Who are we?
Medicians Software Solutions Pvt Ltd (hereinafter, “Dietitio”), dedicates itself to the development of software,
namely in the health area, being, in particular, the company responsible for the creation and development of the
Dietitio software, in its various aspects. Aimed at Nutrition Clinics and Professionals, Dietitio, enables the
simplification of complex tasks such as planning, analysis and creation of food plans, nutritional measurements
and calculations, information management and analysis, and much more. Dietitio is, therefore, the entity that manages
the processing of personal data collected through the Dietitio software, acting, mainly, as processor of the Professional,
pursuant to the GDPR.
whether or not they register, to all users of the mobile application, from the moment they install it
on their device mobile, to all users of the platform who register for the trial period as well as for all
those who actually contract our services after the trial period ends.
the moment they open our website or our mobile application, no matter where they are located.
The use of the services provided by Dietitio is conditioned by the acceptance of the Terms and Conditions
of Use and the reading of this Policy. In the event that you do not agree to these stipulations, please do not use our services.
What data do we collect?
The collection and processing of data is fundamental to the operation of Dietitio. It's based on that data
that our project is built and it's that informational core that allows us to provide you with a service in the area
of nutrition and patient management that is known for its excellence. We have reviewed and limited the data collection
and the period of retention of the data to the minimum necessary.
There are various sets of information and data that we collect and process. To simplify, we’ll be dividing those
sets of information in three large groups: Professionals, Patients and Secretaries.
- Data required from the Professional upon registration: all data entered by the Professional when registering on
the platform is stored and processed. It is this registry that allows us to identify the Professional and give him access
to the reserved area of query management as well as correctly connect him to the patients that he inserts. In addition, this
is the data we deem indispensable, together with the billing data, so that the contractual relationship between Dietitio and
the Professional is carried out regularly. The data we require when registering is: the full name, the name of the primary
place of work, the gender, country of residence, email and, of course, a password. In addition to these, all data voluntarily
inserted by the Professionals during their use of the software is processed.
- Payment data: the payment data of your monthly payment are also processed by Dietitio, although for this purpose
a processor is used. Only then can we debit the amounts associated with the monthly payment you have chosen. The data
required for this purpose is: a credit or debit card number, an expiration date and a security code.
- Billing data: in order to comply with our tax obligations, we must ask you for some billing information
such as: name, tax number, address, city, postal code and country.
- Automatically collected data:in addition to the data mentioned above, we also automatically collect, through
cookies and other methods and services, a set of data that allows us to know precisely how you use the platform, the country,
the date and time of the login, among other information. In addition to this information we also collected other data such as
the I.P. address, the browser you use to access and its version, the language, your device operating system, among others.
We would like to emphasize that this type of data collection is mainly intended to facilitate the work of our team whenever
you need our support. It’s the collection of these groups of information that allows the quick resolution of problems on our
platforms, without it we wouldn’t be able to guarantee the normal operation of our service and its maintenance.
For more information please check our section on how we disclose and share data with third parties (subprocessors) and
Patients’ data is directly collected, for the most part, by the Professional.
He is the controller and the main responsible for the processing of the patients’ personal data. Having said that,
besides a minimum set of legally required measures, Dietitio is not responsible for providing the information and guarantees
imposed by the GDPR on the Professionals in regard to their relationship with the Patient.
A series of personal data might be requested by the Professional to the Patient, or recorded by observation, which may range
from “simple” personal data categories (such as: billing data, user identification number, among others, such as name complete,
address, cell phone, and many more) to data considered as “special” (examples of this type of data include race, personal and
social history, clinical history, food history, body measurements, among other information).
Dietitio only treats Patient data as it is entered by the Professional, or directly through the mobile application.
The use of the mobile application is intended for use by patients and is, of course, optional and, in cases where it is used,
we collect the following data:
- Data entered by the patient: all data entered by the Patient, be it when logging in into the mobile application
or posteriorly, is stored and processed. It’s this set of data that allows us to identify the Patient, to give him access
to their reserved area, to associate them correctly with the Professional who advised them and to give them access to their
plans. Examples of such data include login credentials, but also other data such as the amount of water ingested, weight, and
- Location data: with the use of the mobile application we may access information contained in the GPS of your mobile
device. However, this operation is optional and must always be previously consented by the user.
- Local files, notifications and other data:on certain occasions the mobile application may access, with the
Patient prior consent and by their order, to local files or information stored in other applications. All these operations
are optional, serving only as a way of complementing and enhancing the usefulness of the service we provide. Get to know
some of the features of our application:
- Notifications:for the convenience of the Patient, the Dietitio application will send notifications about
their food plans, amounts of water, messages and appointments. These notifications are daily updated, automatically.
This feature can be disabled at any time in the application settings.
- Health Apps:at the Patient's request the Dietitio application may connect to other health applications
such as Apple Health. In these cases, data on physical activity, namely, steps, distance and active calories will be
- Camera and Gallery:at the Patient’s request, the application can access the camera and the image gallery of the
mobile device, allowing the Patient to take pictures and send them through message to their Professional or send images
already stored in the gallery.
- Automatically collected data:in addition to the data mentioned above, we also automatically collect, through cookies
and other methods and services, a set of data that allows us to know precisely how you use the platform, the country, the date
and time of the login, among other information. In addition to this information we also collected other data such as the I.P.
address, the browser you use to access and its version, the language, your device operating system, among others. We would like
to emphasize that this type of data collection is mainly intended to facilitate the work of our team whenever you need our support.
It’s the collection of these groups of information that allows the quick resolution of problems on our platforms, without it
we wouldn’t be able to guarantee the normal operation of our service and its maintenance. For more information please check our
Like the Patients’ data, Secretaries’ data is also directly collected, for the most part, by the Professional.
He is the controller and the main responsible for the processing of the Secretaries' personal data, and may lack consent in the
context of their contractual relations to which Dietitio is unrelated.
However, when using the platform, and in addition to the treatment performed on the data entered directly by the Professional,
Dietitio also collects some data which was already listed in relation to the Professional as "Automatically collected data",
and so, we ask you to check this section.
Purposes of the processing
We use the data we collect for a series of purposes that we want to make known. Those purposes may be based on
a legal obligation, the legitimate interests of Dietitio, the performance of the contract or consent, depending on the case.
- Provision of our service: we use the vast majority of the data entered, either by Professionals or Patients,
so that we can provide our service as efficiently as possible within the contractual relationship established between
Dietitio and the Professional.
- Maintenance and improvement of services:we conduct behavioral analysis of the use made by the Professionals
and by the Patients of the website and the mobile application. It is fundamentally this type of analysis that allows
us to determine the usefulness of certain functionalities and change or correct them depending on the result. In addition,
we may use your non-anonymized data in the context of the communication of a bug or error in the software by the user and
always with the purpose of solving it. We can also, for example, at the request of the user, copy data between accounts.
- Customer support:it is essential for the quality of our service that we can answer efficiently to all the questions
you ask us, using for that purpose any personal data that we deem necessary for the contact and resolution of the question
that may arise, which may be, depending on the case, your full name, your email, your mobile phone number or your address,
among other information. In addition to this data and with the same purpose, we may collect usage statistics of our platforms.
- Billing:it would be impossible for us to comply with our legal and tax obligations if we did not address the
processing of some billing information. It is only for this purpose that we collect, at the time of payment, personal
data such as the tax identification number, among others already listed above.
- Legal matters:we may use your personal data to comply with court orders and tax and administrative inspections,
among other legal requirements. In the eventuality of a court order, all personal data, be it from a simple or special category,
of the Professionals’ or Patients’, may be, if our legal team agrees with the legal basis of the warrant, made available in full
to the administrative or judicial authority in question.
- Marketing:we may use your data to send you emails, notifications, text messages and postal mail. We will never do it,
however, without your express authorization and you can freely choose not to subscribe and continue enjoying the rest of our
services. In order to provide you with a tailor-made experience, the processing of such communications may be subject to
automated individual decision-making, including profiling.
- Security and contractual purposes:we use your data to perform behavior analysis in order to prevent or
address suspicious or fraudulent conducts and to ensure that the contractual relationship between Dietitio and the
Professional is timely met.
Data retention period
Personal data may be retained for different periods of time depending on its legal relevance or the duration
of the contractual relationship.
Some of your personal data may be processed by third parties who are not part of our services. We have limited these
operations to the bare minimum we need to continue to operate efficiently. To know more about our subprocessors contact
us to firstname.lastname@example.org
- Analysis of the use of software: we resort to applications in order to analyze the use of our software, such as Google Analytics.
- Payment Details: payment data is fully processed by external payment services such as Paypal.
- Email marketing:our newsletters and contacts are sent, managed and processed by third parties specialized in mass mailing and
advertising campaigns such as Mailjet.
- Advertising:we use analysis tools for marketing and advertising purposes.
- Support: we use external applications to provide support, for example, through chat.
- Data storage and processing: storage, processing and backup of your personal data is carried out securely
in hosting and computing companies located mainly in Europe.
- Audits and maintenance: your data might be accessed within the scope of independent quality control and
security audits of our services. All audits are subject to confidentiality and are closely monitored by the Dietitio team.
In addition, we use external software that helps us detect errors and debug the software.
- Other processors and services:in addition to the services listed above we may interconnect with social networks
like Linkedin, Twitter, Bing and other services like Outlook, Google Fit, among others.
We want to ensure that your rights are fully respected. In those situations where the automatic mechanisms
already implemented do not allow us to fully guarantee these rights you can contact us through email@example.com
- Right of access: the data subject has the right to access the information concerning him, namely the purposes
of the processing, the categories of personal data processed, and other information. You are already able to instantly
access most of this information in your profile area.
- Right to rectification:the data subject has the right to obtain correction of inaccurate or incomplete personal
data, and where it is compatible with the purposes of processing, the right to rectify it. You are already able to correct
and rectify most of your personal data in your profile area.
- Right to erasure (“right to be forgotten”):the data subject has the right to obtain the erasure of personal
data concerning him without undue delay. Starting from this request the countdown for the total and definitive deletion
of the data of all the servers begins.
- Right to restriction of processing and right to object:these rights may be exercised, if applicable, by
reaching us through the contacts provide above.
- Right to data portability:the data subject has the right to receive, in a reusable digital format,
all information concerning him, which he has provided to Dietitio.
We are constantly working to make the relationship between the Professional and the Patient as easy as possible to expedite.
As processor of the Professional, Dietitio recognizes and assists the Professional in the realization of the patients’ rights,
as far as is technically possible and legally required, namely, by implementing the technical and administrative measures that
appear to be most appropriate. For all those situations where there are no automated mechanisms for compliance with the
Regulation we recommend that you contact our team or our Data Protection Officer.
We remind you that it is the responsibility of the Professional to collect the data subject consent, in the cases where
the processing of the personal data is carried on that basis, as well as guarantee the rights of access, opposition,
rectification, erasure, portability and limitation of the processing of the Patient data, whenever applicable to the
specific treatment, among other obligations arising from the Regulation. It is the responsibility of the Professional to
guarantee the Patient access to all rights and information to be provided under the General Data Protection Regulation.
The security of your data and the services we provide are one of our highest priorities. As such, we regularly
review our platforms and servers to ensure that all measures are being taken to mitigate security risks, using the
most current encryption, surveillance and auditing techniques. These measures may only reflect on our servers or, otherwise,
have immediate impact on our platforms, such as increased password complexity,
new SSL certificates, two-step verification, and more.
recommendations issued by the control authorities, or changes to our business model, among others, we may have
to amend this Policy. We recommend that you visit this page regularly and keep up with the latest updates.
We will notify you whenever we make substantial changes to this Policy that might jeopardize your rights.
If at the end of this reading you still have doubts or to exercise your rights, please contact us to:
3rd Floor, 69/6A, Rama Road,
Kirti Nagar, New Delhi - 110015