Back to Home

Privacy Policy

Last updated: 4/12/2026

1. Introduction

At Klov we value and respect your privacy and that of your patients. This Privacy Policy explains how we collect, use, share and protect the personal information and data we obtain through the use of our platform and website.

2. Information We Collect

  • Account Information: Name, email, phone, encrypted passwords and clinic details such as name, location and currency settings.
  • Patient Data: Through our service, healthcare professionals enter clinical history, diagnoses and biometric information of their patients.
  • API Usage (e.g. Google Calendar): When linking your Google Calendar account, we will collect and store a secure access token (Oauth2) solely for the purpose of synchronizing, reading or scheduling appointments coming directly to and from the Klov platform.

3. How Do We Use Information?

We use the collected information for the following purposes:

  • Provide, maintain and improve our services (including proper agenda visualization).
  • Synchronization of events (such as creating or updating appointments) through Google Calendar when you grant connection permission.
  • Access authentication and role configuration within the system (Receptionist, Doctor, Administrator).
  • Communication regarding support and system updates.

Important: We DO NOT use patients' medical data for advertising purposes or sales to third parties.

4. Use and Disclosure of Google User Data

Information received through Google APIs strictly and rigorously adheres to the Google API Services User Data Policy, even in Limited Use requirements.

Our application restricts the use of this data to offer appointment creation and synchronization and under no circumstances is such information used to serve ads or sell to data brokers. Klov DOES NOT share, transfer, or disclose data obtained from Google users (such as Google Calendar events) to third parties under any circumstances, except to the extent strictly necessary to provide the appointment synchronization service within the core platform, or when required by law. Google Workspace data remains isolated within our infrastructure.

5. Data Protection Mechanisms and Retention

Data in Klov is stored through secure cloud providers. We employ advanced technical mechanisms for protecting sensitive data, including AES-256 encryption for data at rest at the database level and TLS 1.2 or higher protocols for encrypting data in transit. We implement strict Role-Based Access Controls (RBAC) ensuring that only authorized personnel can access patients' health information. We will retain data as long as you maintain an active account, or as required by legal obligations. By unlinking Google Calendar from our Integration options, the process will revoke the access token and permanently delete it from our databases automatically.

6. User Rights

You can at any time rectify or delete your account and information. If requested by a patient (in accordance with applicable laws), you can provide exports or deletion of their medical information. You can also unlink access to your Google Calendar directly in Settings - Integrations, or from the account settings in your Google profile.