Privacy Policy

doccs B.V., located at Groenmarkstraat 37 in Utrecht, is responsible for the processing of personal data as shown in this privacy statement.

Contact details:

doccs B.V.
Merijn Stouten is the Data Protection Officer of doccs and can be reached via

Personal data that we process

doccs processes your personal data because you use our services and / or because you provide them yourself.

Below you will find an overview of the personal data that we process:

  • First and last name
  • Sex
  • Date of birth
  • Birthplace
  • Address data
  • Telephone number
  • E-mail address
  • Special and / or sensitive personal data that we process.

doccs processes the following special and / or sensitive personal data of you:

  • Citizen Service Number (BSN)

For what purpose and on what basis we process personal data

doccs processes your personal data for the following purposes:

  • doccs processes personal data because we are legally obliged to do so. According to the “Supplementary Provisions for the Processing of Personal Data in Healthcare Act”, doccs must use the BSN for identification of a patient and for the exchange of data between healthcare providers, indication bodies or health insurers.
  • doccs processes the personal data first name, last name, date of birth, email address and mobile number to execute an agreement. The doccs app is part of your registration with our GP practice.

How long do we keep personal data

doccs does not store your personal data longer than is strictly necessary to achieve the purposes for which your data is collected, after which your data will be deleted or anonymized in such a way that it can no longer be traced back to you.

When your data is part of a treatment procedure, we will keep your data for a minimum of 15 years (the mandatory minimum retention period for medical records).

These retention periods apply unless laws and regulations require a different minimum or maximum period under specific circumstances. After the retention period has expired, your data will actually be deleted or anonymised in such a way that they can no longer be traced back to you.

Sharing of personal data with third parties

doccs only provides to third parties and only if this is necessary for the execution of our agreement with you or to comply with a legal obligation.

This means that we need your consent to provide your personal data, unless

  • it concerns the breach of the obligation of confidentiality on the basis of a statutory provision;
  • when there is a serious danger to your health or that of a third party;
  • if necessary, must be exchanged orally, in writing or digitally with other healthcare providers (for example, the pharmacist or your attending medical specialist).
  • If you have given permission for this, doccs will exchange relevant medical data safely and reliably with the GP post (hap) via the national switching point (LSP). If you have been on the bite in the evening or at the weekend, the latter in turn shares an observational message with the general practice.


All doccs employees who might have access to medical data and personal data have been screened by means of a VOG and have signed a confidentiality agreement.

How we protect personal data

doccs takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. If you have the impression that your data is not properly secured or there are indications of abuse, please contact our customer service or via

doccs organizes the information security of the app with end-to-end encryption. Chats are sent encrypted. The doccs app meet the European requirements set by law for the protection of personal data.

View, modify or delete data

You have the right to view, correct or delete your personal data. You also have the right to withdraw your consent to the data processing or to object to the processing of your personal data by doccs and you have the right to data portability. This means that you can submit a request to us to send the personal data that we have about you in a computer file to you or another organization mentioned by you.

You can send a request for access, correction, deletion, data transfer of your personal data or request for cancellation of your consent or objection to the processing of your personal data to

To ensure that the request for access has been made by you, we ask you to send a copy of your ID with the request. Make your passport photo, MRZ (the strip with numbers at the bottom of the passport), passport number and citizen service number (BSN) black in this copy. This is to protect your privacy. We will respond to your request as soon as possible, but within four weeks.


doccs would like to point out that you have the opportunity to file a complaint with the national supervisory authority, the Dutch Data Protection Authority. This can be done via the following link: