1. ACCEPTANCE OF TERMS

1.1. Binding Agreement: By accessing, browsing, or using DocQR.org (the "Service"), you agree to be bound by these Terms and Conditions ("Terms"), our Privacy Policy, and all applicable laws and regulations. If you do not agree to these Terms, you must not access or use the Service.

1.2. Operator: DocQR.org is operated by 4 Humans Works LLC ("DocQR," "we," "us," or "our").

1.3. Modifications: We reserve the right to modify these Terms at any time in accordance with Section 17. Your continued use after changes constitutes acceptance.

1.4. Additional Terms: Certain features may be subject to additional terms and conditions, which will be presented to you at the time of use.

2. CRITICAL DISCLAIMERS AND ACKNOWLEDGMENTS

PLEASE READ THIS SECTION CAREFULLY. IT CONTAINS IMPORTANT INFORMATION ABOUT THE LIMITATIONS OF OUR SERVICE.

2.1. Not a Medical Device or Healthcare Provider: DocQR is NOT:

A medical device
A healthcare provider
A diagnostic tool
An emergency medical service
A substitute for professional medical advice

DocQR is a personal health record-keeping and document management tool only.

2.2. No Medical Advice: DocQR does not provide medical advice, diagnosis, treatment, or professional medical services of any kind. Nothing in the Service should be construed as medical advice.

2.3. Emergency Services: In case of medical emergency, ALWAYS:

Call your local emergency services immediately (911 in the US)
Seek immediate professional medical attention
Do NOT rely solely on information stored in DocQR

2.4. Professional Consultation Required: Always consult qualified, licensed healthcare professionals for all medical decisions. Information in DocQR should supplement, not replace, the advice of medical professionals.

2.5. Healthcare Provider Responsibility: Healthcare professionals accessing patient records through DocQR are independently responsible for:

Verifying the accuracy and currency of information
Making their own clinical judgments
Maintaining their own official medical records
Complying with all applicable healthcare regulations

2.6. User Responsibility for Accuracy: You are solely responsible for the accuracy, completeness, and currency of all information you upload to DocQR.

2.7. No Guarantee of Access: While we strive for high availability, we cannot guarantee that the Service will be accessible at all times, including during emergencies.

2.8. Explicit Acknowledgment Required: By creating an account and using DocQR, you explicitly acknowledge that you have read, understood, and accept these critical limitations.

3. DESCRIPTION OF SERVICE

3.1. Core Services: DocQR provides a digital platform that allows users to:

Store and manage personal medical records, documents, and health information
Share medical information securely with healthcare professionals and others
Access health information via QR code scanning (physical cards with NFC or digital QR codes)
Upload documents, images, and files via multiple methods
Visualize medical history through an interactive 3D anatomical interface
Receive notifications and reminders via email and other channels (on supported plans)
Download and export their data at any time
Control access permissions for shared information

3.2. Service Tiers: The Service is available in three tiers:

Basic (Free): Core features with limited storage
Pro (Paid): Enhanced storage and features
Premium (Paid): Maximum storage and advanced features

Detailed feature comparison and current pricing is available at www.docqr.org

3.3. Platform Access: The Service is accessible via:

Web browsers (desktop and mobile)
Mobile devices (responsive web design, no app installation required)
QR code scanning (any standard QR reader)
NFC (on physical cards)

3.4. Third-Party Services: The Service integrates with third-party services including but not limited to:

Communication platforms for notifications
Cloudflare CDN
Payment processors
Email service providers

Your use of integrated services is subject to their respective terms and policies.

4. USER ACCOUNTS AND REGISTRATION

4.1. Account Creation: To use the Service, you must create an account by providing:

Valid email address
Secure password
Accurate personal information as requested

4.2. Age Requirement:

You must be at least 18 years old to create an account independently
Users under 18 may use the Service only under the supervision and authorization of a parent or legal guardian
Parents/guardians are responsible for all activities of minors using their account

4.3. Account Security: You are responsible for:

Maintaining the confidentiality of your account credentials
All activities that occur under your account
Notifying us immediately of any unauthorized access
Using a strong, unique password

4.4. Account Information: You agree to:

Provide accurate and complete information during registration
Keep your account information current and accurate at all times
Update information promptly when it changes

4.5. One Account Per Person: Each user may maintain only one free account. Multiple accounts by the same person may be suspended or terminated.

4.6. Account Sharing: You may not share your account credentials with others. You may grant access to specific information through our secure sharing features.

5. USER RESPONSIBILITIES AND CONDUCT

5.1. Data Accuracy: You are solely responsible for:

The accuracy and completeness of all information you upload
Keeping your medical information current
Correcting any errors in your data
Verifying information before sharing with healthcare providers

5.2. Lawful Use: You agree to use the Service only for lawful purposes and in accordance with these Terms and all applicable laws and regulations.

5.3. Prohibited Activities: You may NOT:

Upload false, misleading, fraudulent, or inaccurate information
Impersonate another person, entity, or healthcare professional
Attempt to gain unauthorized access to the Service, other users' accounts, or our systems
Use the Service to transmit viruses, malware, ransomware, or other harmful code
Interfere with or disrupt the Service or servers/networks connected to the Service
Violate any applicable local, state, national, or international law
Share your account login credentials with unauthorized parties
Use the Service for any commercial purpose without our written authorization
Scrape, data mine, or use automated tools to access the Service
Reverse engineer, decompile, or disassemble any part of the Service
Remove or modify any copyright, trademark, or proprietary notices
Upload or share content that infringes third-party intellectual property rights
Use the Service to spam, harass, threaten, or abuse others

5.4. Prohibited Content: You may not upload, store, or share:

Content that violates any law or regulation
Pornographic, sexually explicit, or adult content
Content promoting violence, terrorism, hate speech, or illegal activities
Malware, viruses, or malicious code
Content containing false information about medical professionals
Spam or unsolicited commercial communications
Content that infringes on others' privacy or rights
Medical information of others without proper authorization

5.5. Content Monitoring: We reserve the right (but have no obligation) to:

Monitor content for compliance with these Terms
Remove content that violates these Terms
Report illegal content to law enforcement
Suspend or terminate accounts that violate these Terms

5.6. Reporting Violations: If you become aware of violations of these Terms, please report them to Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo..

