Terms & Policies
Last Updated: Aug 2025 These Terms & Policies govern your use of Medikan.
Contents

Terms & Conditions

Acceptance of Terms

By signing up for or using the Medikan clinic management platform (“Medikan” or “Service”), you (“Customer” or “Subscriber”) agree to these Terms and Conditions and enter into a binding agreement with Medikan. If you do not agree, do not use the Service. We may update these Terms from time to time and will notify you of material changes (e.g., email or in-app notice). Continued use after changes means you accept the revised Terms.

Platform Use and License

Medikan grants you a limited, non-exclusive, non-transferable license to access and use the Service for your internal business purposes (managing your private clinic's appointments, patient records, billing, communications, etc.). All intellectual property rights in the Service (software, content, trademarks) belong to Medikan. You shall not copy, resell, or misuse the Service beyond the permitted scope. For example, you must not attempt to reverse engineer our software, rent or sublicense it to third parties, or use it to build a competing product. You also must not use Medikan for unlawful activities (e.g. sending defamatory or illegal material, introducing malware, or infringing others' rights). Medikan may suspend or terminate your access if you violate these restrictions or applicable laws.

Not Medical or Legal Advice

Medikan is a software tool for administrative management of healthcare clinics. It is not a healthcare provider and does not give medical advice or diagnoses. Any health-related information in the system (e.g. patient records, automated reminders) is for your operational use only. Medikan is not a substitute for professional medical judgment, and you are solely responsible for all decisions regarding patient care, treatment, and the use of information generated by our Service. Medikan also does not provide legal or regulatory compliance advice for your clinic; you should seek your own professional guidance to ensure you follow all laws and regulations applicable to your practice.

Customer Accounts

The Subscriber (clinic owner or administrator) will designate an account owner with authority to manage the Medikan account (add users, assign permissions, update billing, etc.). You are responsible for ensuring that all user information is accurate and that login credentials are kept secure. Each user must have a unique login—sharing accounts is not permitted. You are responsible for all activity under your accounts and for your users’ compliance with these Terms. You must notify us immediately at our support contact if you suspect any unauthorized access or security breach. Medikan is not liable for any loss or damage arising from unauthorized use of your accounts due to your failure to safeguard credentials.

Subscription and Fees

Medikan is offered on a subscription basis, either monthly or annual as selected by you. Fees are charged in advance for each billing period (e.g. charged at the start of the month or year). All subscriptions auto-renew at the end of each billing cycle to ensure uninterrupted service. You authorize us (or our payment processor) to automatically charge the subscription fees using the payment method you provide, at each renewal. If you do not wish to renew, you must cancel before the next billing date (see Cancellation Policy below) to avoid further charges. We may increase subscription fees or introduce new fees at renewal or in response to higher usage (for example, if your clinic grows and requires a higher tier) with prior notice to you.

No Refunds

by default. This means that once you have paid for a month or year of Service, you will not receive a refund if you decide to downgrade or cancel during that period. The Service will remain available to you until the end of the paid term even if you cancel early. Exceptions: If Medikan discontinues the Service entirely or terminates your subscription without cause, we will refund any pre-paid fees for the unused portion of your term. However, if your access is terminated due to your violation of these Terms or applicable law, you are not entitled to any refund, and any unpaid fees for the remaining term will become due and payable. (See also our Refund Policy section below.)

Payment Processing

We use third-party payment processors (such as Middle East Payment Services (MEPS)) to handle subscription payments. You must provide valid payment information and keep it updated. All payment transactions are encrypted and processed securely by our payment gateway. We do not store full credit card numbers on our servers; such sensitive payment data is handled by the payment processor in compliance with industry standards (PCI-DSS). By paying for Medikan, you agree to the payment processor's terms and policies as well. Medikan is not responsible for any payment processing errors or security breaches at the third-party processor, but we will facilitate communication with the processor to resolve issues as needed. Any applicable taxes (e.g. sales or value-added tax) will be added to our fees as required by law, and you are responsible for paying all such taxes.

Third-Party Services and Integrations

Medikan may integrate with or enable you to use third-party services as part of our platform's features. For example, Medikan allows clinics to communicate with patients via WhatsApp, SMS, and email, by integrating with WhatsApp's API, SMS gateways, and email service providers (e.g. Microsoft Outlook/Exchange). We may also integrate with third-party payment gateways (like MEPS) or other services (for example, calendar systems or analytics tools). These third-party services are governed by their own terms and privacy policies, not by Medikan's terms. We provide these integrations for your convenience, but Medikan is not responsible for the acts or omissions of third-party providers or any downtime, data loss, or other issues attributable to those services. For instance, if an SMS fails to deliver or a WhatsApp message is delayed due to the third-party network, that is outside Medikan's control. By using these integrations, you acknowledge that you must comply with the third parties' rules (for example, WhatsApp's terms of use and applicable messaging laws). We may disable or change integrations if required by the third-party provider or by law.

Acceptable Use and Conduct

You and your users must use Medikan responsibly. You agree not to use the Service to violate any law or regulation (including healthcare privacy laws, spam communication laws, etc.). Prohibited conduct includes, for example: using the Service to send unlawful or unsolicited mass communications without proper consent, posting or transmitting any content that is illegal, harmful, or invasive of privacy, attempting to probe or hack our systems or networks, introducing viruses or malicious code, or impersonating any person or entity. You also agree not to use Medikan in a manner that could harm the Service or impair anyone else's use (for instance, no excessive automated queries or other behavior that burdens our infrastructure). We reserve the right to suspend or terminate your access (and that of any user) for any violation of this Acceptable Use Policy or these Terms, or to take other reasonable remedial action. We will try to give notice and work with you in case of suspected minor violations, but serious or repeated misconduct may result in immediate suspension to protect our platform and other users.

Data Ownership and Privacy

As between Medikan and you, you (the Subscriber clinic) own and control all of your “Subscriber Data”, which includes patient personal data, health records, appointment information, billing data, and any other information you or your users input into Medikan. You are considered the data controller or equivalent (e.g. “health information custodian” or “covered entity”) under privacy laws applicable to you, and you are responsible for complying with those laws in how you collect and use personal data in Medikan. This means, for example, you should obtain any necessary patient consents or legal authorizations before inputting their personal or health information into the system, and ensure that your use of that data is lawful. You represent and warrant that you have obtained all required permissions from individuals (patients or others) whose personal data you enter into Medikan, including consent to use communication features (e.g. sending them messages via WhatsApp/SMS/email) as applicable. Medikan will only process your Subscriber Data to provide the Service - i.e., to fulfill our obligations and exercise our rights under these Terms. In legal terms, Medikan acts as your “Data Processor” or “Business Associate” for patient data, while you remain the Data Controller. We will not access or use your patient data for any other purposes except as permitted in our Privacy Policy or your agreement (for example, routine back-ups, troubleshooting, or to aggregate/anonymize data for analytics as described below). We claim no ownership over your Subscriber Data. If you have specific data processing requirements under laws like GDPR or HIPAA, we offer a Data Processing Addendum/Business Associate Agreement (“BAA”) to govern our handling of personal health information. Our standard BAA (and/or any required Data Processing Agreement) is incorporated into these Terms by reference. We have executed a BAA with our hosting provider (Microsoft Azure) and similarly require any sub-processors to protect personal health data in compliance with HIPAA. In summary, we follow industry privacy standards and will sign the necessary agreements to help you meet HIPAA, GDPR, and other data protection obligations.

Use of De-Identified Data for Improvement and Research

Medikan may generate, use, and retain de-identified and aggregated data derived from Subscriber Data for the purposes of:

  • improving and enhancing the Service;
  • developing and training algorithms, including artificial intelligence and machine learning models;
  • producing industry benchmarks, analytics, and statistical reports; and
  • conducting, publishing, or contributing to healthcare research and innovation.
For clarity, “de-identified data” means data that has been stripped of all personal identifiers such that no individual patient or Subscriber can reasonably be identified, in accordance with applicable de-identification standards (e.g., HIPAA Safe Harbor or GDPR anonymization principles). Medikan will never use identifiable patient data for these purposes, and nothing in this section grants Medikan ownership of identifiable Subscriber Data. Clinics remain the owners of their Subscriber Data, but they grant Medikan a perpetual, irrevocable license to use de-identified and aggregated derivatives of such data for the limited purposes described above.

Data Security

We understand the sensitive nature of patient data and implement industry-standard security safeguards to protect Subscriber Data. All personal data is encrypted in transit (e.g. using HTTPS/TLS for data transfer) and at rest on our servers. We utilize reputable cloud infrastructure (such as Azure) with strong physical and network security certifications. Our safeguards include administrative measures (employee training, access controls limiting who can access data), technical measures (encryption, firewalls, regular security audits), and physical measures at data centers. Payment information is handled via PCI-compliant processors. However, you also have a role in security: you must protect your account credentials and use the security features available (for example, setting strong passwords and role-based access controls for your staff) to prevent unauthorized access. In the unlikely event of a data breach that affects your Subscriber Data, Medikan will promptly notify you and provide information on the breach and steps taken. We will also cooperate with you to meet any regulatory breach notification requirements. Please refer to our Privacy Policy for more details on how we protect data.

Data Retention and Export

During an active subscription, we will retain all your Subscriber Data to enable your use of the Service (we will not delete patient records unless you specifically delete them or ask us to, as clinics often require retaining medical records). You can export your data at any time through the tools provided or by requesting assistance. Upon termination or cancellation of your subscription, your account will be deactivated. We will maintain your data securely for a period of time to accommodate regulatory record-keeping requirements and in case you reactivate your account. While your account is deactivated, the data is stored in an isolated, secure manner and not processed except as needed for storage maintenance. You will not have online access to it, so be sure to export any needed data before canceling. If you need to retrieve data from a deactivated account, you may contact us. We may eventually delete personal data from terminated accounts in accordance with our data retention policy or at your request, provided that doing so is consistent with applicable law (for example, we may be required to retain certain transaction records for a number of years, or you as a healthcare provider may have legal obligations to retain patient records for a minimum period). We will also delete or return patient personal data upon request if required by law or our Data Processing Addendum with you. Refer to our Privacy Policy for more information.

Service Availability and Support

We strive to keep Medikan available 24/7, but we do not guarantee perfect uptime. There may be occasional maintenance downtime or interruptions beyond our control (such as Internet outages or issues with third-party providers). We will attempt to schedule maintenance during low-usage hours and inform you in advance when possible. You agree that Medikan is not liable for unavailability caused by factors outside our reasonable control (force majeure events, internet backbone issues, etc.). We provide support to Subscribers via email and/or phone (as described on our website or Help Center). You and your users should follow our instructions for reporting issues and cooperate in troubleshooting (for example, by providing error details or trying recommended steps). We may update the software periodically, and you may be required to use the latest version for optimal security and functionality. Significant updates or new features may be subject to additional terms or fees, but basic updates, bug fixes, and improvements are provided as part of your subscription.

