FeaturesPricingSecurityFAQ
Log InFree Sign Up

Privacy Policy

Last updated: March 1, 2025.

1. Data Controller

This Privacy Policy describes the data processing practices of the PRAXINGO platform. The data controller is:

  • Company name: WebSoft Tecnologies Hungary Kft.
  • Registered office: 1037 Budapest, Korongozó utca 13.
  • Tax number: 27926323-1-41
  • Company registration number: 01-09-357332
  • Data protection contact: hello@praxingo.com

2. Legal Bases for Data Processing

Data processing is carried out on the following legal bases:

  • GDPR Article 6(1)(b) — performance of a contract: data processed for registration and provision of the service;
  • GDPR Article 6(1)(a) — consent: marketing communications, newsletter delivery;
  • GDPR Article 6(1)(f) — legitimate interest: service improvement, maintaining security, technical troubleshooting.

Regarding the special (health-related) data of the user's clients:

  • GDPR Article 9(2)(h): the legal basis for health-related data processing, the provision of which is the responsibility of the therapist as an independent data controller.

3. Scope of Processed Data

User (therapist) data:

  • Name, email address (registration)
  • Billing information (name, address, tax number)
  • Account settings, preferences

Client data (end-to-end encrypted):

  • Client name, contact information, personal data
  • Therapy notes, diagnoses, treatment plans
  • Appointment history

Important: Client data is protected by end-to-end encryption (E2EE). WebSoft Tecnologies Hungary Kft. cannot access, read, decrypt, or share the content of encrypted data with any third party.

Technical data:

  • IP address, browser type and version
  • Operating system, device type
  • Cookies and session identifiers
  • Usage statistics (anonymized)

4. Purposes of Data Processing

  • Service provision: operating the platform, managing user accounts
  • Billing: issuing electronic invoices and fulfilling accounting obligations
  • Customer support: handling inquiries and complaints
  • Development: improving service quality, troubleshooting (based on anonymized data)
  • Marketing: only with the user's prior, explicit consent

5. Data Processors

We use the following data processors for the provision of our service:

  • Supabase Inc. — cloud infrastructure and database service (EU region)
  • Billingo / Számlázz.hu — online invoicing (at the user's choice)
  • Google LLC — calendar synchronization (Google Calendar, optional integration)

Data processing agreements in accordance with GDPR Article 28 are in effect with all data processors.

6. Encryption

PRAXINGO applies client-side end-to-end encryption (E2EE) for sensitive client data. Encryption and decryption occur exclusively on the user's device. WebSoft Tecnologies Hungary Kft.'s servers only store encrypted data, which neither WebSoft Tecnologies Hungary Kft. nor any third party can decrypt.

Recovery Key Responsibility

The recovery key required to access encrypted data is solely in the user's possession. If the user loses this key, the recovery of encrypted data is technically impossible. WebSoft Tecnologies Hungary Kft. assumes no liability for this.

7. Data Storage Location and Retention

Storage location:

All data is stored on servers located within the European Union.

Retention periods:

  • Active account: data is stored for the duration of the account
  • After account deletion: 30-day grace period (with data export option), followed by permanent deletion
  • Billing data: retained for 8 years under the Hungarian Accounting Act (Act C of 2000)
  • Technical log data: retained for a maximum of 90 days

8. Data Subject Rights (GDPR Articles 15–22)

Users have the following rights regarding their personal data:

  • Right of access (Article 15): request information about processed data
  • Right to rectification (Article 16): correction of inaccurate data
  • Right to erasure (Article 17): request deletion of data (“right to be forgotten”)
  • Right to restriction (Article 18): request restriction of data processing
  • Right to data portability (Article 20): receive data in a machine-readable format
  • Right to object (Article 21): object to data processing based on legitimate interest

To exercise your data subject rights, please contact us at hello@praxingo.com.

Right to lodge a complaint: if you believe our data processing is unlawful, you may file a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH):

  • Address: 1055 Budapest, Falk Miksa utca 9–11.
  • Website: www.naih.hu

9. Cookies

We use cookies necessary for the operation of the platform as well as analytical cookies. For a detailed description of the types, purposes, and management of cookies, please refer to our Cookie Policy.

10. Health Data Processing

The therapist using the PRAXINGO platform is considered an independent data controller with respect to the health (special category) data of their clients. WebSoft Tecnologies Hungary Kft. acts exclusively as a data processor regarding such data.

The obligations under the Hungarian Health Care Act (Act CLIV of 1997) and the regulations on health data processing (Act XLVII of 1997) — including patient information, obtaining consent, and documentation retention obligations — are the responsibility of the therapist as the data controller.

11. Amendments

WebSoft Tecnologies Hungary Kft. reserves the right to amend this Privacy Policy. Users will be notified of material changes via email and in-platform notifications. The amended policy takes effect on the date of publication.

12. Contact

For privacy-related questions or requests, please contact us at: hello@praxingo.com