DR MAYA is committed to safeguarding your privacy and protecting your data. This Privacy Policy outlines how we process your information in compliance with the General Data Protection Regulation (GDPR) and other applicable laws.

By registering for the DR MAYA app, you agree to the terms outlined in this Privacy Policy, the Terms and Conditions, and the Disclaimer.

Data Collection and Processing

When you use DR MAYA, we may collect and process specific personal data, including:

• Personal Identifiable Information (PII): Your name, email address, telephone number, date of birth, and other contact details. This information is mandatory to facilitate the app's functionality.
• Equality and Diversity Data: This includes information on age, ethnicity, disability, gender, sexual orientation, caring responsibilities, and religion or belief. Providing this data is optional and will be anonymized for statistical purposes.

Purpose of Data Collection

We collect your data to:

• Facilitate App Functions: Helping users differentiate between familiar and serious illnesses.
• Compliance: Adhere to legal, regulatory, and policy obligations.
• Business Purposes: Legitimate purposes, such as enhancing app features and user experience.
• Diversity Monitoring: Use anonymized data to report and understand trends.

Your data will not be shared with employers, employees, or doctors or stored in employment-related files unless explicitly required by law or with your consent.

How We Use Your Data

Your data may be processed for:

• Compliance with legal and regulatory obligations.
• Court orders and legal rights defence.
• Legitimate business activities aligned with applicable laws.

We ensure your data remains accurate and complete. Please notify us promptly of any changes or inaccuracies.

Access and Sharing

Your data will only be accessed by authorized personnel for legitimate purposes, such as:

• Internal Staff: HR, Finance, and other relevant staff for specific operations.
• Third-Party Providers: We may use third-party providers for recruitment, background checks, and testing. These providers comply with GDPR and have their privacy policies.

Third-Party Use

• Online Testing: Your name and email may be shared with third-party testing providers during recruitment. These providers will not share your data without consent.
• Background Checks: If required, verification providers may access minimal data (e.g., name, date of birth). These providers comply with strict privacy and security policies.

Retention Policy

We will retain your data only for as long as necessary to fulfil the purposes for which it was collected or to comply with legal requirements. Inactive accounts and data stored in the system will be automatically deleted after 12 months, following prior notification.

Your Rights Under GDPR

Under GDPR, you have the right to:

• Access Your Data: Request a copy of your data by emailing info@intufix.com.
• Correct Your Data: Request updates or corrections if your information is inaccurate.
• Delete or Restrict Use of Your Data: Request deletion or limitation of data use where applicable.
• File Complaints: If you believe your data has been mishandled, contact info@maya.doctor or escalate to the International Commissioner's Office (ICO) if you are unsatisfied with our response.

We aim to address all data-related queries within one month. For complex requests, this period may be extended to three months.

Security of Your Data

We take data security seriously and implement appropriate measures to protect your data. Any third-party providers involved must adhere to our strict security standards.

Updates to This Policy

This Privacy Policy may be updated to reflect legal, regulatory, or operational changes. Any changes will be noted with the effective date at the top of this document.

For further information or queries regarding this Privacy Policy, contact us at info@intufix.com.

Last updated: January 15th, 2025