Privacy

Privacy Policy

Last updated: 4 June 2026

Carelabs Sweden AB ("we", "us" or "our") is committed to protecting the privacy of clinics, care providers and their patients. This privacy policy explains how we collect, use and protect personal data when you use our self-service platform (the "Service").

1. What information we collect

a. Clinic information

When a clinic registers for our service, we collect:

• The clinic's name and contact details
• The administrator's name and email address
• Billing and technical details
• Integration details for Stripe or Surfboard Payments (where applicable)

b. Patient information

When patients use the self-service feature, we may process:

• Name, date of birth, contact details
• Booking or check-in information
• Insurance or payment details (where entered voluntarily)

Please note: We do not store or process any payment or card details. All payment information is handled securely via Stripe or Surfboard Payments.

2. How we use the information

We use the information we collect to:

• Provide and improve our self-service platform
• Enable clinics to manage patient check-ins efficiently
• Integrate with payment providers for seamless transactions
• Communicate with clinics about updates, support and use of the service

3. Payment processing

• Payments are processed directly by Stripe or Surfboard Payments via secure integration.
• We do not collect or store any card or bank details.
• Clinics are responsible for their own agreements with payment providers and are bound by their respective terms of service and privacy policies.

4. Data retention

• Clinic information is stored for as long as the account is active or as needed to deliver the service.
• Patient information is stored according to the clinic's settings and applicable regulations. We do not store patient data longer than necessary for the operation of the service.

5. Data security

We apply industry standards to protect your information, including:

• Encrypted data transmission (SSL/TLS)
• Secure access controls
• Regular security reviews

Please note that no system is entirely risk-free. Clinics are responsible for securing their own devices and login credentials.

6. Third-party services

We may use trusted third-party providers (e.g. cloud services, analytics services) that meet applicable data protection standards. All data processors are contractually obligated to protect your data.

7. Your rights (for clinics and patients)

Depending on where you are located, you may have the right to:

• Access or update your personal data
• Request that your data be deleted
• Object to certain processing
• Withdraw consent (where applicable)

To exercise these rights, please contact us at support@carelabs.se.

8. Children's privacy

Our service is not intended for direct use by children under the age of 13. Clinics are responsible for ensuring that any collection of children's data complies with applicable laws.

9. Changes to this policy

We may update this privacy policy as needed. The latest version is always published on our website with an updated date. By continuing to use the service, you accept the updated policy.

10. Contact us

If you have questions about this policy or how we handle your data, contact us at: support@carelabs.se