Children's Privacy Notice: This application's target audience includes children under the age of 13. We are committed to complying with the Children's Online Privacy Protection Act (COPPA), the General Data Protection Regulation (GDPR), the Hong Kong Personal Data (Privacy) Ordinance (PDPO), and Google Play's Families Policy to protect children's privacy.
E-See (the "Application") is developed and operated by Fletrix ("we," "us," or "our"). The Application is a medical and clinic appointment service platform that allows users to browse clinic information, manage patient profiles, make appointments, and receive notifications.
This Privacy Policy explains how we collect, use, disclose, process, and protect your personal data when you use the Application. The Application's target audience includes children under the age of 13, and therefore we place special emphasis on protecting children's privacy.
By using the Application, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you are a parent or guardian of a child under 13, please carefully read this policy, particularly the "Children's Privacy Protection" section.
2. Information We Collect
We collect the following categories of personal data:
2.1 Information You Provide Directly
Data Category
Specific Items
Purpose
Account Data
Phone number (with country code), password
Account creation and login verification
Personal Profile
Last name, first name, email address (optional), phone number, date of birth (optional)
Member profile management
Patient Profiles
Last name, first name, date of birth (optional), contact phone number
Patient record and appointment management
Appointment Data
Selected clinic, service, doctor, date and time
Processing and managing appointments
Preferences
Interface language preference, selected district
Providing localized experience and filtering relevant clinics
Favourite Clinics
User's list of favourite clinics
Quick access to frequently used clinics
2.2 Information Collected Automatically
Data Category
Specific Items
Purpose
Device Data
Device model, operating system version
Push notifications and compatibility
Push Notification Token
Expo Push Token
Sending appointment reminders and notifications
2.3 Information We Do NOT Collect
The Application does NOT collect the following data:
Precise GPS location data
Contacts or address book data
Camera or microphone data
SMS or call log data
Browsing history
Android Advertising ID (AAID)
IMEI, IMSI, SIM serial number, or other persistent device identifiers
3. How We Use Information
We use the collected data solely for the following purposes:
Service Provision: Processing account registration, managing appointments, and displaying clinic information.
Personalization: Providing relevant content based on language preferences and selected district.
Calendar Integration: With your permission, adding appointment reminders to your device calendar.
Service Improvement: Fixing bugs and improving application stability and performance.
Legal Compliance: Complying with applicable laws, regulations, and legal processes.
Important Notice: We do NOT use your personal data for behavioral advertising, interest-based advertising, remarketing, or sale to third parties. The Application currently contains no advertisements.
4. How We Share Information
We do not sell your personal data. We only share data in the following circumstances:
Clinic Service Providers: To fulfill appointments, we share necessary appointment and patient data with your selected clinic.
Service Providers: We share data with third-party service providers who assist us in operating the Application (see Section 7). These providers are contractually obligated to protect your data.
Legal Requirements: We may need to disclose data if required by law or in response to valid legal process.
Safety: To protect our rights, property, or safety, or those of our users or the public.
5. Children's Privacy Protection
This section specifically addresses our privacy protection measures for children under the age of 13. We strictly comply with the Children's Online Privacy Protection Act (COPPA), the child data protection provisions of the General Data Protection Regulation (GDPR), the Hong Kong Personal Data (Privacy) Ordinance (PDPO), and Google Play's Families Policy.
5.1 Parental/Guardian Consent
For child users under the age of 13:
Children's accounts must be created and managed by a parent or legal guardian.
We require verifiable parental consent before collecting any personal data from children.
Parents/guardians have the right to review, modify, or delete their child's personal data at any time.
Parents/guardians may withdraw consent and request deletion of their child's data at any time.
5.2 Restrictions on Children's Data Collection
For children under the age of 13, we:
Collect only the minimum data necessary to provide the service (name and contact phone provided by the parent).
Do NOT collect personal data beyond what is reasonably necessary.
Do NOT require children to disclose more personal data than is reasonably necessary to participate in an activity.
Do NOT transmit Android Advertising ID (AAID), SIM serial number, IMEI, or other persistent device identifiers.
Do NOT conduct behavioral tracking or serve interest-based or behaviorally targeted advertising.
Do NOT allow children to publicly share personal data.
5.3 SDK and API Compliance
All SDKs and APIs used in the Application comply with requirements for use in children's services. We do not use any SDKs or APIs that are not approved for use in children's services. Specifically:
We do not integrate any advertising SDKs.
We do not use APIs that utilize OAuth technology for authentication whose terms of service indicate they are not approved for children's services.
Expo Push Notifications, Firebase Cloud Messaging (FCM), and Apple Push Notification service (APNs) are used solely for delivering push notifications and comply with requirements for children's services.
5.4 No Advertising Policy
The Application contains no advertisements, including but not limited to:
No banner or interstitial advertisements
No native advertisements
No interest-based or behaviorally targeted advertisements
No remarketing advertisements
No third-party advertising SDKs
5.5 No Social Features
The Application does not include social features. Children cannot interact with other users, share data, or exchange messages. The "Favourite Clinics" feature is a personal collection function. Favourite records are associated with your account and stored on our servers for cross-device synchronization, but are not shared publicly with other users.
