Privacy Policy

Last updated: 8 April 2026

1. Who We Are

Lok.chat ("we", "us", "our") is a product operated by The Gentle Equation Pty Ltd. Lok.chat provides an AI-powered WhatsApp receptionist and clinic management platform for healthcare businesses.

For any privacy-related enquiries, contact us at [email protected].

2. What Data We Collect

We collect the following categories of data:

From clinic owners and staff (our direct customers)

  • Account data: Email address, name, and password (hashed with Argon2id, never stored in plaintext).
  • Clinic data: Business name, phone number, address, timezone, and WhatsApp Business configuration.
  • Staff profiles: Name, email, phone number, role, and specialties.
  • Session data: IP address and browser user agent are recorded when you log in, for security and session management purposes.

From patients (via WhatsApp conversations with the clinic)

  • Contact data: Phone number (in E.164 format), name (if provided), and tags or notes added by clinic staff.
  • Conversation data: Full text content of WhatsApp messages exchanged with the clinic's AI receptionist, including timestamps and message metadata.
  • Media files: Images, videos, documents, and audio files shared in WhatsApp conversations.
  • Appointment data: Scheduling details, service types, status, and any notes.
  • Consent records: Whether the patient has opted in or out of follow-up messages, including the exact consent method, message shown, and WhatsApp message ID for audit purposes.

From website visitors

  • Waitlist data: Email address submitted through the waitlist form on our landing page.
  • We do not use cookies or third-party analytics on our landing page.
  • The Lok.chat dashboard uses a single session cookie (better-auth.session_token) for authentication. No third-party tracking cookies are used.

3. How We Use Your Data

Lok.chat's AI receptionist is a task-oriented business tool designed for appointment booking, FAQ handling, lead qualification, and customer support on behalf of clinics. It is not a general-purpose chatbot. When the AI cannot resolve a query, conversations are handed off to a human clinic staff member.

  • To provide and operate the AI receptionist service via the WhatsApp Business Platform.
  • To manage appointments, patient contacts, and clinic operations within the dashboard.
  • To generate AI responses: recent conversation messages and clinic-provided knowledge base content are sent to Anthropic's Claude AI model for processing. Patient names and contact details are included in conversation context to provide personalised responses.
  • To generate text embeddings for the knowledge base search feature, using OpenAI's embedding API. Only clinic-provided FAQ and service content is sent — not patient messages.
  • To send follow-up messages to patients who have explicitly opted in (with consent verified at both scheduling time and delivery time).
  • To send transactional emails (e.g., password resets) via the Resend email service.
  • To diagnose errors and maintain service reliability via Sentry, an error-tracking service. Error reports may include request metadata but do not intentionally include patient message content.
  • To communicate with clinic owners about their account, including service updates.

4. WhatsApp & Meta Platform Data

Lok.chat integrates with the WhatsApp Business Platform (via Meta's Cloud API) to send and receive messages on behalf of clinics. This section describes how we handle data obtained from Meta.

  • We access WhatsApp messages solely to operate the AI receptionist and clinic management service requested by the clinic owner.
  • Message data received from Meta's platform is stored in our database to provide conversation history, appointment booking, and continuity of patient communication.
  • We do not sell, rent, license, or otherwise share WhatsApp message data with third parties for advertising, marketing, or data brokerage purposes.
  • We do not use WhatsApp data to build user profiles for purposes unrelated to the clinic's direct operations.
  • We do not use WhatsApp data to contact people outside of the clinic's patient communication purposes.
  • Meta (WhatsApp's parent company) does not use messages sent via the WhatsApp Business API for advertising or ad targeting purposes.
  • WhatsApp data is shared with third-party sub-processors (listed in Section 6) only to the extent necessary to provide the service — specifically, message content is sent to Anthropic's AI model to generate responses.
  • Our use of data obtained from Meta's platform complies with the Meta Platform Terms and Meta Developer Policies.

5. Data Storage & Security

  • All data is stored on a server located in Singapore (Hetzner Cloud). The dashboard and landing page are served via Cloudflare's global CDN.
  • WhatsApp access tokens are encrypted at rest using AES-256-GCM with a dedicated encryption key.
  • Passwords are hashed using Argon2id (an industry-standard, irreversible hashing algorithm). We never store plaintext passwords.
  • Media files (images, documents) are stored in private Cloudflare R2 buckets and are only accessible through authenticated API endpoints that verify clinic ownership.
  • Dashboard access requires email/password authentication. Sessions are managed with secure, HttpOnly cookies (7-day expiration).
  • We apply row-level multi-tenancy so that each clinic can only access data belonging to their own clinic. Every database query is scoped by clinic ID.

