Sehtak Privacy Policy (Patient-Facing)
Version: 1.2 Effective date: 2026-06-08 Document URL: https://sehtak.ae/legal/privacy
This Privacy Policy explains how Sehtak FZ-LLC ("Sehtak", "we", "us", "our") processes your personal data when you use the Sehtak patient app, the Sehtak patient website (app.sehtak.ae), or interact with a healthcare facility that uses the Sehtak platform.
This policy is final and binding on Sehtak from the effective date above. It is reviewed annually and may be updated as set out in §12.
Your data is hosted in the UAE. Your health records never leave UAE infrastructure. We comply with UAE Federal Decree-Law No. 45 of 2021 (the Personal Data Protection Law or PDPL) and UAE Federal Law No. 2 of 2019 (the ICT Health Law).
If you would prefer to read this in Arabic, switch the app language to العربية, or contact us at the address below.
1. Who we are and our role in your data
Sehtak is a healthcare software platform, not a healthcare provider. We provide software to clinics and pharmacies in the UAE.
- When you book an appointment, visit a clinic, or fill a prescription at a pharmacy that uses Sehtak, your healthcare provider is the Data Controller of your medical records. They decide what is recorded, why, and for how long.
- Sehtak is the Data Processor that securely processes that information on their behalf.
For your account on the Sehtak patient app — your profile, your appointment history across multiple clinics, your saved family members, and your communication preferences — Sehtak acts as Data Controller. This Privacy Policy describes that role.
Contact us:
- Email: privacy@sehtak.ae
- Postal: Sehtak FZ-LLC, Meydan Free Zone, Dubai, UAE
- Data Protection Officer: dpo@sehtak.ae
2. What personal data we collect
2.1 Account data
- Your full name (English + Arabic if you provide it)
- Your Emirates ID number and verification status (encrypted at rest)
- Your date of birth, gender, and nationality
- Your mobile phone number, email address, home address, and emirate
- Your preferred language (Arabic / English)
- Photo (optional)
2.2 Identity verification data
- If you are a UAE resident, you can sign in with UAE Pass. We receive your verified identity attributes from UAE Pass under your authorisation.
- Document + selfie verification is provided by our partner Entrust IDV (formerly Onfido), operated by Onfido Ltd (UK, an Entrust company). This is used for: Emirates ID scan + face match for UAE residents who don't use UAE Pass, and passport + face match for visitors and non-residents. Entrust IDV is a Data Processor acting on our behalf.
2.3 Healthcare-related data
- Appointments you book and visits you complete
- Prescriptions issued to you by clinics using Sehtak
- Dispense records from pharmacies using Sehtak
- Lab results and imaging reports shared to your account
- Patient questionnaires you complete
- Telehealth session metadata (when, with whom — content of the call is encrypted and not retained beyond the recording you explicitly consent to)
- Insurance card details (if you choose to add them)
2.4 Communications
- WhatsApp messages, SMS, and email between you and a clinic/pharmacy that uses Sehtak
- In-app messages and notifications
- Calls placed through the Sehtak AI receptionist (if your clinic uses it)
2.5 Technical and usage data
- Device type, operating system, app version
- IP address (used for security and fraud prevention)
- Approximate location (only with your explicit permission — used to show nearby clinics)
- Crash logs and performance data (anonymous)
2.6 Payment data
- Payment processed through Stripe (subscription billing) and Tap Payments (UAE-resident marketplace splits, patient-pay flows) — both regulated payment processors
- We do not store your full credit card number. We store only a token issued by the payment processor
3. Why we collect this data (lawful basis)
We rely on the following lawful bases under PDPL Article 4:
| Purpose | Lawful basis |
|---|---|
| Creating and managing your account | Consent (you sign up voluntarily) |
| Booking appointments and processing prescriptions | Performance of contract |
| Sharing your records with healthcare providers you visit | Consent and necessity for the provision of healthcare |
| Sharing records via NABIDH (Dubai HIE) | UAE ICT Health Law (opt-out — you can opt out, see Section 7) |
| Sharing records via Malaffi (Abu Dhabi HIE) or Riayati (Northern Emirates HIE) | Explicit consent — opt-in only |
| Sending appointment reminders | Legitimate interest (continuity of care) |
| Sending marketing messages | Explicit consent — you can withdraw at any time |
| Security, fraud prevention, abuse detection | Legitimate interest |
| Complying with UAE law (record retention, audit) | Legal obligation |
4. Who we share data with
Your personal data is shared with the following parties, only for the purposes set out:
| Recipient | What | Why |
|---|---|---|
| Your healthcare providers (clinics and pharmacies you visit) | Your relevant records | Provision of healthcare |
| UAE Pass / Federal Authority for Identity & Citizenship | Identity verification handshake | Authentication |
| NABIDH (DHA Dubai HIE) | Encounter and prescription data for Dubai facility visits | Continuity of care — you may opt out via your profile |