6. Parental/Guardian Rights
As a parent or guardian of a child user, you have the following rights:
Right of Access: You have the right to review the personal data we have collected about your child.
Right of Correction: You have the right to request correction of inaccurate personal data about your child.
Right of Deletion: You have the right to request deletion of your child's personal data.
Right to Withdraw Consent: You have the right to withdraw your previously given consent at any time.
Right to Refuse Further Collection: You have the right to request that we stop collecting your child's personal data.
To exercise any of these rights, please contact us using the methods provided in the "Contact Us" section below. We will respond to your request within a reasonable time after receipt.
7. Third-Party Services
The Application uses the following third-party services to provide core functionality:
Service
Provider
Purpose
Data Processed
Push Notifications
Expo (Expo Push Notifications), Firebase Cloud Messaging (Google), Apple Push Notification service (Apple)
Sending appointment reminders and notifications (Expo serves as the push API intermediary; FCM handles delivery to Android devices; APNs handles delivery to iOS devices)
Push Token, notification content, device model
WhatsApp Messaging
WhatsApp (Meta)
Sending phone verification codes, appointment reminders, and other communications
Phone number, message content
Regarding WhatsApp messaging: We send verification codes and appointment reminders to users via the WhatsApp platform. Messages are processed by our internal system and delivered through WhatsApp. We transmit only phone numbers and message content. The delivery of WhatsApp messages is subject to Meta's (WhatsApp) Privacy Policy.
The above third-party service providers are bound by contract to process data only in accordance with our instructions and must implement appropriate security measures to protect data. All third-party services comply with requirements for children's services.
We implement the following measures to protect your personal data:
Encryption in Transit: All data transmissions use HTTPS/TLS encryption.
Secure Storage: Sensitive data (such as authentication tokens) is stored using device secure storage mechanisms (iOS Keychain / Android SecureStore).
Password Protection: Passwords are stored after cryptographic hashing; we cannot recover your original password.
Access Controls: Only authorized personnel can access personal data, subject to strict access control mechanisms.
Database Security: Databases use industry-standard security configurations and access controls.
While we strive to protect your data, please note that no method of online transmission or electronic storage is 100% secure.
9. Data Retention and Deletion
9.1 Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Specifically:
Account Data: Retained for the duration of your active account.
Appointment Records: Retained in accordance with medical records regulations.
Communication Records: Retained for the minimum period required by law.
9.2 Account Deletion
You have the right to request deletion of your account and associated personal data at any time. To delete your account:
Open the app, tap the menu icon in the top-left, then tap Account Detail, then tap Delete Account at the bottom of the page.
Contact us using the methods provided in the "Contact Us" section below.
For the full step-by-step guide and how each category of data is handled after deletion, see our
Account Deletion page.
Upon account deletion, we will delete all associated personal data, except for data that we are legally required to retain. If we need to retain specific data for legal reasons, we will clearly inform you.
10. Your Rights
Under applicable data protection laws, you have the following rights:
10.1 Rights Under the Hong Kong Personal Data (Privacy) Ordinance (PDPO)
Access your personal data.
Request correction of inaccurate personal data.
10.2 Rights Under the General Data Protection Regulation (GDPR) (for EU Users)
Right of Access: Obtain a copy of your personal data.
Right of Rectification: Correct inaccurate personal data.
Right of Erasure (Right to be Forgotten): Request deletion of your personal data in certain circumstances.
Right to Restriction of Processing: Request restriction of data processing in certain circumstances.
Right to Data Portability: Receive your personal data in a machine-readable format.
Right to Object: Object to data processing in certain circumstances.
10.3 Rights Under COPPA (for Parents/Guardians of U.S. Child Users)
Review personal data collected from your child.
Request deletion of personal data collected from your child.
Refuse further collection or use of your child's personal data.
11. Cookies and Tracking Technologies
The mobile Application does NOT use Cookies. We use device-native secure storage mechanisms (SecureStore) to store authentication tokens, language preferences, and selected district settings. This data is stored only on your device and is not used for tracking purposes.
We do NOT use any tracking technologies to:
Track users' online browsing behavior
Build user behavior profiles
Conduct cross-app or cross-site tracking
Serve behaviorally targeted advertisements
12. International Data Transfers
Your personal data may be transferred to servers located outside your jurisdiction for processing. When making such transfers, we ensure that:
Data transfers comply with applicable data protection laws.
Recipients provide a level of data protection equivalent to that of the originating jurisdiction.
Appropriate security measures are implemented to protect data in transit.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. In the event of significant changes, we will:
Post the updated Privacy Policy on this page.
Update the "Last Updated" date at the top of this page.
Notify you through in-app notifications or other appropriate means.
If changes involve significant modifications to the handling of children's data, we will re-obtain parental/guardian consent.
We recommend that you periodically review this Privacy Policy to stay informed about how we protect your data.
14. Contact Us
If you have any questions, comments, or requests regarding this Privacy Policy (including exercising your data subject rights, parental/guardian rights, or account deletion requests), please contact us through the following means: