SOS DOCSOS DOC

Menu

HomeServicesDirectoryDuty PharmaciesPartnershipsBlogContact

Privacy Policy

This policy explains how SOS DOC collects, uses, secures, and discloses personal data when you use our website, emergency coordination channels, and medical-at-home request services in Morocco.

Last updated: March 22, 2026

This document is written for operational compliance and transparency. It does not replace individualized legal advice; final legal validation should be performed by Moroccan counsel before production launch.

1. Data Controller and Contact

SOS DOC Maroc ("SOS DOC") acts as data controller for the processing described in this policy.

Contact: [email protected] | +212 614 370533.

2. Applicable Legal Framework in Morocco

Our processing is designed to align with Moroccan legal requirements, particularly Law 09-08 on personal data protection, and where relevant consumer and e-commerce obligations under Law 31-08 and Law 53-05 (as updated).

3. Data We Collect

  • Identity and contact data: name, phone number, email, city, language preference.
  • Service request data: symptoms summary, urgency indicators, preferred contact channel, timing.
  • Operational metadata: timestamp, source page, campaign attribution when consent is provided.
  • Technical data: IP-derived diagnostics, device/browser metadata, cookie/consent state.
  • Corporate inquiry data: company name, role, business contact details, partnership scope.

4. Purposes and Legal Bases

  • Provide emergency triage and care coordination requested by the user.
  • Manage communication, follow-up, quality, safety, and fraud-prevention controls.
  • Comply with applicable legal or regulatory obligations.
  • Measure website/service performance using analytics only within consent settings.
  • Run paid-media conversion reporting only for eligible ad-origin sessions and only within consent settings.

5. Sensitive Health Data

Health-related information is treated as sensitive data. We process only what is necessary for triage, coordination, and continuity of care support, using strict access control and need-to-know principles.

Where Moroccan law requires prior formalities or authorization (including CNDP procedures), processing and transfers are handled accordingly before deployment.

6. Recipients and Processors

  • Authorized SOS DOC operations and medical coordination staff.
  • Partner healthcare professionals/entities involved in fulfilling your request.
  • Contracted technology providers acting under data-processing instructions.
  • Authorities and regulators where legally required.

7. International Transfers

Cross-border transfers, when necessary, are handled under Moroccan rules governing international transfers of personal data, including adequacy, explicit consent, legal necessity exceptions, and/or CNDP authorization where required.

Transfers are minimized and protected by contractual and organizational safeguards.

8. Retention

  • Service-request records are retained only for the period necessary to handle care coordination and related support.
  • Evidence and accounting/compliance records may be retained longer where legal obligations apply.
  • At end of retention, records are deleted, anonymized, or archived under controlled access.

9. Your Rights

Under Moroccan data-protection law, you may request access, rectification, erasure where applicable, and objection for legitimate reasons, including objection to direct marketing.

You can exercise rights via [email protected]. If unresolved, you may file a complaint with CNDP through its official process.

10. Cookies, Analytics, and Advertising

  • Strictly necessary cookies are used for core site operation and security.
  • Analytics and ad measurement are run only based on your consent choices.
  • Consent preferences can be changed at any time through the site consent controls.
  • If consent is denied or withdrawn, non-essential tracking/conversion signals are disabled.

11. Security Measures

  • Role-based access restrictions and credential hygiene.
  • Transport security and protected infrastructure configurations.
  • Logging/monitoring with controlled retention and incident response procedures.
  • Periodic quality controls on data accuracy and minimization.

12. Policy Changes

We may update this policy when legal, technical, or operational conditions change. The latest version and effective date are always published on this page.

Official references

Legal contact: [email protected]

WhatsApp 24/7Call