Termination by Medikan

If you violate any material term of this Agreement (including non-payment of fees, misuse of the Service, or breach of privacy laws), we may suspend or terminate your access after providing notice and a reasonable opportunity to cure the breach (if curable). For example, if subscription fees are more than 30 days overdue and we have not agreed on a payment plan or received a dispute notice, we may suspend your account until payment is made, after giving at least 7 days prior notice of default. In cases of severe violations that pose immediate risk (such as a security threat or unlawful use), we may immediately suspend or restrict access without advance notice, though we will inform you as soon as possible and work with you on resolution if appropriate. Medikan may also terminate your subscription if we decide to discontinue the Service or a significant portion of it. In that case, we will provide you as much prior notice as is practical and refund any pre-paid fees for the remaining term. Termination of your account will include deactivation of access and may include deletion of your data as described in the Data Retention section.

Termination by Customer

You are free to terminate your subscription at any time by canceling via your account settings or by contacting us (see Cancellation Policy below for details on how to cancel). If you cancel, your account will remain active until the end of the period you paid for, and then it will be closed. Note that canceling your subscription means your auto-renewal stops, but you will not receive a refund for any unused portion of the current billing cycle, except in the event of our breach as described above. Simply uninstalling the app or stopping use does not terminate your financial obligations - you must explicitly cancel the subscription to stop recurring charges.

Effects of Termination

Upon any termination or expiration of your subscription, you must stop using the Service and we may disable your accounts. You remain responsible for all fees and charges incurred up to the effective date of termination. If this Agreement is terminated, whether by you or by us, sections that by their nature should survive (such as confidentiality, liability limitations, indemnification, and others) will remain in effect. We encourage you to export your data prior to termination. We are not obligated to maintain or provide any of your Subscriber Data after the retention period, except as required by law. If you require assistance transitioning data to an alternative platform upon termination, please contact us – we may provide data export support.

Disclaimer of Warranties: Medikan is provided “AS IS” and “AS AVAILABLE”

To the maximum extent permitted by law, we disclaim all warranties, express or implied, regarding the Service. This includes any implied warranties of merchantability, fitness for a particular purpose, title, non-infringement, or any guarantee that the Service will meet your requirements or achieve any particular results. We do not warrant that the Service will be uninterrupted, completely secure, or error-free. While we strive for accuracy, we do not guarantee that any information obtained through the Service (such as reports or analytics) is 100% complete or reliable. You assume full responsibility for your use of the Service, and you understand that any reliance on the Service is at your own risk. No oral or written information or advice given by Medikan or its representatives shall create any warranty. Some jurisdictions do not allow the disclaimer of certain warranties, so some of these exclusions may not apply to you to the extent prohibited by law.

Limitation of Liability

To the maximum extent allowed by law, Medikan's liability to you for any and all claims arising from your use of the Service or these Terms is limited to the amount you paid us in subscription fees in the 3 months immediately preceding the event giving rise to the claim. If you have not paid any fee (for example, if evaluating a paid account or during any free period), our liability is capped at USD $100 (or the equivalent in local currency). We will not be liable for any indirect, consequential, special, or incidental damages under any circumstances, to the fullest extent permitted by law. This exclusion includes any loss of profit, loss of business, loss of data, interruption of service, or the cost of procurement of substitute services, among other things. In no event will Medikan be responsible for any personal injury, or property damage, or any harm arising out of or related to the use of the Service or third-party products or services integrated with it. These limitations apply even if we have been advised of the possibility of such damages and even if a remedy fails of its essential purpose. Some jurisdictions do not allow exclusion or limitation of incidental or consequential damages, so certain limitations above may not apply to you. However, in such jurisdictions, our liability will be limited to the fullest extent permitted by law.

Indemnification

You agree to indemnify, defend, and hold harmless Medikan and its affiliates, officers, directors, employees, and agents from any and all claims, liabilities, damages, losses, and expenses (including reasonable attorneys' fees) arising out of or related to any third-party claim due to: (a) your or your users' misuse of the Service, (b) your violation of these Terms or of any applicable law or regulation, or (c) any content or data you (or your users) input into the Service, including any claim that such data infringes or violates third-party rights or that our processing of it according to this agreement violates any law. This means, for example, if a patient or any regulator sues Medikan because of something your clinic did (such as improper handling of patient data, sending messages without consent, or medical malpractice unrelated to our software), you will cover Medikan's costs and losses. We will notify you promptly of any such claim and cooperate in the defense; you may assume control of the defense provided you use qualified counsel and handle it diligently. Medikan reserves the right to participate in the defense with counsel of its choice at its own expense.

Confidentiality

In the course of using the Service, you may receive confidential information of Medikan (such as non-public technical, financial, or business information). You agree not to disclose Medikan's confidential information to any third party or use it for any purpose outside the scope of your use of the Service, for as long as it remains confidential. Likewise, we will treat your proprietary data and information as confidential and will not disclose it except as permitted by you, by these Terms (including the Privacy Policy/BAA), or as required by law.

Changes to Service

Medikan reserves the right to modify the Service (for example, by adding or removing features, or updating the user interface) at any time. We aim to improve the platform continuously and will try to avoid changes that materially reduce functionality during your subscription term. If we discontinue a core feature, we will notify you in advance. Your continued use of the Service after a modification indicates your acceptance of the changes. If you do not agree with a material change, your remedy is to stop using the Service and, if applicable, cancel your subscription.