6. DATA OWNERSHIP, CONTROL, AND PRIVACY

6.1. Your Data Ownership: You retain all ownership rights to the information, documents, images, and other content you upload to DocQR ("Your Content"). We do not claim any ownership of Your Content.

6.2. Complete User Control: You have complete control over Your Content and can:

Download all your information at any time in standard formats
Delete specific records or your entire account immediately
Control who has access to specific information through unique access codes
Revoke access permissions at any time
Modify or update your information at any time
Export your data before account closure

6.3. Limited License to Operate Service: By uploading Your Content to DocQR, you grant us a limited, worldwide, non-exclusive, royalty-free license to:

Store and backup your data on our servers and content delivery network (CDN)
Display your data to you and to parties you specifically authorize
Process your data to provide Service features (including AI transcription when you request it)
Transmit your data through third-party services that you are aware of, necessary to operate the Service

6.4. What We Do NOT Do With Your Data:

We do NOT sell, rent, or trade your personal data to third parties
We do NOT train AI models on your personal medical data
We do NOT use your data for advertising or marketing purposes (except our own service communications)
We do NOT share identifiable data with third parties without your explicit permission
We do NOT access your data except as necessary to provide the Service, for technical support when you request it, or as required by law

6.5. Data Retention:

Your data is stored for the duration of your active account
After account deletion, we delete all your personal information, all your data is permanently deleted from our systems
Backups may retain data for up to an additional 90 days (90 days total)
We may retain certain non-identifiable metadata for legal and analytical purposes

6.6. Privacy Policy: Our collection, use, and protection of personal information is governed by our Privacy Policy, available at https://info.docqr.org/termsconditions#privacy , which is incorporated into these Terms by reference. Please review it carefully.

6.7. Security Measures: We implement industry-standard security measures including:

End-to-end encryption for data transmission
AES-256 encryption for data at rest
Secure, encrypted connections (TLS/SSL)
Regular security audits and penetration testing
Secure data centers with physical security
Access controls and authentication requirements
Regular backups stored in encrypted form
HIPAA-compliant security procedures and safeguards

6.8. Security Limitations: While we implement robust security measures, we cannot guarantee absolute security. You acknowledge that:

No internet transmission is completely secure
No electronic storage system is impenetrable
Security breaches can occur despite best efforts
You use the Service at your own risk

6.9. Data Breach Notification: In the event of a data breach that compromises your personal information, we will:

Notify affected users within 72 hours of discovery
Notify applicable regulatory authorities as required by law
Provide details about what information was affected
Take reasonable steps to remediate the breach
Cooperate with law enforcement investigations

6.10. International Data Transfers: Your data may be transferred to and stored on servers located outside your country of residence. By using the Service, you consent to such transfers. We ensure appropriate safeguards are in place for international data transfers.

7. SHARING MEDICAL INFORMATION

7.1. User-Controlled Sharing: You have complete control over who can access your information. Sharing is accomplished through:

Unique access codes that you generate
Specific record or category sharing (not necessarily full access)
Revocable access at any time

7.2. Access Code Management: You can:

Create multiple access codes for different recipients
Limit what information each code can access
View audit logs of who accessed your information and when
Revoke codes immediately at any time

7.3. Healthcare Professional Access: When you grant access to healthcare professionals:

They can view the information you've authorized
They may add notes, observations, or records to your profile
You can revoke their access at any time
They are independently responsible for verifying information accuracy
Their access is logged for your review

7.4. Emergency Alert Information:

You may designate certain information as "Public Information" (e.g., diabetes, epilepsy, drug allergies, emergency contacts)
"Public Information" may be visible to anyone who scans your QR code, even without an access code
You are responsible for keeping emergency information current and accurate
Emergency information should be limited to critical, life-saving details

7.5. Privacy Considerations:

Be cautious about what you designate as publicly visible emergency information
Review emergency information visibility settings regularly
You can disable emergency information visibility at any time

7.6. Third-Party Responsibility:

We are not responsible for how third parties use information you share with them
We cannot control what third parties do with information after you share it
Healthcare professionals accessing your information must comply with their own professional obligations
Sharing information with others is at your own discretion and risk

7.7. Access Logs: You can review logs showing:

Who accessed your information
When access occurred
What information was accessed
Location information (if available)

8. SUBSCRIPTION PLANS AND PAYMENTS

8.1. Plan Tiers:

DocQR offers three service tiers:

Basic (Free):

Core document storage features
Digital QR code access
Basic sharing capabilities
Community support

Pro (Paid Subscription):

Enhanced storage capacity
Additional features including image and file storage
Email notifications
Priority support

Premium (Paid Subscription):

Maximum storage capacity
All Pro features
Extended notification channels
Priority support with fastest response times
Advanced features like AI transcription, WhatsApp Bot and Beta Features

Current pricing, specific storage limits, and detailed feature comparison available at www.docqr.org

8.2. Billing Cycles:

Monthly subscriptions are billed on the same day each month
Annual subscriptions are billed once per year on the anniversary of purchase
Annual plans offer significant savings compared to monthly billing

8.3. Payment Authorization: By providing payment information, you authorize us to charge:

The applicable subscription fee on your billing date
Any applicable taxes
Fees for additional services (e.g., extra physical cards)
Past due amounts

8.4. Payment Methods: We accept:

Credit cards (Visa, Mastercard, American Express)
Debit cards
Stripe
Other payment methods

8.5. Automatic Renewal:

Subscriptions automatically renew unless cancelled before the renewal date
You will be charged automatically on your renewal date
We will send email reminders 7 days before renewal
You can cancel anytime before renewal to avoid charges

8.6. Cancellation:

You may cancel your subscription at any time through account settings or by contacting Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Cancellation takes effect at the end of your current billing period
You retain access to paid features until the end of the paid period
No refunds for partial periods

8.7. Refund Policy:

Physical cards: Refundable only if defective, within 30 days of receipt
Refunds are processed to the original payment method within 10 business days

8.8. Failed Payments:

If payment fails, we will attempt to charge your payment method up to 3 times over 10 days
You will receive email notifications of failed payment attempts
After 3 failures:
- Paid features are suspended immediately
- You have 30 days to update payment information
- Account may be downgraded to free tier after 30 days
- Data exceeding free tier limits may be restricted or deleted

