MediDesk policies

Privacy Policy and POPIA Notice

How MediDesk and DeskLabs collect, use, share, retain, and protect personal information under POPIA.

Operator: DeskLabsEffective date: 23 June 2026Version: 1.4Information Officer: io@desklabs.co.za

1. Introduction

DeskLabs operates MediDesk, a cloud-based practice management platform for South African private healthcare practices. This Privacy Policy explains how we collect, use, share, and protect personal information in connection with MediDesk, in accordance with the Protection of Personal Information Act 4 of 2013 ("POPIA"). MediDesk is a purely administrative practice management tool. It has no clinical functionality in any capacity and is not a medical device, electronic health record, or clinical system. Any health information held through MediDesk is stored solely for administrative practice management purposes.

2. Who This Policy Applies To

This Policy applies to:

  • visitors to getmedidesk.co.za;
  • customer practices and their staff who use MediDesk;
  • patients and individuals who interact with MediDesk public forms such as consent forms;
  • patients and visitors who use MediDesk walk-in queue check-in pages;
  • patients who receive and view appointment detail links sent by a practice;
  • patients who interact with the AI Voice Receptionist when calling a practice that has enabled this feature;
  • anyone who contacts DeskLabs for support.

For patients: If you are a patient of a practice that uses MediDesk, that practice is the responsible party for your records. Patient record requests — access, correction, deletion — should be directed to your practice first. See Section 13 for the patient-facing privacy notice that applies to public check-in and consent forms.

3. Roles Under POPIA

DeskLabs is a responsible party for personal information it processes for its own purposes — account management, billing, support, security, and marketing. Customer practices are typically the responsible party for patient personal information they enter and manage through MediDesk. DeskLabs processes that data as an operator on the practice's behalf, under the Data Processing Agreement.

4. What Personal Information We Collect

We collect the following categories depending on the relationship:

Account and practice information
Practice name, contact email and phone, practitioner details, branding settings, subscription and billing records, PayFast payment identifiers (not card numbers). SMS credit purchase records and top-up invoices are also retained.

Practice user information
Name, email, role, permissions, login and session metadata, and audit log entries.

Patient information (entered by practices)
Identity and contact details, medical aid information, guardian and caregiver details, appointment and check-in records, health and clinical information (stored for administrative purposes only — MediDesk is not a clinical system), consent forms and signatures, billing and authorisation records, and communication logs including SMS message content and metadata.

AI Voice Receptionist data
Where a practice has enabled the AI Voice Receptionist feature, MediDesk processes inbound call data on behalf of that practice. This may include call audio, call recordings (where the caller has consented to recording), automated transcripts and call summaries, caller phone number and call metadata, and appointment booking or cancellation requests made during the call. Call recordings are only made where the caller provides consent during the call. Practices control whether recording is enabled and configure the consent message played to callers.

Public form submissions (consent forms and walk-in queue check-in)
When a patient or visitor submits a consent form or checks in via the walk-in queue, MediDesk collects the information entered on that form on behalf of the relevant practice. This may include identity, contact, health, and consent information. Refer to Section 13 for the patient-facing notice applicable to public form submissions.

Support and bug report information
Support ticket content, bug report screenshots (which may contain patient information), error logs, IP addresses, and device metadata. See Section 12 for how this data is handled.

Website information
Enquiry form submissions and contact details from visitors to getmedidesk.co.za.

5. Why We Use Personal Information

We process personal information to:

  • provide, operate, and improve MediDesk;
  • manage accounts, subscriptions, and billing;
  • send configured SMS communications on behalf of practices;
  • operate AI Voice Receptionist services on behalf of practices, including call handling, appointment booking, and transcription;
  • provide customer support and resolve issues;
  • maintain security, detect abuse, and investigate incidents;
  • comply with our legal obligations;
  • send product, service, and security communications to account contacts.

6. Sharing Personal Information

We share personal information only as necessary:

Service providers and subprocessors
We use third-party providers who process data on our behalf. Each is bound by appropriate data protection obligations. Current providers are:

ProviderPurposeCountry / RegionNotes
SupabaseDatabase, authentication, file storageUS (AWS us-east-1)Patient data, practice records
VercelApplication hosting and deploymentUS (Edge global)Application layer only
WinSMSSMS messaging (primary provider)South AfricaMessage bodies and metadata
TwilioSMS messaging (fallback provider)USMessage bodies and metadata; used only if WinSMS is unavailable
Retell.aiAI Voice ReceptionistUSCall audio, transcripts, recordings (with consent)
OpenAIAudio transcriptionUSCall audio for transcription only; not used for AI training
PayFastSubscription payments and SMS credit top-up purchasesSouth AfricaPayment tokens only; no card numbers stored by DeskLabs
SentryError monitoringUSError logs; PII scrubbed before transmission
Make.comAutomation webhooksEUWorkflow automation for operational processes
CloudflareWeb analytics and performanceUS / GlobalCloudflare Web Analytics; no personally identifiable data collected
UpstashRate limitingUS / EURequest metadata only

Legal requirements
We may disclose personal information to regulators, courts, or authorities where required by law.

Professional advisers
We share information with legal, security, and financial advisers under confidentiality obligations.

We do not sell, rent, or trade personal information to third parties.

7. Cross-Border Transfers

Several of our service providers process data outside South Africa, primarily in the United States. Where this occurs, we take reasonable steps to ensure appropriate protections are in place in accordance with POPIA Section 72, including contractual data protection obligations with those providers.

8. Data Retention Schedule

We retain personal information only as long as necessary for the purposes described in this Policy or as required by law:

Data categoryRetention periodNotes
Patient records (active practice)Duration of subscriptionAccessible to practice at all times
Patient records (post-termination)30 days after terminationExport window; deleted from active systems thereafter
Billing records and invoices5 years (South African tax law)Invoices available in app for 6 months; retained in records for tax period
Audit logs3 yearsAccessible to DeskLabs security and legal
SMS logs2 yearsMessage metadata and bodies retained for traceability
AI call recordings and transcripts2 yearsRetained for support, audit, and dispute resolution
Security and access logsAs operationally required (minimum 1 year)Supabase and Vercel platform logs
Support tickets and bug reportsDuration of issue resolution plus 90 daysScreenshots containing PHI deleted promptly after resolution
Account user recordsDuration of account plus 30 daysDeleted with practice data
Backup dataPer Supabase backup scheduleBackup copies may persist beyond active data deletion
Website enquiries12 monthsUsed to respond to enquiries only

9. Security

We implement reasonable technical and organisational measures to protect personal information, including access controls, encryption in transit (HTTPS/TLS), private storage for patient documents, audit logging, and incident response procedures. No security measures can guarantee absolute protection. See the Information Security Policy for full details.

10. Your Rights

Under POPIA you have the right to:

  • access personal information DeskLabs holds about you;
  • request correction of inaccurate or incomplete information;
  • request deletion where no lawful basis for processing exists;
  • object to processing based on legitimate interests or for direct marketing;
  • withdraw consent where processing is consent-based;
  • lodge a complaint with the Information Regulator at inforegulator.org.za.

To exercise your rights, contact: privacy@desklabs.co.za.

Patients of a practice: Most patient record rights requests should be directed to the relevant practice as the responsible party. DeskLabs will assist where technically appropriate.

11. AI Voice Receptionist

MediDesk offers an optional AI Voice Receptionist feature that enables practices to automate inbound phone call handling, including appointment booking, cancellation, rescheduling, and responding to frequently asked questions.

When a patient calls a practice that has enabled this feature:

  • the call is handled by an AI-powered voice agent operated by Retell.ai on behalf of the practice;
  • call audio may be transcribed using OpenAI's transcription service;
  • call recordings are only made where the caller provides verbal consent during the call;
  • transcripts, call summaries, and metadata (duration, timestamps, caller number) are stored;
  • the practice controls the AI Receptionist's configuration, including greeting messages, recording consent messages, and available appointment types.

The AI Voice Receptionist does not provide medical advice, make clinical decisions, or replace human practitioners. It is an administrative call-handling tool only.

DeskLabs and its AI subprocessors (Retell.ai, OpenAI) do not use call data for AI model training purposes.

12. Support and Bug Report Data

Support tickets, error reports, and bug report screenshots submitted by practice staff may contain patient personal information. DeskLabs handles this data as follows:

  • support data is used only to resolve the reported issue;
  • DeskLabs staff are restricted from accessing, copying, or using patient information in support data for any other purpose;
  • screenshots and attachments containing patient information are deleted as soon as the issue is resolved;
  • DeskLabs may log that a support interaction occurred, without retaining the patient personal information content beyond 90 days after resolution.

Practices are encouraged to redact or blur patient information in screenshots before attaching them to support tickets.

13. Patient-Facing Notice for Public Forms and Queue Check-In

This section constitutes the POPIA notice for patients submitting personal information through MediDesk public forms (walk-in queue check-in, consent forms, and similar patient-facing pages). It must be accessible at the point of submission.

Appointment detail links are read-only pages that display appointment information (date, time, type, and practice contact details) via a time-limited token. They do not collect or submit any personal information from the patient.

Who is collecting your information? The healthcare practice that sent you this form or link. That practice is the responsible party for your personal information.

What is being collected? The information you enter on this form, which may include your name, contact details, identification details, health information, and consent.

Why is it being collected? To manage your appointment, check-in, consent record, or the specific purpose stated on the form.

Who may receive it? The practice's authorised staff. MediDesk (operated by DeskLabs) stores this information on behalf of the practice. DeskLabs does not use patient information for its own marketing or commercial purposes.

Your rights: You may request access, correction, or deletion of your information by contacting the practice directly.

Platform operator: MediDesk is operated by DeskLabs. Contact: privacy@desklabs.co.za.

14. Cookies

MediDesk uses session cookies required for authentication. These are strictly necessary and cannot be disabled. We use Vercel Analytics and Cloudflare Web Analytics, both privacy-respecting analytics tools, to monitor platform performance in production. Neither tool uses cookies or collects personally identifiable information. We do not use advertising cookies or share analytics data with third parties for marketing.

15. Changes to This Policy

We may update this Policy from time to time. Material changes will be notified by email or in-app notice at least 14 days before taking effect. The current version is always available at getmedidesk.co.za/privacy.html.

16. Contact

Information Officer: io@desklabs.co.za
Privacy enquiries: privacy@desklabs.co.za
Operator: DeskLabs — legal@desklabs.co.za
Information Regulator of South Africa: inforegulator.org.za

Contact: privacy@desklabs.co.za | legal@desklabs.co.za | desklabs.co.za