Governing Law and Dispute Resolution

These Terms & Conditions are governed by the laws of the Hashemite Kingdom of Jordan, without regard to its conflict of laws principles. We and you agree that any disputes arising under or related to this agreement or the Service will be subject to the exclusive jurisdiction of the courts of Jordan. If you are based in another country (such as the United Arab Emirates or Saudi Arabia where we plan to operate), we will comply with any legal requirements to register our agreement under local law, but unless mandated otherwise, Jordanian law will still govern our relationship. Nothing in this section prevents either party from seeking injunctive relief in any appropriate jurisdiction for a claim of intellectual property infringement or confidentiality breach.

Severability; No Waiver; Assignment; Entire Agreement

Severability: If any provision of these Terms is held by a court of competent jurisdiction to be invalid or unenforceable, that provision will be enforced to the maximum extent permissible and the remaining provisions of the Terms will remain in full force and effect.

No Waiver: No waiver by Medikan of any breach or default by you under these Terms will be deemed a waiver of any preceding or subsequent breach or default. Our failure to enforce any right or provision in these Terms shall not constitute a waiver of such right.

Assignment: You may not assign or transfer these Terms or any rights or obligations hereunder without our prior written consent. Any attempted assignment by you without consent is void. Medikan may freely assign or transfer this agreement (for example, in the event of a merger or acquisition) without your consent. These Terms will bind and benefit the permitted successors and assigns of the parties.

Entire Agreement: These Terms & Conditions, along with any Order Form, BAA/DPA, Privacy Policy, and other policies or addenda referenced herein, constitute the entire agreement between you and Medikan regarding the Service, superseding any prior agreements or understandings (whether written or oral). In the event of a conflict between these Terms and a separately signed contract between you and Medikan, the terms of the signed contract will prevail.

Contact Information

If you have any questions about these Terms & Conditions, or need to provide any notice to Medikan pursuant to the agreement, please contact us at: support@medikan.net. Official notices should be sent in writing to our registered business address (as provided on our website or upon request). We will send notices to you via the email on your account or via the Medikan application, and it is your responsibility to keep your contact information current.

Back to top

Privacy Policy

Last Updated: August 2025
Introduction

Medikan (“we”, “us”, or “Medikan”) is committed to protecting the privacy of our users and their patients. This Privacy Policy describes how we collect, use, disclose, and protect personal information when you use the Medikan platform and related services (“Services”). It also explains your rights and choices regarding your personal information. By using Medikan, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Service.

Scope

This policy covers two categories of data subjects: (1) our direct customers and users (clinic staff, doctors, etc., collectively referred to as “Clients” or “Subscribers” of Medikan), and (2) patients whose information may be entered into Medikan by our Clients. For clarity, if you are a clinic or healthcare provider using Medikan, this policy addresses how we handle your business information and the personal data you input. If you are a patient receiving healthcare from one of our Client clinics, your healthcare provider remains responsible for your personal data; Medikan acts as a processing service on their behalf. In most cases, questions about patient data should be directed to the clinic that collected it, as they are the primary custodian of that data. However, we include details below on how we support our Clients in protecting patient privacy.

Definitions

In this policy, “Personal Information” means any information that identifies or relates to an identifiable individual. This includes obvious identifiers like names and contact details, and can include health information, account credentials, and other data when linked to an individual. “Subscriber Data” refers to the data that our Client clinics enter into Medikan, which may include Personal Information about patients, as well as information about clinic operations. “Processing” means any operation performed on personal data (such as collection, storage, use, disclosure). Other capitalized terms used but not defined here have the meanings given in the Terms & Conditions or applicable law.

Information We Collect
  • Account and Contact Information (Clients): When a clinic signs up for Medikan, we collect information about the clinic and its authorized users. This may include the clinic's name, address, phone number, professional license or registration details (if needed), and billing information. For each user account, we collect the user's name, work email, and contact details. This information is used to manage the account, provide access to the Service, communicate with you, and for billing purposes. We may also collect login credentials (such as usernames and hashed passwords) for authentication.
  • Patient Data (entered by Clients): In providing our Service, our Clients may input Personal Information about their patients into Medikan. This can include patient demographics (name, contact, date of birth, etc.), medical history and records, appointment details, treatment notes, billing and payment records, and communications with patients (e.g. messages or reminders sent). Medikan does not collect this patient data directly from individuals; it is provided by the clinics using our platform. We process this information strictly on behalf of our Clients for the purpose of providing the Service. Important: When patients interact with communications sent through Medikan (for example, replying to an appointment reminder via WhatsApp or email), some of their responses or data may be captured in the system and thus become Subscriber Data under the clinic's account.
  • Usage Data: We collect information about how the Service is accessed and used by Clients. This includes technical information like IP addresses, device type, browser type, operating system, and timestamps of access. It also includes activity logs such as actions taken in the platform (e.g. scheduling an appointment, sending a message) and usage frequency. Usage Data is typically linked to user accounts but in many cases is analyzed on an aggregated basis. We use this data to monitor system performance, audit logins for security, and to improve the user experience.
  • Communication Data: If you contact Medikan support or communicate with us (such as sending an email or using an in-app chat/help feature), we will collect the information you provide (contact info, the content of your communications, etc.). We keep these to assist you, resolve issues, and improve our services or documentation.
  • Cookies and Tracking: Our web app and website may use cookies or similar technologies to remember user preferences and authenticate sessions. For instance, when you log in, a secure cookie may keep you logged in during your session. We do not use third-party advertising cookies. We may use analytic tools to gather usage statistics, but any analytics are focused on service improvement and are not used to identify individuals for marketing. You can set your browser to refuse some cookies, but note that certain features of the Service might not function properly without cookies (like staying logged in).
Legal Basis for Processing (where applicable, e.g., GDPR)

