Logo

Want to start project?

Let's talk

Privacy Policy

Your Privacy Matters to Us

At Yalla Systems, we are committed to protecting your personal information and maintaining a secure and trustworthy environment for our patient booking system. This privacy policy explains how we collect, use, and protect your personal information when you use our hospital booking application.

Information We Collect

Personal Information

When you create an account or book an appointment, we collect:

  • Contact Information: Email address and phone number (required for account creation)
  • Identity Information: Name, date of birth, and other identification details necessary for appointment booking
  • Medical Information: Relevant health information required for appointment scheduling
  • Location Data: Your general location to help you find nearby hospitals and healthcare providers

Third-Party Authentication

When you use social sign-in services, we collect:

  • Apple Sign-In: Basic profile information (name, email) as permitted by Apple's privacy controls. We respect your privacy choices in Apple ID settings.
  • Google Sign-In: Basic profile information (name, email, profile picture) as authorized by Google's OAuth process.
  • Authentication Tokens: Secure tokens to verify your identity (these do not contain your social media passwords)

Device and Technical Information

We automatically collect information about how you use our platform:

  • Device Information: Device type, operating system, unique device identifiers, mobile network information
  • App Usage Data: Search queries, hospital and doctor selections, appointment history and booking patterns
  • Location Information: Precise location (with your permission) or approximate location based on IP address
  • Crash and Performance Data: Error logs and performance metrics to improve app stability
  • Analytics Data: How you interact with our app features and content

How We Use Your Information

We use your personal information to:

  • Facilitate Bookings: Process and manage your hospital and doctor appointments
  • Account Management: Maintain your user account and preferences
  • Communication: Send appointment confirmations, reminders, and necessary updates about your bookings
  • Customer Support: Respond to your inquiries and provide assistance
  • Service Improvement: Enhance our platform functionality and user experience
  • Legal Compliance: Meet healthcare regulations and legal requirements

Information Sharing

We share your information only when necessary:

  • Healthcare Providers: We share relevant appointment and contact information with the hospitals and doctors you book with
  • Service Providers: Trusted third-party services that help us operate our platform (payment processors, communication services)
  • Legal Requirements: When required by law, regulation, or legal process
  • Emergency Situations: In cases where sharing information is necessary to protect health and safety

We never sell or rent your personal information to third parties for marketing purposes.

Data Security

We implement robust security measures to protect your information:

  • Encryption of sensitive data in transit and at rest
  • Secure authentication and access controls
  • Regular security audits and monitoring
  • Compliance with healthcare data protection standards

Your Rights and Choices

You have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct your personal information
  • Deletion: Request deletion of your account and associated data
  • Data Portability: Receive your data in a portable format
  • Opt-out: Unsubscribe from marketing communications (appointment-related communications will continue)

Cookies and Tracking

Our platform uses cookies and similar technologies to:

  • Remember your preferences and settings
  • Improve platform performance and functionality
  • Provide personalized content and recommendations
  • Analyze usage patterns to enhance our services

You can manage cookie preferences through your browser settings, though some functionality may be limited if cookies are disabled.

Data Retention

We retain your information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal and regulatory requirements
  • Resolve disputes and enforce our agreements

Medical and appointment records may be retained for longer periods as required by healthcare regulations.

International Data Transfers

Your information may be processed and stored in countries other than your own, including servers located outside your jurisdiction. We ensure appropriate safeguards are in place to protect your data during international transfers.

Age Restrictions and COPPA Compliance

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we discover we have collected personal information from a child under 13, we will delete such information promptly.

For users between 13-17 years of age, parental consent may be required for certain features. Healthcare appointments for minors must be scheduled by a parent or legal guardian.

Platform-Specific Privacy Information

Apple App Store Compliance

  • Privacy Nutrition Labels: We provide clear data collection disclosures in our App Store listing
  • App Tracking Transparency: We request your permission before tracking your data across other apps and websites
  • Sign in with Apple: When available, we offer Apple's privacy-focused authentication option
  • Location Services: We clearly explain why location access is needed and respect your system-level privacy settings

Google Play Store Compliance

  • Data Safety Section: We accurately disclose our data practices in the Play Console
  • Permissions: We only request permissions necessary for app functionality
  • Advertising ID: We respect user choices regarding advertising personalization
  • Android Privacy Controls: We honor system-level privacy settings and user choices

Qatar Data Protection Law Compliance

As a Qatar-based healthcare application, we comply with Qatar's Personal Data Privacy Protection Law (Law No. 13 of 2016) and all applicable regulations. Our compliance includes:

Health Data Classification

We recognize that health data under Qatar law includes information related to:

  • Physical and mental health conditions
  • Medical treatment details and history
  • Healthcare provider information
  • Appointment and booking records
  • Health security and safety data

Explicit Consent Requirements

In accordance with Qatar's data protection law, we:

  • Obtain Explicit Consent: Before collecting any health-related personal data
  • Inform About Future Uses: Clearly explain potential future uses of your health data
  • Respect Withdrawal: Honor your right to withdraw consent at any time
  • Marketing Consent: Obtain separate explicit consent for any electronic marketing communications

Data Protection Principles

We adhere to Qatar's fundamental data protection principles:

  • Transparency: Clear and honest communication about data practices
  • Fairness: Equitable treatment of all users and their data
  • Human Dignity: Respect for individual privacy and personal autonomy
  • Purpose Limitation: Using data only for stated, legitimate healthcare purposes

Cybersecurity Obligations

We implement robust security measures as required by Qatar law:

  • Protection against data loss, damage, or unauthorized modification
  • Prevention of unauthorized access to personal health data
  • Comprehensive training for all data handlers and staff
  • Regular security assessments and updates
  • Incident response procedures for data breaches

Updates to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will:

  • Notify you of material changes through the app, website, or email
  • Provide at least 30 days' notice for significant changes
  • Update the "Last Updated" date at the bottom of this policy
  • Maintain previous versions for reference if requested

Language and Accessibility

This privacy policy is available in English. As required by Qatar regulations, key privacy notices and consent forms within our mobile application are available in both English and Arabic to ensure accessibility for all users in Qatar.

If you require assistance understanding this policy or need it in Arabic, please contact our privacy team.

Contact Us

If you have questions about this privacy policy or how we handle your personal information, please contact us:

  • Privacy Officer: privacy@yalla.systems
  • General Inquiries: admin@yalla.systems
  • Mailing Address: Yalla Systems, Doha, State of Qatar
  • Response Time: We will respond to privacy requests within 30 days as required by Qatar law
  • Arabic Support: Arabic language support available upon request

Last Updated: August 2025

Effective Date: August 2025

Version: 2.0