| Malaffi (DoH Abu Dhabi HIE) | Encounter and prescription data for Abu Dhabi visits | Only with your explicit opt-in consent |
| Riayati (MOHAP Northern Emirates HIE) | Encounter and prescription data for Northern Emirates visits | Only with your explicit opt-in consent |
| Entrust IDV — Onfido Ltd (UK) | Document scan (Emirates ID or passport) and liveness face match | Identity verification when you don't use UAE Pass |
| Tap Payments / Mamo Pay (UAE) | Payment processing | Billing |
| du Cloud (UAE) and Moro Hub (Digital DEWA, UAE) | Compute (du Cloud), PHI Postgres + Blob storage (Moro Hub). All your data hosted in the UAE. | Infrastructure |
| Unifonic / Twilio | Outbound WhatsApp, SMS, voice | Delivery of messages (message metadata only — never clinical content in body) |
| Resend (US/EU) | Transactional email delivery | Email delivery (no PHI in email body) |
| Stripe | Subscription billing | Payment processing for facility subscriptions |
| Tap Payments (UAE-licensed) | Marketplace splits + patient pay flows | Payment processing for patient-pay services at clinics and pharmacies |
| Insurance payers (only if you have insurance and we are submitting a claim) | Diagnosis codes, prescription details, claim amount | Insurance reimbursement |
| Government and regulatory authorities | As required by law | Legal compliance |
The full, current list of our sub-processors is published at sehtak.ae/legal/sub-processors. We will notify you in-app of material changes.
5. Where your data lives
All your health data is stored on infrastructure located in the United Arab Emirates.
- Compute: du Cloud (UAE)
- PHI database and object storage: Moro Hub (Digital DEWA, UAE)
- Disaster-recovery in a second UAE region
Some non-clinical, technical data (anonymised crash logs, app performance metrics) may be processed by sub-processors outside the UAE. No personal health information ever leaves the UAE without your explicit consent or a lawful basis under UAE ICT Health Law.
If your identity is verified by document + selfie rather than UAE Pass, Entrust IDV (formerly Onfido, operated by Onfido Ltd UK — an Entrust company) processes your document scan and liveness selfie in the United Kingdom under the UK GDPR adequacy framework. This processing is governed by a Data Processing Agreement with Sehtak and is limited strictly to identity verification.
5A. UAE Pass — identity verification
If you are a UAE resident, you can sign in with UAE Pass, the UAE's national digital identity service. UAE Pass is operated by the UAQ Digital Authority under the Telecommunications and Digital Government Regulatory Authority (TDRA) and acts as a data processor for Sehtak for the purpose of verifying your identity.
Why we use it. Healthcare patient identity verification at the SOP3 assurance level — meaning your Emirates ID has been confirmed by the government, not just self-declared. This protects your medical records from identity fraud.
What we receive from UAE Pass (only when you authorise the sign-in):
- Your UAE Pass identifier and verification level (SOP1 or SOP3)
- Your Emirates ID number (stored encrypted, never shown in logs)
- Your full name in English and Arabic
- Your date of birth, gender, and nationality
- Your mobile number and email address
Our lawful basis. Your explicit consent when you start the UAE Pass sign-in, together with our legitimate interest in protecting sensitive health data from identity fraud (PDPL Art. 5 and Art. 15).
SOP3 is required to see your medical records. Only SOP3-verified UAE Pass accounts can view health records, prescriptions, lab and imaging results inside Sehtak. A SOP1 account (identity not government-verified) can sign in to browse and book appointments only — you will see a clear in-app message explaining that SOP3 verification is needed before any medical record is shown. This is enforced on our servers, not just in the app.
Unlinking. You can unlink UAE Pass from your Sehtak account at any time. Access to your medical records is paused until you verify again, because SOP3 is required for clinical access. Unlinking does not delete records already held by a healthcare facility (see §6).
6. How long we keep your data
| Data category | Retention period |
|---|---|
| Clinical records (appointments, prescriptions, dispenses, lab results) | 25 years (UAE ICT Health Law minimum) |
| Account profile data | While your account is active; deleted within 90 days of account closure (subject to clinical retention above) |
| Identity verification data (UAE Pass, Entrust IDV / Onfido) | Verification result kept; raw document image (Emirates ID or passport) and selfie deleted after 30 days |
| Audit logs (security) | 10 years |
| Communications (WhatsApp, SMS, email) | 1 year |
| Payment data | 7 years (UAE financial-record retention) |
| Telehealth recording (if you consent to recording) | Treated as a clinical record — 25 years |
| Telehealth metadata (no recording) | 1 year |
| Anonymous analytics / aggregated data | Indefinite (cannot be linked back to you) |
7. Your rights under UAE PDPL
You have the following rights:
- Right to access — request a copy of the personal data we hold about you. Free of charge, delivered within 30 days. Use Settings → Privacy → Export my data in the app.