6. Third-Party Services (Sub-processors)

We use the following third-party services to operate Lok.chat. Each receives only the data necessary for its function:

  • Meta / WhatsApp Business Platform (USA): Messaging infrastructure — sends and receives WhatsApp messages. Receives message text and recipient phone numbers.
  • Anthropic (USA): AI language model (Claude Haiku) for generating receptionist responses. Receives recent conversation messages and clinic knowledge base content. Messages are processed but not used to train their models.
  • OpenAI (USA): Text embedding API for knowledge base search. Receives only clinic-provided FAQ and service content — not patient messages or personal data.
  • Cloudflare (USA): CDN, DNS, dashboard hosting (Pages), and private media storage (R2). AI Gateway is used optionally for LLM response caching.
  • Hetzner (Germany, server in Singapore): Server infrastructure hosting our database, API, and background workers.
  • Resend (USA): Transactional email delivery (password resets only). Receives recipient email address and email content.
  • Sentry (USA): Error monitoring and diagnostics. Receives error stack traces and request metadata. Session replays are disabled. We sanitise access tokens from error reports.

7. Data Retention

  • Conversation and patient contact data is retained for as long as the clinic maintains an active account, to provide conversation history and continuity of care.
  • Waitlist email addresses are retained until the subscriber requests removal or is converted to a full account.
  • Login sessions expire after 7 days. Session records are retained in the database for security audit purposes.
  • Error logs in Sentry are retained according to Sentry's data retention policy (default 90 days).

8. Data Deletion

Clinic owners may request deletion of all their clinic data (including patient contacts, conversations, appointments, and media files) by contacting us at [email protected]. Deletion requests are processed manually and completed within 30 days.

Patients who wish to have their data removed should contact the clinic directly, as the clinic is the data controller for patient information. Clinics can contact us to action deletion requests on their behalf.

We are developing self-service data management features. Until then, all data access, correction, and deletion requests are handled manually via email.

9. PDPA Compliance (Malaysia)

We operate in compliance with the Malaysian Personal Data Protection Act 2010 (PDPA).

  • Patients interacting with the AI receptionist are informed that they are communicating with an automated system.
  • Follow-up messages are only sent to patients who have explicitly opted in. Consent is verified twice: once when the follow-up is scheduled, and again immediately before delivery.
  • Patients can withdraw consent at any time by replying "STOP" to any follow-up message.
  • Consent records are stored with full audit trail, including the exact message shown, the method of consent, and the WhatsApp message ID.

10. Health-Related Data

Lok.chat is a clinic management and communication tool, not a medical records system. Patients may voluntarily share health-related information in WhatsApp conversations (e.g., describing symptoms or treatment history). This information is stored as part of the conversation record but is not used for medical decision-making, clinical diagnosis, or treatment.

Clinics are responsible for ensuring their use of Lok.chat complies with applicable healthcare data regulations in Malaysia. We do not actively solicit, classify, or process health data beyond storing it as part of the conversation context.

11. Children's Privacy

Lok.chat is a business-to-business service designed for healthcare clinics. We do not knowingly collect personal data from children under the age of 18. If a minor contacts a clinic via WhatsApp, the conversation data is managed under the clinic's responsibility as the data controller. If we become aware that we have inadvertently collected data from a child without appropriate parental consent, we will take steps to delete it promptly.

12. Your Rights

For clinic owners and staff:

  • Access the personal data we hold about you and your clinic.
  • Request correction of inaccurate data.
  • Request deletion of your clinic account and all associated data.
  • Withdraw consent for any optional communications.

For patients:

  • Your data is controlled by the clinic you communicated with. Contact the clinic directly to exercise your data rights.
  • You may withdraw consent for follow-up messages at any time by replying "STOP".
  • You may contact us directly if you are unable to reach the clinic.

To exercise any of these rights, contact us at [email protected].

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. If we make material changes that affect how we handle data obtained from Meta's platform, we will notify affected clinic owners via email and, where required, obtain fresh consent.

14. Contact

If you have questions about this Privacy Policy or our data practices, contact:

The Gentle Equation Pty Ltd
Privacy: [email protected]
General: [email protected]
Website: https://lok.chat