8.9. Downgrades:

You can downgrade to a lower plan or free tier at any time
Downgrade takes effect at the end of current billing period
If your data exceeds new plan limits:
- You'll be notified about this
- You can download all your data before downgrade
- Excess data may become inaccessible or be deleted after 90 days of exceeded usage
- You have 90 days to upgrade again to restore access

8.10. Price Changes:

We reserve the right to modify subscription prices
Price changes apply at your next renewal after notice period
If you don't accept new prices, cancel before renewal

8.11. Disputed Charges:

You must notify us of disputed charges within 30 days: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
After 30 days, all charges are deemed accepted
We will investigate disputes promptly and respond within 10 business days

8.12. Taxes:

Prices do not include applicable taxes unless stated
You are responsible for all applicable sales tax, VAT, GST, or other taxes
Tax rates depend on your billing location
Business customers may provide valid tax exemption certificates

8.13. Currency:

All prices are in USD unless otherwise stated
Currency conversion fees may apply for non-USD payments

8.14. Promotional Offers:

Promotional pricing and offers are subject to specific terms
Promotions are time-limited unless stated otherwise
Only one promotion per account unless explicitly allowed
Promotional rates may expire, reverting to standard pricing

8.15. Donations:

Voluntary donations to support the project are accepted in any supported currency or cryptocurrency
Donations are non-refundable
Donations do not entitle you to additional features or services
Tax-deductibility depends on your local jurisdiction

9. PHYSICAL QR CARDS

9.1. Card Purchase:

Physical QR/NFC cards are available for separate purchase
Current card pricing displayed at www.docqr.org/
Cards contain your unique QR code and NFC chip for tap-to-access functionality

9.2. Card Activation:

Cards must be activated through your DocQR account
One card can be linked to one account at a time
Cards can be factory reset or reassigned to a different account if needed

9.3. Card Functionality:

QR code for visual scanning with any QR reader
NFC chip for tap-to-access with NFC-enabled devices
Durable, water-resistant design
Standard credit card size for wallet convenience
Links to the same information as your digital QR code

9.4. Shipping:

Cards are shipped to the address you provide during order
Shipping times vary by location (typically 5-20 business days)
Shipping costs vary by location and are displayed at checkout
We are not responsible for delays caused by customs or postal services
Lost or undelivered cards: Contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. within 30 days

9.5. Replacement Cards:

Lost cards: Replacement fee plus shipping (see www.docqr.org for current pricing)
Damaged cards: Free replacement within 1 year of purchase (factory defects only)
Voluntary replacements (e.g., design updates): Standard purchase price

9.6. Card Defects:

Report defects within 30 days of receipt
Defective cards are replaced free of charge
Return shipping provided for defective cards

9.7. Card Deactivation/Reset:

You can deactivate/factory reset a card at any time by contacting Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Deactivated cards will not provide access to your information
Physical cards remain your property

10. INTELLECTUAL PROPERTY

10.1. Service Ownership: The Service and all its components, including but not limited to software, code, algorithms, designs, user interface, graphics, logos, text, documentation, and other content (excluding User Content) are owned by DocQR and protected by:

Copyright laws
Trademark laws
Patent laws (where applicable)
Trade secret laws
Other intellectual property laws

10.2. Trademarks:

"DocQR.org," our logo, and related marks are trademarks of 4 Humans Works LLC
You may not use our trademarks without prior written permission
Healthcare providers may reference DocQR in communication with patients

10.3. Limited License to Use Service: We grant you a limited, non-exclusive, non-transferable, revocable license to:

Access and use the Service for personal, non-commercial purposes
Download and use our mobile-responsive web interface
Display your QR code as provided by the Service

This license does not permit you to:

Modify, copy, or create derivative works of the Service
Reverse engineer, decompile, or disassemble any part of the Service
Remove or modify any proprietary notices
Use the Service for commercial purposes without authorization
Frame or mirror any part of the Service

10.4. User Content License: See Section 6.3 for the license you grant us regarding Your Content.

10.5. Feedback: If you provide suggestions, ideas, or feedback about the Service:

You grant us unlimited rights to use such feedback
We have no obligation to implement feedback
We have no obligation to compensate you for feedback
Feedback is provided voluntarily

10.6. Third-Party Content: The Service may contain links to or integrate with third-party services. We do not own or control third-party content and are not responsible for it.

11. NOTIFICATION CHANNELS

IMPORTANT: Please read this section carefully to understand how notifications work.

11.1. Notification Delivery Methods: DocQR sends notifications through various channels (Ex.: email, WhatsApp) depending on your subscription plan, see www.docqr.org for details.

11.2. Notification Types: You may receive notifications for:

QR code scan alerts
Security alerts and NFC scan alerts
Reminders for appointments or medication (if configured)
Service announcements
Bot replies to interact with the service

11.3. Third-Party Communication Services:

We could use third-party services to deliver notifications
These services are separate from DocQR and have their own terms and privacy policies
We have no control over third-party service availability or policies

11.4. Communication Channel Clarification:

Notification channels are used ONLY for sending alerts and notifications TO you
You upload documents and information directly through the DocQR web interface or designated upload methods
Communication channels do NOT process your medical documents

11.5. Consent to Receive Notifications: By providing contact information (email, phone number) and enabling notifications, you consent to receive:

Scan alerts when your QR code is accessed
Security notifications
Service messages
Reminders you have configured
Important account updates
Critical security alerts may be sent regardless of preferences

11.6. Opting Out:

Critical security and legal notifications cannot be disabled while account is active
You can change notification preferences at any time

11.8. International Considerations:

Notification delivery may vary by country
You may be responsible for data charges from your service provider
International messaging rates may apply where applicable

11.9. Delivery Limitations: We do not guarantee notification delivery because:

Third-party services may experience outages
Your contact information may be incorrect or outdated
Messages may be blocked by spam filters
Network issues may prevent delivery

12. ARTIFICIAL INTELLIGENCE FEATURES

12.1. AI Transcription Service:

AI transcription uses machine learning to convert images of documents into editable text
Supported languages: Spanish, English, Portuguese (additional languages may be supported)
Works with photos of prescriptions, lab results, medical reports, and other documents