- Right to correction — fix inaccurate data. Most fields are editable directly in your profile; for clinical records, contact the facility that created the record.
- Right to deletion — request deletion of your account. We will delete account data within 90 days, except clinical records, which UAE ICT Health Law requires us to retain for 25 years even after your account is closed.
- Right to object — object to certain processing, including marketing communications.
- Right to withdraw consent — for processing based on your consent (e.g. marketing, Malaffi/Riayati sharing), withdraw at any time. Withdrawal does not affect processing that already happened.
- Right to opt out of NABIDH — Dubai's HIE operates on an opt-out basis. By default your Dubai facility visits are shared with NABIDH. You can opt out in Settings → Privacy → NABIDH. Opting out means future Dubai providers will not see records held in NABIDH.
- Right to lodge a complaint — with the UAE Data Office at TDRA (the federal data-protection regulator). Contact: dataoffice@tdra.gov.ae or visit tdra.gov.ae/dataoffice.
To exercise any right, email privacy@sehtak.ae or use the in-app privacy dashboard. We will respond within 30 days.
8. Children
The Sehtak patient app is intended for users 18 years or older. Parents and legal guardians can manage children's records as linked family members from their own Sehtak account. Children under 18 cannot create independent Sehtak accounts.
9. Security
We protect your data with:
- TLS 1.3 encryption in transit
- AES-256-GCM encryption at rest for sensitive identifiers (Emirates ID, passport number, etc.)
- Multi-factor authentication (MFA) — strongly recommended for all patient accounts
- Append-only audit logs of all access to your records — we can show you who looked at what
- Role-based access — only authorised people at your healthcare provider can see your records, and only the records relevant to your care
- De-identification of clinical text before AI processing (more on this in Section 10)
If we ever experience a data breach affecting your personal data, we will notify you and the UAE Data Office within 72 hours of becoming aware.
10. AI in healthcare
Sehtak provides AI features to clinics, including an AI Scribe (which drafts a clinical note from a doctor-patient conversation in Arabic or English).
- The AI runs on Sehtak's own infrastructure inside the UAE. Your audio and the resulting text never go to OpenAI, Anthropic, Google, Azure OpenAI, AWS Bedrock, or any other foreign AI service. Self-hosted only.
- Before any AI processing, your direct identifiers (name, Emirates ID, MRN, phone) are stripped from the text — the AI sees
[PATIENT]instead of your name. This is in addition to the UAE-residency protection. - A licensed doctor reviews and approves every AI-generated note before it is saved to your record. The AI never has the final say.
- AI Scribe transcripts are deleted within 30 days. The doctor-approved clinical note is kept for the regulatory 25-year retention.
- You can decline AI scribing at any time by telling the doctor or unticking the consent box at the start of the visit.
11. Cookies and tracking
The Sehtak web app uses the following categories of cookies and similar technologies:
| Category | Purpose | Examples | Retention |
|---|---|---|---|
| Strictly necessary | Authentication session, CSRF protection, language preference. Cannot be disabled without breaking the app. | sehtak_session, sehtak_csrf, sehtak_lang | Session, plus 30 days for the refresh token |
| Functional | Remember your dashboard preferences, recently-viewed patients, layout choices. | sehtak_dashboard_layout | 1 year |
| Analytics (self-hosted, UAE-resident) | Anonymous product usage measurement. Runs on PostHog self-hosted on UAE infrastructure. No data leaves UAE. | ph_* | 1 year |
| Security | Anti-bot challenge (Cloudflare Turnstile) on signup and login. | cf_* | Session |
We do not use advertising cookies, retargeting pixels, social-media tracking pixels, or any cookie that ships personal data to a third-party advertiser. You can disable Functional and Analytics cookies from Settings → Privacy → Cookies. Strictly Necessary cookies cannot be disabled while you are signed in.
12. Changes to this Policy
We may update this Privacy Policy from time to time. Material changes will be notified in-app at least 30 days before they take effect. Continued use after the effective date constitutes acceptance. You can always see the current version at sehtak.ae/legal/privacy.
13. Contact us
- Privacy questions / requests: privacy@sehtak.ae
- Data Protection Officer: dpo@sehtak.ae
- General contact: hello@sehtak.ae
- Postal: Sehtak FZ-LLC, Meydan Free Zone, Dubai, United Arab Emirates
- WhatsApp: [Sehtak support number, to be set up]
Regulator: UAE Data Office (TDRA) — dataoffice@tdra.gov.ae · tdra.gov.ae/dataoffice
This Privacy Policy is governed by the laws of the United Arab Emirates. Any dispute will be resolved by the Dubai Courts.