Privacy Policy

Last Updated: March 26, 2025

1. Introduction

Welcome to Doctor Vin (https://doctor.vin). Doctor Vin (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data globally. This Privacy Policy explains how we collect, use, disclose, process, and protect your information when you visit our website and use our services, including our interactive Artificial Intelligence (AI) features, regardless of your location.

We strive to handle your data transparently, ethically, and securely, in accordance with applicable data protection laws and regulations in the jurisdictions where we offer our services. This includes respecting principles found in major global privacy frameworks such as the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) as amended and others, where applicable.

By using our website and services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We may collect several different types of information for various purposes to provide and improve our Service to you:

  • Personal Data: Information that can identify you directly or indirectly. This may include, but is not limited to:
    • Email address (if you subscribe to a newsletter or create an account)
    • Name (if provided voluntarily, e.g., via contact forms)
    • Location data (e.g., country, region based on IP address)
    • Any other information you voluntarily provide.
  • Usage Data: Information collected automatically when you use the Service. This may include IP address, browser type, browser version, pages visited, time and date of visit, time spent on pages, referring URLs, device identifiers, and other diagnostic data.
  • AI Interaction Data: Questions, prompts, text, and any information you voluntarily input when interacting with our AI feature. We strongly advise you NOT to input sensitive personal information, specific health details that could identify you, or any data you consider highly confidential into the AI chat interface.
  • Cookies and Tracking Data: Information collected via cookies and similar technologies. See Section 9 (“Cookies and Tracking Technologies”) below.

3. How We Collect Information

We collect information through the following ways:

  • Directly from You: When you provide it voluntarily (e.g., filling forms, subscribing, interacting with AI, contacting us).
  • Automatically: Through your browser and device via cookies, server logs, and similar technologies when you access the Service.

4. How We Use Your Information

We use the collected data for purposes including:

  • To provide, operate, secure, and maintain our website and services.
  • To improve, personalize, and expand our website and services.
  • To understand and analyze how you use our website and services (often using aggregated or anonymized data).
  • To develop new products, services, features, and functionality.
  • To communicate with you (e.g., customer service, updates, marketing where consent is obtained).
  • To respond to your inquiries and requests.
  • To improve the performance, safety, and accuracy of our AI system (AI Interaction Data may be used for analysis and training, typically in an anonymized or aggregated form; we will seek consent if identifiable data is needed).
  • For compliance purposes, including enforcing our terms, protecting rights and safety, and meeting legal obligations in relevant jurisdictions.

5. Legal Basis for Processing Personal Data

We process your Personal Data based on one or more legal bases, depending on the context and jurisdiction:

  • Consent: Where you have given explicit consent for processing for one or more specific purposes.
  • Contract Performance: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legitimate Interests: Where processing is necessary for our legitimate interests (e.g., operating and improving the Service, security, analytics), provided these interests are not overridden by your data protection rights.
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.

6. Disclosure and Sharing of Information

We do not sell your Personal Data. We may share your information under specific circumstances:

  • With Service Providers: With trusted third-party vendors who perform services on our behalf (e.g., hosting, analytics, AI infrastructure, customer support), under strict confidentiality agreements and data processing terms where required.
  • For Legal Requirements: If required by law, regulation, legal process (e.g., subpoena), or governmental request in a relevant jurisdiction, or to protect rights, safety, or property.
  • Business Transfers: If we are involved in a merger, acquisition, or asset sale, your Personal Data may be transferred, subject to notice and confidentiality commitments.
  • With Your Consent: For any other purpose disclosed to you, with your explicit consent.
  • Aggregated/Anonymized Data: We may share data that has been aggregated or anonymized (cannot reasonably identify you) for research, analysis, or other legitimate purposes.

7. Data Security and Retention

We implement reasonable technical and organizational measures designed to protect your Personal Data against unauthorized access, disclosure, alteration, or destruction. However, no internet transmission or electronic storage is 100% secure.

We retain Personal Data only for as long as necessary for the purposes outlined in this policy, to fulfill our legal obligations (e.g., compliance with applicable laws), resolve disputes, enforce agreements, or as otherwise required or permitted by law.

8. Your Privacy Rights (Data Subject Rights)

Depending on your location and applicable data protection laws (such as GDPR, CCPA, UU PDP), you may have rights regarding your Personal Data, potentially including:

  • The right to access the Personal Data we hold about you.
  • The right to rectify inaccurate Personal Data.
  • The right to erase your Personal Data (‘right to be forgotten’).
  • The right to restrict the processing of your Personal Data.
  • The right to data portability (receive your data in a usable format).
  • The right to object to the processing of your Personal Data (e.g., for direct marketing).
  • The right to withdraw consent at any time, where processing is based on consent.
  • The right not to be subject to automated decision-making that produces legal or similarly significant effects (we currently do not engage in such profiling).
  • The right to lodge a complaint with a relevant data protection authority.

The availability of these rights may vary by jurisdiction. To inquire about or exercise any rights you believe may apply to you, please contact us. We may need to verify your identity before responding to your request.

9. Cookies and Tracking Technologies

We use cookies and similar technologies (e.g., web beacons, pixels) to operate the Service, enhance user experience, analyze usage, and potentially assist in marketing efforts. You can manage your cookie preferences through your browser settings or potentially through a cookie consent tool on our website. Refusing essential cookies may impact site functionality.

10. Children’s Privacy

Our Service is not intended for individuals under the age of 16, or a higher age threshold if required by local law (e.g., 18 in some jurisdictions), (“Children”). We do not knowingly collect Personal Data from Children without appropriate parental consent where required (e.g., under COPPA in the US, GDPR, or other applicable laws). If you believe we may have collected information from a Child without proper consent, please contact us immediately.

11. International Data Transfers

Your information, including Personal Data, may be transferred to, stored, and processed in countries other than your own, including Indonesia where our operations may be based, and potentially other locations where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

We will take appropriate steps to ensure that your Personal Data receives an adequate level of protection in the jurisdictions in which we process it. Where required by law (e.g., for transfers outside the EEA/UK), this may include using data transfer mechanisms such as Standard Contractual Clauses approved by relevant authorities.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the new policy on this page and updating the “Last Updated” date. We encourage you to review this policy regularly. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

13. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your privacy rights, please Contact Us.

14. Governing Law

This Privacy Policy is primarily governed by and construed in accordance with the laws of the Republic of Indonesia, where Doctor Vin may have its operational base. However, this does not preclude you from benefiting from mandatory provisions of consumer protection laws or data protection rights applicable in your jurisdiction of residence.