12.2. AI Accuracy Disclaimer:

AI transcription is provided to assist with document processing but is NOT 100% accurate
AI-generated text may contain errors, omissions, or misinterpretations
Medical terminology may be incorrectly transcribed
Handwritten documents may have lower accuracy than printed documents
YOU ARE RESPONSIBLE for reviewing and verifying all AI-transcribed content for accuracy

12.3. User Review Requirement:

Always review AI-transcribed content carefully before relying on it
Compare transcribed text against the original document
Correct any errors manually
Do not share AI-transcribed information with healthcare providers without verification
AI transcription is a convenience tool, not a substitute for accurate manual entry

12.4. AI Limitations:

AI cannot interpret medical meaning or provide medical advice
AI may not recognize all medical abbreviations or terminology
Poor quality images result in poor transcription accuracy
AI cannot verify the authenticity or validity of documents

12.5. No Medical Liability:

We are not liable for medical decisions based on AI-transcribed information
We are not liable for errors, omissions, or inaccuracies in AI transcriptions
Healthcare providers must verify all information independently

12.6. AI Data Usage:

We do NOT train AI models on your personal medical data
AI processing is performed partially only by third-party AI service providers under strict data protection agreements
AI providers may use anonymized, de-identified fragments of your data to improve their response
Your original documents remain private and are not shared beyond necessary processing

12.7. Error Reporting:

If you notice systematic AI transcription errors, please report them to Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
We use feedback to improve AI accuracy
Reporting errors does not guarantee immediate improvements

12.8. Beta Features:

Some AI features may be marked as "beta," "experimental," or "preview"
Beta features are provided for testing purposes with no warranty
Beta features may contain more errors or perform unpredictably
Beta features may be discontinued without notice
Use beta features at your own risk

13. SERVICE LEVEL AND AVAILABILITY

13.1. Uptime Commitment:

We target 99% monthly uptime for the Service
Uptime is calculated monthly, excluding scheduled maintenance
Uptime commitment applies to paid subscribers only

13.2. Scheduled Maintenance:

We may perform scheduled maintenance that temporarily interrupts Service
Scheduled maintenance is announced at least 48 hours in advance via email
We schedule maintenance during low-usage periods when possible
Scheduled maintenance does not count against uptime commitment

13.3. Unscheduled Downtime:

Despite our best efforts, unscheduled downtime may occur
We will work to restore Service as quickly as possible
Status updates will be posted at status.docqr.org (if available)

13.4. Service Credits: For paid subscribers only:

Outages exceeding 24 consecutive hours: 7 days added to subscription
Outages exceeding 72 consecutive hours: 30 days added to subscription
Outages exceeding 7 consecutive days: Full month refund

Service credits:

Are the exclusive remedy for downtime
Must be requested within 30 days of outage: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Cannot be combined with refunds
Do not apply during scheduled maintenance or force majeure events

13.5. No Uptime Guarantee for Free Tier:

Free tier users receive best-effort service with no uptime guarantee
Free tier users are not eligible for service credits

13.6. Third-Party Dependencies:

Our Service depends on third-party infrastructure (Cloudflare, hosting providers, communication services, etc.)
We are not responsible for third-party service outages
We will make reasonable efforts to maintain Service despite third-party issues

14. LIMITATION OF LIABILITY

PLEASE READ THIS SECTION CAREFULLY AS IT LIMITS OUR LIABILITY TO YOU.

14.1. "AS IS" and "AS AVAILABLE": The Service is provided "AS IS" and "AS AVAILABLE" without warranties of any kind, either express or implied, including but not limited to:

Warranties of merchantability
Warranties of fitness for a particular purpose
Warranties of non-infringement
Warranties of title
Warranties arising from course of dealing or usage of trade

14.2. No Warranties: We do NOT warrant that:

The Service will meet your requirements or expectations
The Service will forever be uninterrupted, timely, secure, or error-free
Results obtained from the Service will be accurate or reliable
Quality of any products, services, information, or other material obtained through the Service will meet your expectations
Any errors in the Service will be corrected
Data will never be lost or corrupted
The Service will be compatible with all devices or browsers
AI features will be accurate or error-free

14.3. Types of Excluded Damages: TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE SHALL NOT BE LIABLE FOR:

Any indirect, incidental, special, consequential, or punitive damages
Loss of profits, revenue, or business opportunities
Loss of data (beyond what we can recover from backups)
Loss of goodwill or reputation
Cost of substitute services
Personal injury or emotional distress
Medical consequences arising from Service use or inability to use Service
Any damages arising from third-party actions, integrations, or services
Any damages arising from unauthorized access to or alteration of your data
Any damages arising from reliance on AI-generated content

14.4. Maximum Liability - Tiered Structure: TO THE MAXIMUM EXTENT PERMITTED BY LAW, OUR TOTAL LIABILITY TO YOU FOR ANY AND ALL CLAIMS ARISING FROM OR RELATED TO THESE TERMS OR THE SERVICE SHALL NOT EXCEED:

Free tier users: $10 USD
Paid subscribers: The greater of (a) amounts you paid us in the 12 months prior to the claim, or (b) $100 USD
Physical card defects: Limited to replacement cost of the card

14.5. Exceptions to Liability Limitations: Nothing in these Terms limits or excludes liability for:

Death or personal injury caused by our gross negligence or willful misconduct
Fraud or fraudulent misrepresentation
Gross negligence or willful misconduct in handling your data
Violations that cannot be limited by applicable law
Consumer protection rights that cannot be waived under your local law

14.6. Data Breach Liability: In case of a data breach we will provide:

Prompt notification (within 72 hours of discovery)
Cooperation with law enforcement
Reasonable remediation efforts

However, our monetary liability for data breaches remains subject to Section 14.4 except where prohibited by law.

