Mawaeidk is a platform that lets patients in Qatar browse doctors, clinics, and hospitals, book appointments online, and pay through Sadad. The data controller under Qatar's Personal Data Privacy Protection Law (PDPL) is the Mawaeidk operations team.

We collect the following categories of data based on how you use the service:

• Data you provide on signup: name, phone number, email (optional), date of birth, gender, profile photo if you add one.
• Precise location data: collected only after you grant explicit permission, used to show you the nearest providers. You can revoke the permission any time from your device settings.
• Booking data: appointment dates, chosen specialty, payment method, booking status, any notes you write to the AI assistant.
• Device data: device type, OS and version, push-notification token (FCM), IP address for security purposes.
• Usage data: pages visited inside the app, session timestamps, error reports captured by our monitoring system.
• Payment data: we do NOT store your card details on our servers. Payments are processed entirely through Sadad, which receives card data directly.

We use the data we collect for the following purposes only:

• Operating the service: creating your account, verifying identity, showing relevant providers, creating bookings, processing payments.
• Sending appointment reminders (24 hours before + 1 hour before) via push notifications and email.
• Sending you the payment invoice automatically by email after a successful payment.
• Improving the service: analysing usage patterns to develop features and fix bugs.
• Communicating with you about your account, bookings, or important security updates.
• Complying with legal obligations in the State of Qatar.

We will not use your data for third-party targeted advertising, and we will never sell it to anyone, under any circumstances.

We share the minimum amount of your data with service providers that enable us to run the platform. Each provider is contractually bound to data-protection standards no lower than ours:

• The medical provider you book with: we share your name, phone, and the appointment date/time so they can prepare for the visit and contact you if needed.
• Sadad payment gateway (Qatar): for processing payments. Sadad receives card data directly through their secure interface; we do not retain it.
• Google Firebase: for push notifications and crash diagnostics.
• Resend: for sending email (welcome, invoices, appointment reminders).
• Sentry: for real-time error monitoring. No sensitive personal data is sent — only technical error messages.
• Anthropic Claude: powers the AI assistant that suggests the right specialty for your symptoms. Only the symptom text is sent, with no personal identifiers.

We may have to disclose certain data if requested by a competent judicial or regulatory authority in the State of Qatar, following applicable legal processes.

We apply reasonable technical and organisational safeguards to protect your data against unauthorised access, modification, or disclosure. The most important measures:

• Communication between your app and our servers is encrypted via HTTPS (TLS 1.2+).
• Passwords are hashed with bcrypt before storage — even our team cannot read them.
• Payment data is fully separated from our servers (handled by Sadad).
• Administrative access is restricted to a small number of staff under "need-to-know" principle.
• Active monitoring for intrusion attempts and suspicious usage.

Despite our diligence, no method of electronic transmission or storage is 100% secure. If you suspect any compromise of your account, please contact us immediately.

We retain your data while your account is active, plus the additional period required by law for billing and dispute resolution. When you request account deletion, we delete your personal data within 30 days, except for data we are legally required to retain (e.g. financial transaction records for seven years per Qatar regulators).

Under Qatar's Personal Data Privacy Protection Law, you have the following rights, exercisable free of charge by contacting us:

• Access the personal data we hold about you.
• Correct any inaccurate information on your account.
• Delete your account and personal data (subject to the legal exceptions above).
• Withdraw consent to the processing of your data at any time.
• Object to specific processing of your data.
• Receive a copy of your data in a machine-readable format.

We respond to requests within 30 days at most. If you are not satisfied with our response, you may file a complaint with the competent authority in the State of Qatar.

The service is intended for users aged 18 and over. We do not knowingly collect data from anyone under that age. If you are a guardian and discover that your child created an account, please contact us to close the account and delete the data.

The Mawaeidk website uses cookies that are essential for running sessions and remembering your preferences (language, login state). We do not use third-party advertising cookies. You can disable cookies in your browser settings, though doing so may affect some site functionality.

We use Firebase Cloud Messaging to deliver notifications. When you opt in to receive them, your device is assigned a unique token (FCM Token) which we store to send booking notifications and reminders. You can stop notifications at any time from app settings or your device's OS settings.

Some of our service providers (such as Firebase and Sentry) host data on servers outside the State of Qatar. Before transferring any data, we ensure that protection safeguards equivalent to those in force in Qatar are in place under our contractual terms with these providers.

We may update this policy from time to time. The most recent update date is always shown at the top of this page. If we make a material change that affects how we use your data, we will notify you in advance via the app or email.

For any questions about this policy, or to exercise any of the rights listed above:

• Email: support@mawaeidk.com
• In-app: "Help & Support" section in Settings
• Address: State of Qatar