Confrere (the responsible body) lets you make video calls through a web browser on any modern web-enabled device. Confrere is best suited for video calls between a professional (such as a doctor or a lawyer) and a client.
Confrere makes it easy for professionals and clients to meet over video. In such meetings, confidential information is exchanged, and we are adamant about safeguarding you and your data. Confrere is both GDPR (EU/EEA) and HIPAA (USA) compliant and following the privacy and security requirements of regulations such as the Norwegian health sector regulation Normen. We comply with NEN 7510 (NL) and Appendix 31b of the German Federal Contract - Physicians (information security in video consultations).
This privacy notice applies to you, whether you are just browsing on our website, visiting a professional’s Confrere, joining a call as a visitor, or offering video calls through your Confrere account. We collect data about you several times: when you visit our website, ask a question or contact us, participate in a call or sign up for an account. If you believe we ask for more data than needed or in some other way act unethically or in a way that is not transparent, please contact us with your concerns.
We do not have access to the video calls made via Confrere: no one has access except for participants in the call. Thus it follows that we do not record or store the video calls. Read more about end-to-end encryption.
When you join a video call as a visitor, you do not go through a sign-up process nor create a Confrere account. We do not collect health information about you or other sensitive data.
When you show up for your call, you fill out a form where you might enter your:
This data is displayed on the professional’s dashboard (with the exception of complete payment details), along with information about the date and length of the call. In addition, we store some technical information about the network quality and which actions were made in the call (screen sharing, muting, and camera permissions), for troubleshooting reasons.
The legal basis for this processing is your consent, cf. GDPR art. 6 (1) item a.
No one can access this information other than the professional, any third-party integrations that the professional has connected to Confrere (most commonly an electronic health record system), or Confrere engineers with security clearance. Their access to this data is secure and logged. We store this information in our database in AWS. Data is automatically deleted after a period of time determined by each individual Confrere organization. Our provider for BankID and NemID (Scandinavia only) is Criipto.
We retain this data for 3 months unless otherwise specified by the professional organization. Data retention can be set to as little as 1 day by the individual Confrere organization.
The legal basis for this processing is your consent, cf. GDPR art. 6 (1) item a.
Though we know that the calls you have joined have happened and with whom, we do not structure and save sets of data about visitors and their calls.
Payment details are handled by Stripe. In order to provide support, some Confrere employees have access to partial information about credit card transactions, and their access to this data is secure and logged. Transaction data is stored for 5 years.
The legal basis for this processing is your consent, cf. GDPR art. 6 (1) item a. The legal basis for the retention of transaction data is legal requirement, cf. GDPR art. 6 (1) item c.
In case you require technical support in connection with your call, we enable the chat tool Intercom. The information we collect about you for this purpose is not tied to your personal information given to the professional, so Confrere support personnel do not see your name or your telephone number. Scandinavian residents may be prompted to give their PIN to the professional, in which case the customer support personnel cannot see your PIN either.
They do, however, have access to your:
If you have previously given us your phone number, name, or email address in such a support chat, this might be contained within the support chat history.
The legal basis for the processing of all of the above is the performance of a contract, cf. GDPR art. 6 (1) item b.
Metadata such as this is automatically deleted after 9 months. We can also manually delete it at your request. Contact us to request deletion.
If you create a trial account or sign up for one of our plans in order to offer video calls through Confrere, we collect and store data about you in various systems in order to deliver the service and help you use it.
For the system to function we need your:
To alert you of new visitors, you may provide us with your phone number (optional).
For our contract, we need your:
To help you with technical issues, you may reach out to us via email or via live chat. To be able to help you via live chat, we need your:
The legal basis for the processing of all of the above is the performance of a contract, cf. GDPR art. 6 (1) item b.
As a signed up user, we couple the personal information we have about you with the technical information above (unlike what we do with your visitors’ data). When you are logged in, our chat tool, Intercom, will let the support personnel know your name, your contact info, and which organization you belong to.
The legal basis for this processing is the performance of a contract, cf. GDPR art. 6 (1) item b.
As for payment details and information about your call history, this is restricted information that requires a Confrere engineer with database access to log into our database to see. This access is secure and logged. We store payment details in Stripe, and financial info pertaining to your paid Confrere plan in our accounting system, 24SevenOffice.
The legal basis for this processing is the performance of a contract, cf. GDPR art. 6 (1) item b.
We use a tool called Intercom to help you get started with Confrere by sending you messages about features and functionality, and updates when we launch new features.
The legal basis for this processing is your consent, cf. GDPR art. 6 (1) item a.
Criipto is our provider for BankID and NemID (Scandinavia only).
The legal basis for this processing is the performance of a contract, cf. GDPR art. 6 (1) item b.
