immediately at admin@hauffi.com.

Depending on your location, you may have the following rights. We honour all of them regardless of where you reside:

• Access: request a copy of the personal information we hold about you
• Correction: request that we correct inaccurate or incomplete information
• Deletion ("Right to be forgotten"): request that we delete your account and personal data
• Restriction: request that we limit how we process your data
• Portability: receive your data in a machine-readable format
• Objection: object to processing that is based on legitimate interests
• Opt-out of sale: we do not sell personal data, so this right is satisfied by default
• Withdraw consent: withdraw any consent you have given at any time

To exercise any of these rights, email admin@hauffi.com. We will respond within 30 days (or within any shorter period required by applicable law).

Portability or transfer requests are handled case by case after identity verification, and are provided where lawful, secure, and technically feasible.

You can also delete your account directly at any time, no need to contact us:

• Doctors (web portal): Profile → scroll to "Danger zone" → Delete my account
• Patients and doctors (mobile app): Profile tab → scroll to bottom → Delete Account

Account deletion is immediate and irreversible. We retain an anonymised audit log (your internal user ID + role + deletion timestamp) for security and regulatory compliance purposes, but all personally identifiable data is removed from live systems as part of deletion. Limited backup copies may persist until backup rotation completes.

South Africa (POPIA)

We process personal information in compliance with the Protection of Personal Information Act 4 of 2013. Our Information Officer can be contacted at admin@hauffi.com.

Our PAIA manual is maintained as part of our legal compliance records and can be requested through admin@hauffi.com. A public access route is available at /paia-manual.

European Union / United Kingdom (GDPR / UK GDPR)

If you are located in the EEA or UK, you have the right to lodge a complaint with your local supervisory authority. Our lawful bases for processing are set out in Section 3.

California, USA (CCPA / CPRA)

California residents have the right to know, delete, correct, and opt out of the sale or sharing of personal information. We do not sell or share personal information as defined under the CCPA. To exercise your rights, email admin@hauffi.com.

Brazil (LGPD)

We process personal data in accordance with Lei Geral de Proteção de Dados. Your rights under the LGPD are captured in Section 9 above.

Canada (PIPEDA)

We comply with the Personal Information Protection and Electronic Documents Act. You may withdraw consent for non-essential processing at any time.

Australia (Privacy Act / APPs)

We comply with the Australian Privacy Principles under the Privacy Act 1988.

Hauffi is not intended for use by children or minors. You must be at least 18 years old to use Hauffi. We do not knowingly collect personal information from children. If you believe a child has provided us with their data, contact us at admin@hauffi.com and we will delete it promptly.

What we use and why

Do I need to consent?

No. The session cookie is strictly necessary for authentication and is exempt from consent requirements under both POPIA and GDPR. The localStorage entries are purely functional preferences stored locally in your browser, they are never sent to our servers and contain no personal information.

We do not use advertising cookies, third-party tracking pixels, or any analytics that identify individual users. No cookie consent banner is shown because none is legally required.

How to clear cookies and localStorage

You can clear all browser storage at any time in your browser settings. Clearing the session cookie will sign you out of the portal. Clearing localStorage will reset your widget configuration, sidebar preference, and AI chat history, your account data remains safe on our servers.

We may update this policy from time to time. When we do, we will update the "Last updated" date at the top. For material changes, we will notify you via push notification or email at least 14 days before the change takes effect. Continued use of Hauffi after changes constitutes acceptance of the updated policy.

For any privacy-related questions, requests, or complaints:

Email: admin@hauffi.com
Hauffi, Privacy Officer
South Africa

We aim to respond to all enquiries within 5 business days and to resolve requests within 30 days.