14.7. Force Majeure: We are not liable for any failure or delay in performance resulting from circumstances beyond our reasonable control, including but not limited to:

Acts of God (earthquakes, floods, fires, storms, pandemics)
War, terrorism, riots, civil unrest
Government actions, laws, regulations, or orders
Internet or telecommunications failures
Power outages or utility failures
Cyberattacks, DDoS attacks, hacking attempts
Third-party service outages (Cloudflare, hosting providers, communication services, payment processors)
Labor disputes or strikes
Supplier or vendor failures

14.8. Allocation of Risk: You acknowledge that:

The fees charged by DocQR reflect this allocation of risk
These limitations are reasonable given the nature of the Service
You are obtaining insurance or taking other precautions as needed
You have read and understood these limitations

14.9. Multiple Claims: Multiple claims will not expand our liability beyond the limits stated in Section 14.4.

14.10. Jurisdictional Variations: Some jurisdictions do not allow certain limitations of liability. If you are in such a jurisdiction, some limitations may not apply to you, but only to the minimum extent required by law.

15. INDEMNIFICATION

15.1. Your Indemnification Obligation: You agree to indemnify, defend, and hold harmless DocQR, its parent company, subsidiaries, affiliates, officers, directors, employees, agents, partners, licensors, and service providers (collectively, "DocQR Parties") from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees and legal costs) arising from or related to:

Your use or misuse of the Service
Your violation of these Terms
Your violation of any law, regulation, or third-party rights
Your Content (including inaccuracies, false information, or infringement of third-party rights)
Unauthorized use of the Service by others using your account
Your sharing of medical information with third parties
Medical decisions made by you or others based on information in your DocQR account
Disputes with healthcare providers or other users
Your negligence or willful misconduct

15.2. Defense of Claims:

We will provide you with prompt notice of any claim subject to indemnification
You will assume control of the defense and settlement of the claim
We may participate in defense with counsel of our choice at our expense
You will not settle any claim without our prior written consent if settlement imposes obligations on us

15.3. Cooperation:

You will reasonably cooperate with us in the defense of any claim
We will reasonably cooperate with you in the defense
Each party will bear its own costs of cooperation unless otherwise agreed

15.4. Limitation: Your indemnification obligation does not apply to claims arising solely from our gross negligence or willful misconduct.

16. TERMINATION

16.1. Termination by You:

You may terminate your account at any time through account settings or by emailing Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Provide your account email and confirmation of intent to terminate
Download your data before terminating

16.2. Effect of Voluntary Termination:

Access to the Service terminates immediately
Paid subscriptions are cancelled (no refund for unused time unless within refund period)
Data is retained for 90 days in case you want to restore your account
After 90 days, all data is permanently deleted from our systems (backups may retain data for additional 30 days)

16.3. Termination or Suspension by Us: We may suspend or terminate your account immediately, with or without notice, for:

Violation of these Terms
Uploading prohibited content
Engaging in fraudulent activity
Attempting to hack or compromise the Service
Providing false or fraudulent payment information
Impersonating others or providing false identity information
Repeated complaints from other users or healthcare providers
Excessive or abusive use of support services
Court order or legal requirement
Suspected criminal activity
Non-payment of fees (after grace period)
Inactivity (free accounts inactive for 3+ years may be deleted after notice)

16.4. Notice of Termination:

When possible, we will provide notice before terminating
Immediate termination may occur for serious violations
Notice will be sent to your registered email address

16.5. Effect of Termination for Cause:

Access to Service terminates immediately
No refund of prepaid fees
You remain liable for any outstanding fees
Data may be deleted immediately or retained for legal purposes

16.6. Data Recovery:

If terminated by us in error, contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. within 30 days
If termination is reversed, data will be restored if still available
No guarantees of data restoration after 90 days

16.7. Survival of Terms: The following sections survive termination:

Section 6 (Data Ownership - regarding license granted)
Section 10 (Intellectual Property)
Section 14 (Limitation of Liability)
Section 15 (Indemnification)
Section 18 (Dispute Resolution)
Any payment obligations incurred before termination
Any other provisions that by their nature should survive

16.8. Post-Termination Data Requests:

After 90-day retention period, we cannot recover your data
Requests for data after 90 days will be denied
We recommend downloading data before terminating

17. MODIFICATIONS TO SERVICE AND TERMS

17.1. Service Modifications: We reserve the right to:

Modify, suspend, or discontinue any aspect of the Service at any time
Add or remove features
Change how features work
Update user interface or design
Modify technical infrastructure

17.2. No Obligation to Maintain Features:

We have no obligation to maintain any particular feature
We may discontinue features that are underutilized or costly to maintain
Beta features may be discontinued without notice

17.3. Notice of Service Changes:

Material changes affecting core functionality will be announced publicly
Minor updates may not be announced
Continued use constitutes acceptance of changes

17.4. Terms Modifications: We may update these Terms from time to time for reasons including:

Changes in law or regulation
Changes to the Service
Changes in business practices
Security or privacy improvements
Clarifications or corrections

17.5. Notice of Terms Changes:

Material and Non-material changes: Posted on website with updated "Last Updated" date
Continued use after notice period constitutes acceptance

17.6. Material vs. Non-Material Changes:

Material changes include:

Changes to pricing or payment terms (beyond normal price increases)
Significant changes to data retention or privacy practices
Changes to limitation of liability
Changes to dispute resolution procedures
Significant changes to core features

Non-material changes include:

Clarifications of existing terms
Corrections of typos or formatting
Updates to contact information
Minor feature updates

17.7. Rejection of Changes:

If you don't accept material changes, you may terminate your account before changes take effect
Termination before changes take effect may entitle you to pro-rata refund of unused subscription time
Continued use after effective date means you accept changes

18. DISPUTE RESOLUTION

PLEASE READ THIS SECTION CAREFULLY. IT AFFECTS YOUR LEGAL RIGHTS.

18.1. Informal Resolution First: Before filing any formal claim, you agree to:

Contact us at Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. with details of your dispute
Provide your account information and a description of the issue
Give us 30 days to attempt to resolve the issue informally
Participate in good faith discussions to resolve the dispute

We commit to:

Responding within 10 business days
Assigning a dedicated representative to your case
Making good faith efforts to resolve the dispute
Providing a substantive response within 30 days

18.2. Arbitration Agreement: If informal resolution fails, disputes shall be resolved through binding arbitration, EXCEPT:

Small claims court actions within jurisdictional limits
Intellectual property infringement claims (trademark, copyright, patent, trade secret)

18.3. Opt-Out Right: You may opt out of arbitration by:

Sending written notice to Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Within 30 days of account creation (for new users) or 30 days of Terms change (for existing users)
Including your name, email, account username, and clear statement of opt-out
Using subject line: "Arbitration Opt-Out"

Opting out:

Does not affect any other Terms
Means disputes will be resolved in court (Section 18.8)
Is permanent for your account (cannot opt back in)

18.4. Governing Law: These Terms are governed by the laws of Delaware, United States, without regard to conflict of law principles.

18.5. Jurisdiction and Venue (if arbitration doesn't apply): For disputes not subject to arbitration:

Exclusive jurisdiction: state and federal courts located in Newark, Delaware
You consent to personal jurisdiction in these courts
You waive any objection to venue in these courts

18.6. Injunctive Relief: Either party may seek injunctive relief in court for:

Intellectual property infringement
Breach of confidentiality
Unauthorized access to systems
Other matters requiring immediate action

18.7. Class Action Waiver (where applicable):

You agree to resolve disputes individually
You waive any right to bring or participate in class actions, collective actions, or representative actions
You waive any right to serve as class representative
Arbitrator may not consolidate multiple parties' claims

18.8. Severability of Dispute Resolution: If any part of this dispute resolution section is found unenforceable:

The remainder remains in effect
If class action waiver is unenforceable, arbitration provision is void
Disputes will then be resolved in court per Section 18.5

18.9. No Waiver: Failure to enforce any part of these Terms is not a waiver of our right to enforce it later.

19. HEALTHCARE COMPLIANCE

IMPORTANT HEALTHCARE REGULATORY INFORMATION

19.1. HIPAA Compliance:

DocQR is designed to be HIPAA compliant and has implemented appropriate administrative, physical, and technical safeguards
We have established policies and procedures to protect electronic protected health information (ePHI)
We maintain security measures that meet or exceed HIPAA Security Rule requirements
We conduct regular risk assessments and security audits
We have incident response procedures for potential breaches of ePHI

19.2. Personal Health Record (PHR) Platform:

DocQR functions as a Personal Health Record (PHR) platform
As a PHR, certain HIPAA provisions apply differently than they would to covered entities
You, as the user, control your own health information
Information you voluntarily upload is under your control

19.3. Business Associate Agreements:

For healthcare providers who are HIPAA covered entities, we can enter into Business Associate Agreements (BAAs)
Healthcare organizations interested in BAAs should contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
BAAs outline specific HIPAA obligations and safeguards
Standard user accounts do not require BAAs

19.4. User Control and Consent:

You control who accesses your information through access codes
Sharing information with healthcare providers or others is your voluntary choice
You maintain HIPAA rights regarding information obtained from covered entities
When you upload information to DocQR, you grant us permission to store and process it as described in these Terms

19.5. Healthcare Provider Responsibilities: If you are a healthcare provider using DocQR:

You must obtain appropriate patient consent/authorization before accessing patient information
You are responsible for your own HIPAA compliance obligations
You must maintain official medical records in your primary system
You should conduct your own HIPAA risk assessment for using DocQR in your practice
Contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. to discuss BAA requirements

19.6. International Data Protection:

GDPR (Europe): If you are in the EU/EEA, additional rights apply under GDPR as outlined in our Privacy Policy
LGPD (Brazil): Brazilian users have rights under LGPD as outlined in our Privacy Policy
Other Jurisdictions: Users in other jurisdictions may have additional rights under local data protection laws

19.7. Medical Device Regulations:

DocQR is NOT a medical device under FDA regulations or equivalent international regulations
DocQR does not diagnose, treat, cure, or prevent any disease or condition

19.8. Professional Licensure:

Healthcare professionals using DocQR must maintain appropriate licensure in their jurisdiction
DocQR does not verify professional credentials
Patients are responsible for verifying healthcare provider credentials independently

19.9. Telemedicine Disclaimer:

DocQR does not provide telemedicine or telehealth services
DocQR does not facilitate real-time medical consultations
DocQR is a record-keeping and information sharing tool only

19.10. Research and De-identification:

We do not use identifiable personal health information for research without explicit consent
We may create de-identified, aggregate statistics for service improvement
De-identified data cannot be re-identified to individual users
Any research use of data complies with applicable regulations

19.11. Breach Notification:

We comply with HIPAA Breach Notification Rule where applicable
We comply with applicable state and international breach notification laws
See Section 6.9 for our breach notification procedures

19.12. Patient Rights:

You have the right to access your data at any time
You have the right to download and export your data
You have the right to correct or amend your data
You have the right to delete your data
See our Privacy Policy for complete information on your rights

20. EXPORT CONTROLS AND SANCTIONS

20.1. Compliance Representation: You represent and warrant that:

You are not located in, under the control of, or a national or resident of any country subject to U.S. embargo, sanctions, or trade restrictions (including but not limited to Cuba, Iran, North Korea, Syria, Crimea region)
You are not on any U.S. government list of prohibited or restricted parties (including Specially Designated Nationals List, Denied Persons List, Entity List)
You will not use the Service in violation of any export or import laws

20.2. Prohibited Use: You may not:

Access or use the Service if you are subject to U.S. sanctions
Export, re-export, or transfer the Service to prohibited destinations or persons
Use the Service for any purpose prohibited by U.S. law

20.3. International Users:

International users must comply with their local export and import laws
You are responsible for determining whether your use complies with applicable laws

20.4. Changes in Sanctions:

If you become subject to sanctions or trade restrictions, you must immediately stop using the Service and notify us
We may immediately suspend or terminate accounts subject to sanctions without liability

21. AUDIT RIGHTS

21.1. Our Audit Rights: We reserve the right to audit accounts and usage for:

Compliance with these Terms
Verification of subscription tier usage
Detection of fraudulent or abusive activity
Verification of billing information accuracy
Security and abuse prevention

21.2. Audit Procedures:

Audits will be conducted with reasonable notice when possible
We will minimize disruption to your use of the Service
We may use automated tools to monitor usage patterns

21.3. Your Cooperation: You agree to:

Cooperate with reasonable audit requests
Provide requested information within reasonable timeframes
Allow access necessary to conduct audits

