gpp_goodLegal Governance

Privacy Policy

PDPL Compliance & Data Protection Standards

1. Information We Collect

We collect the following categories of personal data: • Account information: Name, email address, professional credentials, and organizational affiliation. • Usage data: Queries submitted to our clinical AI tools, session logs, and API usage metrics. • Billing data: Payment method details and transaction history. • Device data: IP addresses and authentication timestamps for security and audit purposes. We do not collect identifiable patient health data. All clinical text is anonymized at the application layer.

2. How We Use Your Information

We use collected information to: • Deliver and improve our clinical AI services. • Authenticate users and maintain account security. • Process billing and subscription management. • Comply with legal and regulatory obligations under Saudi law.

3. Data Storage and Residency

All data is stored on servers located within the Kingdom of Saudi Arabia in compliance with PDPL data residency requirements. We use AES-256 encryption at rest and TLS 1.3 in transit.

4. Your Rights Under PDPL

Under the Saudi Personal Data Protection Law, you have the right to access, correct, or delete your personal data. You may also withdraw your consent for data processing at any time. To exercise these rights, contact us at info@rcmhelper.com.