(for GDPR-covered regions) If you are in a jurisdiction that requires a legal basis for processing personal data, the following bases apply: - For our direct customers and website visitors, we process Personal Information as necessary to perform our contract with you (the Terms of Service) and to provide you with the Services you requested. We also process certain data to comply with legal obligations (e.g. financial records for tax) or based on our legitimate interests in maintaining and improving our Services (for instance, using aggregated usage data to enhance functionality), balanced against your rights. - For patient data that our Clients input, Medikan acts as a data processor. The legal basis is determined by our Clients (the data controllers). Generally, the clinic has obtained consent from the patient or has another valid legal basis (such as providing healthcare services) to collect and process the patient's data, and Medikan is processing that data under the clinic's instructions in accordance with our contract (Terms & Conditions and Data Processing Agreement). Medikan's role is to ensure that such processing is secure and in line with the agreed purposes (clinic management and related services).

How We Use Information

We use the collected information to operate Medikan's core functionalities - for example, using patient information to populate appointment schedules, send reminders or outreach messages, record clinical notes, and process billing. We also use data to troubleshoot, protect against errors, and improve features. For instance, we might analyze common user actions to refine the user interface, or review error logs to fix bugs. - Communication: We use your contact information (email, phone) to send administrative and account-related messages to our Clients. This includes billing invoices, alerts about important service updates, changes to terms or policies, and customer service responses. We may also send you newsletters or product announcements if you have opted to receive them, but you can unsubscribe from those marketing communications at any time. Note that we will still send critical notices regarding your account or security even if you opt out of non-essential emails. - Compliance and Security: We may use data as necessary to comply with applicable laws and enforce our terms. This includes using certain data to prevent fraud, resolve disputes, or assist in an investigation (for example, logging access to patient records to monitor for unauthorized access). If required by law (such as a lawful subpoena or court order), we may have to disclose certain information to authorities - see “Disclosure” below. - Aggregated Data and Analytics: We may anonymize or de-identify personal data to generate aggregated statistics or insights. For example, we might compile statistics on system usage or general health trends (like the most common appointment types across all clinics) in a way that does not identify any individual clinic, user, or patient. Such aggregated data helps us understand how the Service is used and can inform improvements. We may share aggregated, non-identifiable information publicly or with third parties (for example, in marketing materials or research reports) but we ensure it contains no personal identifiers.

De-Identified Data, AI, and Research

In addition to the uses described above, Medikan may process de-identified and aggregated information for the following purposes:

  • Service Improvement: to refine system performance, enhance user experience, and maintain high reliability.
  • AI & Machine Learning: to train and optimize algorithms that support features such as scheduling, reminders, analytics, and clinical workflow automation.
  • Healthcare Research: to conduct or contribute to medical, scientific, or operational research, which may be published or shared publicly, provided that such outputs will never contain patient-identifying information.
All such use will involve only data that has been irreversibly anonymized so that no patient, clinic, or individual can reasonably be re-identified.

How We Disclose Information

To Our Service Providers (Subprocessors): Medikan uses trusted third-party companies to support the provision of our Services. These include data hosting providers (e.g. Microsoft Azure), email and communication service providers (e.g. Microsoft Outlook for sending emails, WhatsApp's API provider for messaging), payment processors (MEPS for handling credit card transactions), and other IT or security services. These third parties only process Personal Information under our instructions and for the purposes of operating the Service - for example, storing data, sending out communications, or processing payments on our behalf. We perform due diligence on our vendors and have contracts in place (including BAAs or GDPR-compliant Data Processing Agreements where applicable) requiring them to protect personal data with high standards of security and confidentiality, consistent with this Privacy Policy. - Within a Subscriber's Organization: If you are an individual user (e.g. a doctor or receptionist) within a clinic that is a Medikan Subscriber, some of your personal data (like your name, work email, actions in the system) may be visible to others in your organization as needed for using the Service. For example, users in the same clinic account can see each other's calendar entries or activity logs related to patient care. This is controlled by the roles and permissions set by the clinic. - Legal Compliance and Protection: We may disclose Personal Information to third parties (such as courts, law enforcement or regulators) if we believe that disclosure is reasonably necessary: (i) to comply with any applicable law, regulation, legal process or governmental request; (ii) to enforce our Terms & Conditions, including investigation of potential violations; (iii) to detect, prevent, or otherwise address fraud, security or technical issues; or (iv) to protect the rights, property, or safety of Medikan, our users, patients, or the public. We will only share the minimum amount of information necessary and will, if lawful, inform the Subscriber of any such requests. - Business Transfers: If Medikan is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be transferred as part of that transaction. In such cases, we will ensure the successor adheres to similar privacy commitments or we will notify you and give you an opportunity to opt-out or delete your data before the transfer, if required by applicable law. - With Consent: We will disclose your personal information to other third parties only with your consent or at your direction. For instance, if you integrate Medikan with another application and allow data sharing, we will share data with that app at your request. Or if we ever want to use a quote or success story that identifies you in marketing, we would seek your explicit permission.

Patient Health Information and Privacy

Because Medikan is often used to store patient health information, we are very mindful of privacy obligations like HIPAA (Health Insurance Portability and Accountability Act in the U.S.) and relevant local healthcare privacy laws in Jordan, UAE, KSA, etc. If you are a patient, please note that your healthcare provider (the clinic using Medikan) is responsible for obtaining your consent and handling your health information privacy. Medikan acts as a service provider to your clinic, similar to an electronic medical record system. We follow the privacy and security policies of the clinic and applicable healthcare privacy laws when processing your data. We have signed BAAs with our U.S. customers as required by HIPAA, which contractually bind us to safeguard Protected Health Information (PHI). We do not use patient data for any purpose other than to provide services to the clinic and as permitted by the clinic (such as de-identified analytics if allowed). We do not sell patient personal data or use it for marketing. If you are a patient and have questions about data in Medikan, you should contact your clinic. However, you can also reach out to us at our privacy contact (below), and we will assist in forwarding or addressing your concerns in cooperation with your provider.

Data Security Measures

We employ a variety of security measures to protect personal information from unauthorized access, alteration, disclosure, or destruction. These include: - Encryption of data in transit (TLS encryption for all network communications) and encryption of data at rest in the database and backups. - Strict access controls: only a limited number of authorized personnel at Medikan (who undergo background checks and training) can access customer data, and only for legitimate operational reasons. Access to production systems requires multi-factor authentication and is logged and audited. - Network security: firewalls, intrusion detection systems, and routine vulnerability scanning are in place. We isolate each customer’s data logically to prevent any crossover. - Regular security assessments and compliance: We periodically test our applications for security vulnerabilities and remediate any findings promptly. We also maintain compliance with industry standards and regulations (for instance, our infrastructure on Azure meets relevant certifications and we adhere to HIPAA security rule guidelines). - Organizational policies: Our staff are trained on confidentiality and data privacy. We have incident response plans for handling security events. While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee absolute security. However, in the unlikely event of a data breach affecting Personal Information, we will notify affected Clients without undue delay and provide information on the breach and steps taken, as required by law and our agreements.

International Data Transfers

Medikan is based in Jordan, and our primary servers are currently located in secure data centers within Europe. However, some of our service providers may be located in other countries (for example, our use of Microsoft Azure and other services might involve servers in the EU or the US). If you are using Medikan from a country outside of where our servers are, be aware that your personal data may be transferred across international borders. For example, if we have users in the UAE or KSA, their data might still be processed on servers in another country. We ensure that appropriate safeguards are in place for cross-border data transfers. For instance, for personal data originating from the European Economic Area (EEA) or other regions with data export restrictions, we will employ measures such as the European Commission's Standard Contractual Clauses (SCCs) or rely on adequacy decisions where applicable, to ensure lawful transfer and protection of data equivalent to local standards. By using the Service, you understand that your information may be transferred to and stored on servers in countries different from your own, which may have different data protection rules. However, our handling of your information will always be governed by this Privacy Policy and, if you are a client, our Data Processing Agreement with you, regardless of location.

Retention of Data

We retain Personal Information only as long as necessary to fulfill the purposes for which it was collected, or as required by your subscription or applicable law. For clients, as noted earlier, we generally keep your Subscriber Data for the duration of your subscription. If you cancel the Service, we may retain your data in inactive form for a defined retention period (e.g. [X] years) in case you reactivate or need a copy for compliance reasons. We also may retain certain data after account deletion if required for legitimate business interests such as resolving disputes or keeping records of financial transactions (but we will not use patient data for any new purposes after termination). When data is deleted, we will ensure it is securely and permanently erased from our systems, except for any archival backups which will be retained for a limited time until they naturally expire and are overwritten.

Your Rights and Choices

Depending on your jurisdiction and role (client user vs patient), you may have certain rights regarding your personal data: - Access and Correction: You may access and update the account information you have provided to Medikan at any time by logging into your account settings. If you are a patient looking to access or correct your medical information stored in Medikan, please contact your healthcare provider (the clinic). We assist our clinics in responding to such requests as needed. - Data Portability: You can export your data from Medikan using built-in tools (for example, exporting a list of patients or records) at any time during your subscription. If you require a full data export or a specific format, contact us and we will work with you. Patients should request their data through their provider, and we will help facilitate as per our contract with the provider. - Deletion: As a client, you may request deletion of certain data (for example, deleting a patient record if allowed by law). We enable deletion of records through the interface, but note that deleting data may impact your ability to use the Service or meet regulatory obligations. If you terminate your subscription, you may request that we delete all personal data after a certain retention period; we will comply provided it's not data we are required to retain. If you are a patient, again the request for deletion should go to your clinic; if they instruct us to delete data (or if required by law), we will do so and confirm with them. Keep in mind that medical providers might have legal duties to keep health records for a minimum time. - Objection or Restriction: In certain jurisdictions, you can object to or ask us to restrict processing of your personal data (for example, you might ask us to stop using your contact info for marketing). For our direct clients, you can manage some preferences in your account or by contacting us. For patients, since Medikan itself does not send you marketing or use your data except as a processor for your clinic, such concerns would normally be handled by your clinic. We will, of course, abide by any applicable laws like GDPR if they require us to accommodate an objection or restriction request directed to us. - Consent Withdrawal: If we rely on consent for processing any data (for instance, if you explicitly consented to a new feature or to receive a newsletter), you have the right to withdraw that consent at any time. This will not affect any processing already done but will stop future processing of the data for that purpose. To withdraw consent for something Medikan is doing, you can adjust your settings or contact us. For patients, if you gave consent to your clinic for your data to be used in Medikan and you wish to withdraw it, please inform your clinic. If they inform us to cease processing or delete your data, we will comply. - Non-Discrimination: Medikan will not discriminate against any individual for exercising their privacy rights. Our service access and pricing remain the same regardless of such requests (though certain deletions might render us unable to continue providing service, in which case we'd communicate with the client about account closure if needed). Please note: If you are a user in certain regions (like California or the EEA), additional rights may apply under laws such as the California Consumer Privacy Act (CCPA) or GDPR. We will honor those rights as applicable. For example, California residents can request a list of personal information collected and request deletion (subject to the limitations noted above). EU residents have the right to lodge a complaint with a Data Protection Authority if they believe we have violated data protection laws.

Children's Privacy

Medikan is not directed to children under 18 for direct use. Clinics may enter data of minors as patients, and in those cases it is the clinic's responsibility to have obtained parental consent as needed and to handle that data according to law. We treat all patient data with high security regardless of age. If we become aware that we have directly collected personal information from a child under 13 (for example, if a child somehow attempted to sign up on our website, which is unlikely in our B2B model), we will take steps to delete that information.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make material changes, we will notify our Clients via email or through the Service, and update the “Last Updated” date at the top. We encourage you to review this Policy periodically. Your continued use of Medikan after any update signifies your acceptance of the revised Policy. If you do not agree to the changes, you should stop using the Service and, if you are a client, may cancel your account.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: privacy@medikan.net. We will be happy to answer your questions or address any concerns. If you are a patient and contact us directly, we may need to direct you to your healthcare provider for certain requests, but we will assist in any way we can to ensure your privacy is respected.

Back to top

Refund Policy

At Medikan, we want our customers to be satisfied, but we also want to be transparent about our no-refund policy for subscription fees. Please read this Refund Policy carefully to understand how payments and refunds are handled.

No Automatic Refunds on Subscriptions

Once you subscribe to a Medikan plan (monthly or annual), you will be charged the subscription fee upfront for the entire billing period, and we do not offer refunds for that period if you decide to cancel or stop using the Service mid-term. For example, if you purchase an annual plan and discontinue using Medikan after a few months, the unused portion of the year will not be refunded. Similarly, monthly fees are not prorated if you cancel partway through a month – your cancellation will take effect at the next renewal (see Cancellation Policy below).

Free Trial

Medikan currently does not offer a free trial. All subscriptions are paid from the start (this ensures we can fully commit our resources to paying customers). Because there is no free trial period, please ensure that Medikan meets your clinic’s needs before subscribing. We are happy to provide a demo or answer any questions pre-purchase. Once you subscribe, the no-refund policy will apply.

Exceptional Circumstances

While our general policy is no refunds, we do reserve the right to consider exceptions in extraordinary situations. This could include billing errors (if you were accidentally charged in error or charged twice, of course we will correct that and issue a refund as needed), or other situations as required by consumer protection law. If you believe you have a compelling reason for a refund, you can contact our billing support at billing@medikan.net, and we will review the request on a case-by-case basis. However, note that except as required by law or explicitly promised here, subscription purchases are final.

Provider-Initiated Termination

In the event that Medikan terminates your subscription without cause (for example, if we decide to discontinue the Service entirely, or if we find that we cannot support your clinic for reasons not due to your breach), then we will refund any fees you prepaid for the period after the termination effective date. Similarly, if you terminate your subscription early due to a proven material breach of these Terms by Medikan (and we are unable to cure the breach), we will refund the unused portion of your prepaid subscription. These are the primary scenarios where refunds would be issued.

Customer-Initiated Cancellation

If you cancel your subscription (without any fault on Medikan's side), the cancellation will be effective at the end of your current billing cycle, and no further charges will be made. However, the period you already paid for will not be refunded - you will retain access to the Service until the cycle ends, at which point your account will be closed. By way of illustration, if you cancel a yearly subscription 6 months in, you will still have access for the remaining 6 months, but you will not receive a refund for those remaining months since they were part of the committed annual term.

How to Request a Refund

Because of the above policy, typical refund requests (change of mind, no longer need the service, etc.) will not be granted. If you have an issue with billing or think an error has occurred, please reach out to us at billing@medikan.net. Our team will investigate the matter promptly. If a mistake is found on our end (for instance, you were double-billed or charged after you timely canceled), we will of course issue a corrective refund. Approved refunds will be credited back to the original payment method whenever possible, or via an alternative method we mutually agree upon.

Chargebacks

We recognize that sometimes customers might be tempted to contact their bank or credit card and initiate a chargeback for a subscription charge. We encourage you to contact us first to resolve any billing issues. Unwarranted chargebacks for valid subscription charges are generally against the terms of this agreement and our payment terms. We reserve the right to dispute unfounded chargebacks and to terminate accounts that engage in fraudulent chargeback activity. That said, if a chargeback is granted by your bank in a situation that should have been a valid refund under our policy, we will treat it as a resolved refund for our internal accounting.

Changes to Refund Policy

Medikan may update or change this Refund Policy in the future. If we do so, we will notify active subscribers (for example via email or in-app notification) and update the policy on our website, including the effective date of the changes. Changes will not apply retroactively. If you do not agree with the modified policy, you should stop using the Service and may cancel your subscription as per the Cancellation Policy.

By subscribing to Medikan, you acknowledge that you have read and agree to this Refund Policy. We thank you for understanding the need for this policy, as it allows us to maintain consistent service quality for all customers. If you have any questions about our refund practices, please contact our support team.

Back to top

Cancellation Policy

We understand that circumstances can change for your clinic, and you might need to cancel your Medikan subscription. This Cancellation Policy explains how to cancel, when cancellation takes effect, and what steps to take regarding your data when canceling.

How to Cancel Your Subscription

You can cancel your Medikan subscription at any time. To initiate cancellation, please follow these steps: - In-App Cancellation: Log in to your Medikan account with an administrator or account owner credentials. Navigate to the “Billing” or “Subscription” section of the account settings. There you should find an option to Cancel Subscription. Follow the on-screen prompts which will guide you through the cancellation process. You may be asked to confirm the cancellation and acknowledge that you understand it will be effective at the period's end (since no refunds for the current period). - Alternate Method: If you are unable to cancel via the app (for example, if you have any issues with access), you may cancel by contacting our support team in writing. Send an email to billing@medikan.net or support@medikan.net from the email associated with the account owner, stating that you wish to cancel and including identifying details of your account (clinic name, etc.). Our team will process the cancellation for you and send a confirmation.

We will send you a confirmation email once your cancellation request has been processed. Please retain this confirmation for your records. If you do not receive confirmation within a reasonable time, contact support to ensure the cancellation request was received.

Cancellation Effective Date

When you cancel, your subscription will remain active until the end of your current billing cycle. You will not be billed again after cancellation. For example: - If you cancel a monthly subscription on the 15th and you've already paid for that month until the 30th, you will continue to have access to Medikan until the 30th. On the 1st of the next month, your account will not be charged and will be deactivated. - If you cancel an annual subscription halfway through, you keep access until the full year from your last payment is complete. No new annual renewal will be charged.

There are no early termination fees for canceling; you simply won't get a refund for the remaining period (see Refund Policy above). We maintain your access for the paid term so you can wrap up any pending work and export data.

Automatic Renewals

By default, Medikan subscriptions auto-renew. If you do not want to continue for the next term, you must cancel before the renewal date. We recommend canceling at least a few days before your renewal date to ensure the cancellation is processed in time (especially if done via support email). If you forget to cancel and a renewal charge occurs, contact us immediately - we may, at our discretion, provide a remedy if the cancellation request comes very shortly after renewal. However, we are not obligated to refund renewal charges if the cancellation request was made after the renewal. Mark your calendar for the renewal date to avoid unwanted charges.

Access After Cancellation

After the end of your paid period, your account will be deactivated. This means: - Users will not be able to log in or use the Medikan application. - Any integrations (WhatsApp messaging, email, etc.) will cease functioning for your account. - We recommend that before your access ends, you inform your staff (and possibly patients, if they use any portal) about the transition to avoid confusion.

If you have canceled in advance (e.g., canceled on day 10 of a monthly term to stop next month), you can continue to use the Service normally until the term ends. Use this time to prepare for the transition.

Data Retention and Export

Medikan provides tools to export important data such as patient lists, appointment calendars, invoices, and medical records. Please consult our Help Center or contact support for guidance on exporting data. Once your account is deactivated, you will not be able to retrieve data through the application. - We will retain your Subscriber Data for a period of time as described in our Terms & Conditions and Privacy Policy (e.g., to meet legal record-keeping requirements or in case you reactivate your subscription). During this retention period, your data is secure but inaccessible to you without special arrangements. - If you need to access data from a canceled account, you can contact us. We may be able to provide a one-time data export or assist in reactivating the account for a short window so you can retrieve information, subject to verification of authority. Note that after the standard retention period, data may be deleted and irrecoverable. - If you require us to delete all your data upon cancellation (and if applicable law permits deletion at that time), the account owner can send a written deletion request. We will then permanently erase personal data associated with your account (except for any data we must keep for legal reasons like invoices) and confirm once completed. Be aware that once deleted, data cannot be restored, so make sure you have everything you need before requesting deletion.

Outstanding Balances & Downgrades

If at the time of cancellation there are any unpaid fees (for example, a past due amount), you are still responsible for settling those. Canceling stops future renewals, but it does not waive any amounts owed for past services. We may contact you or take appropriate actions to collect overdue payments even after cancellation, as per our Terms.

If you are canceling in order to switch to a different plan (for instance, from annual to monthly, or to a different tier), please contact our support. In many cases, we can accommodate a plan change without fully canceling your account (avoiding service interruption). But if you do proceed with cancel-and-resubscribe to change plans, treat it as a regular cancellation regarding data export and then starting a new subscription.

Reactivation & Support After Cancellation

If you change your mind after canceling, you may be able to reactivate your subscription within a certain timeframe. Contact us and we will advise. If your data is still retained, reactivation could restore your account as it was. If data has been deleted or too much time has passed, you might need to start with a fresh account. We cannot guarantee data restoration after a long period post-cancellation.

Once your subscription ends, routine support will also cease since you will no longer be a subscriber. However, you can still contact us for matters like data retrieval (as described) or if you need confirmation of account status. We value our former customers and will assist with reasonable requests even post-cancellation, but active product support is only for current subscribers.

Changes to Cancellation Policy

We may update our cancellation procedures or terms over time. Any changes will be reflected in this policy document. If changes are significant or affect how your cancellation is handled, we will notify active customers (for example, if we introduced a new required notice period – currently we do not, but if we did in the future, we’d let you know ahead of time). Always feel free to reach out to us if you have questions about canceling your service.

We hope you found Medikan valuable for your clinic. If you decide to cancel, we appreciate your trust thus far and would welcome any feedback on why you’re leaving or how we can improve. Thank you for using Medikan, and we are here to help make your cancellation process as clear and smooth as possible.

Back to top