21.4. Audit Results: If an audit reveals:

Underpayment: You will be charged for unpaid fees plus 5% administrative charge
Violations: We may suspend or terminate your account
Fraudulent activity: We may pursue legal action and recovery of investigation costs
Compliance: No action taken

21.5. Confidentiality:

Audit information will be kept confidential
Results will only be used for enforcement purposes
We will not share audit results with third parties except as required by law

22. SPECIAL PROVISIONS FOR INSTITUTIONAL USERS

22.1. Healthcare Providers: If you are a healthcare provider (physician, nurse, clinic, hospital, etc.) using DocQR:

Professional Responsibility: You maintain full professional responsibility for patient care decisions
Record-Keeping: DocQR is supplemental; maintain official records in your primary HIPAA-compliant system
Patient Authorization: Obtain appropriate patient consent/authorization before accessing their DocQR records
Regulatory Compliance: You are responsible for ensuring your use complies with HIPAA, state medical board rules, and other applicable regulations
Verification: Verify information accuracy before relying on it for medical decisions
Liability: You bear full professional liability for medical decisions
Business Associate Agreement: Contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. to discuss BAA requirements
Consultation: Consult your compliance officer, risk management, or legal counsel about using DocQR in your practice

22.2. Healthcare Organizations: For hospitals, clinics, group practices, or other healthcare organizations:

Institutional BAA: Contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. to discuss Business Associate Agreements for institutional use
Staff Training: You are responsible for training staff on proper DocQR use and HIPAA compliance
Access Controls: Implement your own policies for staff access to patient DocQR records
Enterprise Plans: Contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. for multi-user institutional licensing
Integration: Discuss potential integration with your existing EHR systems

22.3. Government Entities: For government agencies, public health departments, or other government users:

Terms Acceptance: You must have proper authority to accept these Terms on behalf of your government entity. Unauthorized acceptance may void the agreement.
Special Arrangements: Contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. for government-specific arrangements if standard terms are insufficient.

22.4. Educational Institutions: For medical schools, nursing schools, or other educational institutions:

Student Use: You must ensure students understand DocQR for educational purposes and proper use
Patient Privacy: You must ensure proper authorization when using real patient information for educational purposes
Educational Licenses: Contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. for educational institutional licensing

22.5. Insurance Companies and Payers: For insurance companies, health plans, or other payers:

Patient Authorization: Insurance may only access patient DocQR records with proper patient authorization
Data Use: Use patient data only for authorized purposes
Business Associate Requirements: Contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. to discuss BAA requirements

23. ACCESSIBILITY

23.1. Commitment to Accessibility:

We strive to make DocQR accessible to users with disabilities
We follow Web Content Accessibility Guidelines (WCAG) 2.1 Level AA standards where feasible
We are committed to continuously improving accessibility

23.2. Accessibility Features:

Keyboard navigation support
Screen reader compatibility
Adjustable text size
High contrast options (where available)

23.3. Feedback and Assistance:

If you encounter accessibility barriers, please contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
We welcome feedback on how to improve accessibility
We will make reasonable efforts to address accessibility concerns

23.4. Third-Party Content:

We are not responsible for accessibility of third-party services we integrate with
Third-party content may not meet accessibility standards

23.5. No Guarantee:

While we make reasonable efforts, we do not guarantee full accessibility compliance at all times
We are continuously working to improve accessibility

24. GENERAL PROVISIONS

24.1. Entire Agreement: These Terms, together with our Privacy Policy, constitute the entire agreement between you and DocQR regarding the Service and supersede all prior agreements, understandings, and communications.

24.2. Severability: If any provision of these Terms is found to be invalid, illegal, or unenforceable:

That provision shall be modified to achieve the original intent to the maximum extent possible
If modification is not possible, that provision shall be severed
The remaining provisions shall remain in full force and effect

24.3. No Waiver:

Our failure to enforce any provision does not constitute a waiver of that provision or any other provision
Any waiver must be in writing and signed by an authorized representative
Waiver of one breach does not waive subsequent breaches

24.4. Assignment:

You may not assign, transfer, or delegate these Terms or your rights/obligations without our prior written consent
We may assign these Terms to any successor, affiliate, or in connection with a merger, acquisition, or sale of assets
These Terms bind and benefit the parties and their permitted successors and assigns

24.5. No Third-Party Beneficiaries: These Terms do not create any third-party beneficiary rights except as expressly stated.

24.6. Force Majeure: We are not liable for delays or failures in performance resulting from circumstances beyond our reasonable control (see Section 14.7 for complete list).

24.7. Relationship of Parties:

These Terms do not create a partnership, joint venture, employment, or agency relationship
Neither party has authority to bind the other
You are an independent user of the Service

24.8. Notices:

Legal notices to you will be sent to your registered email address
Notices to us should be sent to Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Notices are deemed received when sent (email) or 3 business days after mailing (postal mail)
You must keep your email address current

24.9. Language:

The English version of these Terms is the official version
Translations are provided for convenience only
In case of conflict, the English version controls

24.10. Electronic Signatures and Communications:

Your electronic acceptance of these Terms constitutes a binding signature
You consent to receive communications electronically
Electronic communications satisfy legal written notice requirements

24.11. Headings: Section headings are for convenience only and do not affect interpretation of these Terms.

24.12. No Construction Against Drafter: These Terms shall not be construed against us as the drafter. Both parties have had opportunity to review and negotiate these Terms.

24.13. Survival: Provisions that by their nature should survive termination will survive, including but not limited to: ownership provisions, warranty disclaimers, indemnity, limitations of liability, and dispute resolution.

25. CONTACT INFORMATION

For questions, concerns, or notices regarding these Terms, please contact us:

DocQR.org

General Inquiries: Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. | Website: www.docqr.org/contact
Legal Matters: Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Privacy Concerns: Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Accessibility Issues: Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Healthcare Provider/Enterprise Inquiries: Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Security Issues: Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Billing Questions: Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Data Subject Requests (GDPR, LGPD): Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.