If you interact directly with us through the chat on our site (“Intercom"), you will be given a reference number instead of a name (unless you already have a Confrere account). We will then start saving your conversation history. Intercom will ask you for a way to reach you if you message us at a time when support is not attended, and answering is optional. On some pages, you can also book a demo by leaving your email address in the chatbox. If you leave a phone number or email address at this point, that data will be associated with your conversation and confrere.com browsing history.
This lets us better help you by making us aware of what problems you have run into in the past, and what questions you have. If you request a demo, we use the information to get in touch with you to set up a time and date and nothing else.
The legal basis for this processing is the performance of a contract, cf. GDPR art. 6 (1) item b.
When you are a visitor to confrere.com we use Plausible (a privacy-first web analytics tool) to track your browsing. Plausible does not use cookies, anonymizes all data, and only provides an overview of our website statistics so that no individual visitor usage is tracked. Read more about how Plausible works.
We do not know who you are or have any personal information about you besides the above.
The legal basis for this processing is your consent, cf. GDPR art. 6 (1) item a.
If you fill out a form to order a guide or white paper, or if you attend a webinar or event, we receive an email with the info you gave us in the form. This may include your:
We use Google Docs and Typeform to collect signups and orders.
This information is not stored anywhere tied to your browsing or behavior mentioned above and is deleted after your order is sent or the event is over.
The legal basis for this processing is your consent, cf. GDPR art. 6 (1) item a.
We use cookies to better understand those who visit our website, join a video call, and/or have a Confrere account so we may offer them a more tailored service. Cookies do things like remember your camera settings, prefill form fields and let you remain logged in.
Cookies are small files saved to your computer’s hard drive that track information about how you use and interact with a website. Some cookies are “session” cookies, which delete automatically when you leave Confrere. Others are “persistent” cookies which do not delete themselves and track your use of Confrere over time.
The legal basis for this processing is your consent, cf. GDPR art. 6 (1) item a.
We also use third party service providers who set cookies.
See “third parties” for an overview of cookies set by Confrere.
Most cookies can be disabled in your browser settings.
In order to make the tools we use for support, billing, and similar work as well as intended, it is often necessary to share some of your data with our third-party providers. We only share data when it is necessary, and we share as little as possible. We have strict data processing agreements with all our providers and control how they handle data. So if you tell us to change or delete information, those changes will also be reflected in data they can access if these overlap. If data is transferred or stored outside of the EU, we ensure that the transfer is in compliance with Applicable Data Protection Law and protected by standard contractual clauses (SCC).
Service | Information | Why we use it | Where data is stored | Legal basis |
---|---|---|---|---|
Stripe (for EEA residents) | - Contact information - Financial info | We handle payments to Confrere through Stripe | EU | GDPR 6.1.b |
Stripe (for USA residents) | - Contact information - Financial info | We handle payments to Confrere through Stripe | USA (data is stored in the USA only if the customer resides there) | GDPR 6.1.b |
24SevenOffice | - Contact information - Place of work - Organization number (in Norway) | We do invoicing through 24SevenOffice | EU | GDPR 6.1.b |
Service | Information | Why we use it | Where data is stored | Legal basis |
---|---|---|---|---|
Intercom | Contact information | We use Intercom to onboard new users, send emails with tips and suggestions, and send feature announcement emails to our users. | EU | GDPR 6.1.b |
Service | Information | Why we use it | Where data is stored | Legal basis |
---|---|---|---|---|
AWS | EU | GDPR 6.1.b | ||
Sinch (for all non-USA phone numbers) | - Contact information | If you choose to send text messages through Confrere to any non-USA phone number. | EU | GDPR 6.1.b |
Twilio (for USA phone numbers) | - Contact information | If you choose to send text messages through Confrere to a USA phone number. | USA (data is stored in the USA for USA phone numbers only) | GDPR 6.1.b |
Service | Information | Why we use it | Where data is stored | Legal basis |
---|---|---|---|---|
Plausible | How anonymized website visitors use Confrere | To see how anonymous visitors move around our website confrere.com (but not the video calling platform). Stores no identifying data, and IP addressed are not collected. | EU | GDPR 6.1.b |
We have firmly established that we do collect data about you. However, your personal data remains your own and under your control, so you have the right to tell us how to handle it. Contact us to request any changes in how we handle your data.
We retain your contact data as long as we have an active customer relationship with you. If the customer relationship ends, we keep your contact data for another 90 days before we delete it from our systems, with the exception of invoices and transactions, that we are required to keep for 5 years.
The legal basis for the retention of transaction data is legal requirement, cf. GDPR art. 6 (1) item c.
Head on over to the Terms of service, where this is covered in greater depth.
Data Protection Officer: Jón Grétar Guðjónsson
Compodium International AB (publ)
c/o Arena Skrapan
118 30 Stockholm, Sweden
Email: jon.gretar.gudjonsson@compodium.com
We know this was long.
We hope you enjoy using Confrere! Since you actually read all this way, you can tweet us at @confrere_video, or send an email to info@confrere.com with any questions or concerns.