How We Use Your Data

Last Updated: August 2, 2025

This document provides a transparent overview of how data is used within the XDULR platform. Our primary goal in collecting data is to provide, secure, and improve the services that connect Practitioners with their Clients. XDULR acts as a secure data processor, providing the tools for Practitioners to manage this information effectively.

Part 1: Practitioner Data

This section describes how we use the data provided by our direct users—the Practitioners.

1.1. Account & Profile Information

Your account and profile information is used to operate your account and represent your practice to your clients.

  • Authentication & Security: Your email and password, along with Two-Factor Authentication (2FA) details like your phone number, TOTP secret, and single-use recovery codes, are used exclusively for securing your account and verifying your identity upon login.
  • Public Business Profile: Information such as your business name, type, address, website URL, and professional bio is used to create your public-facing booking pages and to inform your clients about your practice.
  • Personalization: Your profile picture is used to personalize your profile and communications within the platform.

1.2. Financial & Subscription Information

This data is used to manage platform fees and your financial interactions with both the platform and your clients.

  • Practitioner Wallet: We store your wallet balance to pay for per-appointment platform fees and other services. Your settings for auto-recharge are used to automatically top up this balance.
  • Transaction History: We keep records of all wallet transactions to provide you with a clear history of deposits and charges.
  • Client Payments (Stripe): Your Stripe Account ID is used to connect your Stripe account to the platform, which is essential for you to receive payments directly from your clients.
  • Platform Subscriptions: We track your purchases of optional, value-added services like the AI-Generated Website or White Labeling.

1.3. Operational & Service Data

This is the core data you provide to make the platform's scheduling and client management features work.

  • Services & Staff: The details of the services you offer and the staff members who perform them power the appointment booking system.
  • Availability: Your defined working hours are used to calculate open time slots in the booking calendar and prevent double-bookings.
  • AI Voice Assistant: Your configured personality prompt and uploaded knowledge base documents are used by the AI to accurately answer calls from your clients.
  • Custom Forms: The structure of the forms you build is used to present them to your clients and collect their responses.

Part 2: Client Data

Client data is entered and managed by the Client through our secure client portal. Clients maintain control over their information and provide explicit authorization to their chosen Practitioners to access the data necessary for receiving services. The following is a comprehensive list of the data Clients can store on the platform and authorize Practitioners to view.

2.1. Core Client Profile

  • System Information: A client's profile is linked to a system user account and associated with one or more Practitioners.
  • Client Portal Access: We generate a unique XDULR ID and a PIN to allow clients to securely access their information.
  • Personal & Identity Details: Full name, preferred name, Social Insurance Number, date of birth, sex assigned at birth, gender identity, preferred pronouns, and marital status. This is used by the Practitioner for identification and to provide personalized service.
  • Contact Details: Email, phone numbers, and full mailing address for communication and administrative purposes.
  • Administrative Fields: Practitioners can view a client's Status (e.g., Active, Lead) and any internal Notes they have made for their own reference.

2.2. Health & Wellness Profile

This sensitive information is stored for the Practitioner's professional use to provide safe and effective care, particularly in healthcare and wellness contexts.

  • Public Health Information: Health card number, version code, and expiry date.
  • Medical History: Preferred pharmacy, allergies, current medications, existing conditions, surgical history, hospitalization history, family medical history, and immunization records.
  • Lifestyle: Notes on smoking, alcohol, exercise, and diet.
  • Examination History: A record of last exam dates (e.g., physical, dental).
  • Care Team: A list of the client's other healthcare providers, such as a Primary Care Physician or specialists.

2.3. Legal & Insurance Information

This data is stored to assist Practitioners—especially those in the legal or healthcare fields—with administrative tasks and claims.

  • Insurance Details: Provider, policy number, group number, and policy start/end dates.
  • Advanced Directives: Organ donor status, living will status, and Do Not Resuscitate (DNR) orders.
  • Legal Profile: Location of a will, contact information for executors and Power of Attorney (POA) for property and personal care.
  • Legal Incidents: Records of specific legal incidents, including date, location, description, and report numbers.

2.4. Demographic & Preference Data

  • Citizenship & Language: Country of birth, citizenship status, date of arrival, primary language, and whether an interpreter is needed.
  • Accessibility: Any specific accessibility needs required for service delivery.
  • Client Preferences: The client's preferred contact method (Email, Phone, SMS), best time to contact, and preferences for receiving marketing or platform update emails.

2.5. Other Related Information

  • Emergency Contacts: Name, relationship, and phone numbers of contacts to be used in an emergency.
  • Family Members: A list of the client's family members, such as a spouse or children.
  • Employment & Travel History: Records of the client's past and present employment and international travel.
  • Financial Overview: Name of the client's primary bank and general notes on their financial situation.

2.6. Platform Interaction Data

This data is generated through the client's and practitioner's use of the platform.

  • Appointments: Records of all past and future appointments.
  • Communications: A complete, time-stamped history of all secure messages and SMS texts exchanged between a Practitioner and a Client.
  • Form Submissions: A client's answers to a Practitioner's custom forms are stored and linked to their profile.
  • Client Documents: Clients can upload and categorize files, such as ID scans, medical reports, or contracts, and authorize their Practitioner to view them.
  • Authentication: We temporarily store One-Time Passcodes (OTPs) to allow clients to securely log in.