26. ACKNOWLEDGMENT

BY CREATING AN ACCOUNT, CLICKING "I ACCEPT," OR USING THE SERVICE, YOU ACKNOWLEDGE THAT:

You have read and understood these Terms and Conditions in their entirety
You agree to be bound by these Terms
You have read and understood Section 2 (Critical Disclaimers) and understand that DocQR is not a medical device, does not provide medical advice, and should not be used for emergencies
You understand your responsibilities regarding data accuracy and verification
You understand the limitations of liability described in Section 14 of these Terms and Conditions
You understand the dispute resolution procedures in Section 18 of these Terms and Conditions
You are of legal age and capacity to enter into these Terms
If you are using the Service on behalf of an organization, you have authority to bind that organization to these Terms

If you do not agree to these Terms, you must not use the Service.

DOCQR.ORG PRIVACY POLICY

1. INTRODUCTION

This Privacy Policy describes how DocQR.org ("DocQR," "we," "us," or "our") collects, uses, and protects your personal information when you use DocQR.org. DocQR is a Personal Health Record (PHR) platform that helps you store and share your medical information securely.

By using our Service, you agree to this Privacy Policy and our Terms and Conditions.

2. INFORMATION WE COLLECT

2.1. Information You Provide

Account Information: Email, password, name, contact details
Medical Information: Medical records, documents, health data, prescriptions, lab results, photos of medical documents
Communication Data: Support messages, feedback

2.2. Information Collected Automatically

Usage Data: Pages accessed, QR code scans, access times
Technical Data: Device info, IP address, browser type
Cookies: For authentication, security, and basic analytics

3. HOW WE USE YOUR INFORMATION

3.1. Core Services

Store and manage your health records
Provide QR code and NFC access to your information
Enable secure sharing with people you authorize
Send notifications and alerts (scan alerts, security notices)

3.2. Account and Business Operations

Manage your account and subscriptions
Process payments
Provide customer support
Improve our services
Comply with legal obligations

3.3. What We DON'T Do

We do NOT sell, rent, or trade your personal data
We do NOT use your medical data for advertising
We do NOT train AI models on your personal medical data
We do NOT access your data except to provide services or when you request support

4. INFORMATION SHARING

4.1. With Your Authorization

Healthcare providers and others you specifically authorize through access codes
Emergency information you choose to make publicly visible
Process AI transcription, when you request it
Data exports you request

4.2. Service Providers (Limited Access Only)

Cloud hosting for secure data storage
Payment processors for subscriptions
Communication services for notifications
AI services for document transcription

4.3. Legal Requirements

Valid court orders and legal processes
Law enforcement requests where required by law
Protection of rights and safety

4.4. We Do NOT Share

Your data with advertisers
Personal information for marketing by third parties
Medical information without your explicit permission

5. DATA SECURITY

5.1. Security Measures

End-to-end encryption for data transmission
AES-256 encryption for stored data
Secure servers with physical and digital protection
Access controls and authentication requirements
Regular security monitoring

5.2. HIPAA Compliance

We implement HIPAA-compliant security safeguards
Business Associate Agreements available for healthcare providers
Contact Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. for BAA information

5.3. Data Breach Response

Immediate containment and investigation
User notification within 72 hours
Regulatory notification as required by law
Remediation and prevention measures

6. DATA RETENTION AND DELETION

6.1. While Your Account is Active

Your data remains accessible to you at all times
You can modify, update, or delete records anytime
Secure backups maintained for data protection

6.2. Account Deletion

All personal data permanently deleted immediately
90-day recovery period if you want to restore
After 90 days, all data is permanently destroyed
Some transaction records may be retained for legal/tax requirements

7. YOUR PRIVACY RIGHTS

7.1. Universal Rights (All Users)

Access: View all information we have about you
Correction: Fix any inaccurate information
Deletion: Delete your account and all data
Portability: Download your data
Control: Manage sharing and access permissions

7.2. Regional Rights

EU/EEA Users (GDPR):

Right to object to processing
Right to restrict processing
Right to withdraw consent
Right to lodge complaints with supervisory authorities

Brazil Users (LGPD):

Right to information about data sharing
Right to anonymization or blocking
Right to portability to other providers

7.3. How to Exercise Your Rights

Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Account Settings: Use built-in privacy controls
Response Time: Within 30 days

8. INTERNATIONAL TRANSFERS

Your data may be stored and processed in the United States and other countries. We ensure appropriate safeguards are in place for international data transfers, including:

Standard Contractual Clauses for EU data
Compliance with GDPR and other applicable laws
Additional protections for sensitive health data

9. COOKIES AND TRACKING

9.1. Types of Cookies

Essential: Authentication, security, core functionality
Analytics: Usage statistics to improve our service
Preferences: Your settings and preferences

9.2. Your Control

Manage cookies through your browser settings
Some cookies are necessary for the service to function
You can opt-out of non-essential tracking

10. CHILDREN'S PRIVACY

Users must be 18+ to create independent accounts
Minors may use the service under parent/guardian supervision
Parents/guardians responsible for minor's data and activities

11. THIRD-PARTY SERVICES

Our service integrates with third-party providers:

Payment processing (Stripe)
Communication services (email, WhatsApp)
AI transcription services
Cloud infrastructure

These services have their own privacy policies. We require all providers to protect your data according to strict standards.

12. UPDATES TO THIS POLICY

12.1. When We Update

Changes in laws or regulations
New features or services
Enhanced privacy protections

12.2. How We Notify You

Email notification for material changes
30 days advance notice for significant changes
Posted on our website with updated date

13. HEALTHCARE-SPECIFIC INFORMATION

13.1. Personal Health Records (PHR)

You control your own health information
Different privacy rules than traditional healthcare providers
You choose what to store and who to share with

13.2. Healthcare Provider Access

Only with your explicit authorization
All access is logged and auditable
You can revoke access anytime
Healthcare providers responsible for their own compliance

13.3. Emergency Information

You may designate information as publicly visible for emergencies
Limited to critical, life-saving details
You control what's visible and can disable anytime

14. CONTACT US

14.1. Privacy Questions

Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Subject: "Privacy Inquiry"

14.2. Data Rights Requests

Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
Subject: "Data Rights Request"
Include: Your account information and specific request

14.3. Healthcare and Enterprise

Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
For: BAA requests, enterprise privacy questions

14.4. Contact Information

DocQR.org - Digital Health for Everyone
Email: Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo. - Website: www.docqr.org