Privacy
Policy.
Information collected
The Estekip platform collects the following categories of information for the purposes of account creation, service provision and improving the site experience: account information (name, email), clinic information (company name, tax number), contact data, patient health data (only via the clinic), payment information (tokenized), usage metrics and technical data (IP, cookie, device information).
Use
The collected information is used for the following purposes: service provision, fulfillment of contractual obligations, payment transactions, security and fraud prevention, product improvement (anonymous aggregate), marketing (limited to explicit consent), and meeting legal obligations.
Cookies
We use cookies in three categories:
- Essential: Session, security, CSRF — no consent required
- Preference: Language, theme selection — consent based
- Analytics: Anonymous usage metrics (Plausible · self-host) — consent based
We do not use advertising cookies. You can change your preference at any time via a Cookiebot-like banner.
Retention periods
- Patient medical records: 20 years (health legislation requirement)
- Operation records: 20 years
- Chat and messages: 2 years active + 5 years archive (Glacier)
- Audit log: 5 years partition + 10 years archive (immutable)
- Marketing preferences: Until consent is withdrawn
- Backup: 30 days full + 7 days PITR
User rights
You can exercise your rights of access, correction, erasure, portability and objection via self-service in the patient panel or through privacy@estekip.com.