Privacy Policy

This Privacy Policy explains how Sahelli (operated by Simplx) collects, uses, stores, and protects information when you use our clinic management platform. We are committed to handling your data — and the data of your patients — with care, transparency, and respect.

By using Sahelli, you agree to the practices described in this policy.

Sahelli is a SaaS platform for healthcare providers, operated by Simplx. We act as a data processor on behalf of clinics (who are the data controllers). Clinics are responsible for their own obligations toward the patients whose data they manage through the platform.

• WhatsApp / Phone: +20 113 070 7982
• Email: simplx.business.main@gmail.com

Account & Clinic Data — When a clinic registers, we collect the clinic name, specialty, contact information, subscription details, and the names and credentials of staff members.

Patient Data (Managed by Clinics) — Clinics store patient information through the platform, including names, phone numbers, medical history, clinical notes, prescriptions, appointment records, and financial information. This data is collected and controlled by the clinic, not by Sahelli directly.

Usage Data — We may collect information about how you use the platform, including pages visited, features used, and timestamps. This helps us improve the service.

Communication Data — WhatsApp messages processed through the platform (via Meta's WhatsApp Business API) are stored to display conversations in your inbox and to power the AI receptionist.

Technical Data — IP addresses, browser type, and device information collected automatically when you access the platform.

We use collected information exclusively to:

• Provide, operate, and maintain the Sahelli platform and its features.
• Manage your subscription, billing, and account.
• Send important service notifications (account status, updates, policy changes).
• Provide customer support and respond to your inquiries.
• Improve the platform through aggregated, anonymized usage analytics.
• Ensure the security of the platform and detect fraudulent activity.

We do not sell your data or your patients' data to any third party, ever.

Each clinic on Sahelli has its own isolated database. Your clinic's data — including all patient records, appointments, financial records, and clinical notes — is completely separated from data belonging to other clinics on the platform. No clinic can access another clinic's data.

Data is stored on secure cloud infrastructure (MongoDB Atlas and AWS). We apply industry-standard security measures including:

• Encryption of data in transit (TLS/HTTPS) and at rest.
• Secure authentication with hashed passwords and session management.
• Role-based access control ensuring staff only access what they need.
• Regular security reviews and vulnerability assessments.
• HMAC-SHA256 signature validation on all inbound webhooks.

No system is 100% secure. In the event of a data breach that affects your clinic, we will notify you promptly and take all reasonable steps to mitigate harm.

Sahelli integrates with the following third-party services to provide its functionality:

• Meta (WhatsApp Business API) — for AI receptionist and patient messaging.
• MongoDB Atlas — for secure, isolated database storage.
• AWS (Amazon Web Services) — for cloud infrastructure, file storage (S3), and scheduled events.
• Kashier (payment gateway) — for processing clinic subscription payments.

These providers have their own privacy policies and security practices. We share only the minimum data necessary for these integrations to function.

Clinics using Sahelli are responsible for:

• Obtaining proper consent from patients before collecting and storing their data.
• Informing patients about how their data is used within the clinic management system.
• Complying with all applicable local healthcare privacy and data protection laws.
• Ensuring staff members only access patient data relevant to their role.

Sahelli provides the technical tools (role-based access, audit trails, data isolation) to help clinics meet these obligations, but ultimate responsibility rests with the clinic.

We retain your clinic's data for as long as you have an active or recently canceled subscription. Upon subscription cancellation, you may request a full data export within 30 days. After this window, data may be permanently deleted from our systems.

Certain records (such as billing history) may be retained longer as required by applicable law.

Sahelli uses essential session cookies to maintain your login state and provide a functional experience. We do not use advertising cookies or cross-site tracking cookies. We do not share cookie data with third-party advertisers.

You have the right to:

• Access the data we hold about your clinic and staff accounts.
• Correct inaccurate information in your account.
• Request deletion of your account and associated data.
• Export your clinic data at any time during an active subscription.
• Object to or restrict how your data is processed in certain circumstances.

To exercise any of these rights, contact us at simplx.business.main@gmail.com.

Sahelli is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. Clinics may store information about pediatric patients in the platform; however, the clinic is responsible for ensuring proper parental or guardian consent.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or through a notice on the platform. We encourage you to review this policy periodically. Your continued use of Sahelli after changes take effect constitutes acceptance of the revised policy.

This Privacy Policy is governed by the laws of the Arab Republic of Egypt. Any disputes arising from this policy shall be subject to the jurisdiction of the competent courts in Egypt.

For privacy-related questions, data requests, or concerns:

• WhatsApp / Phone: +20 113 070 7982
• Email: simplx.business.main@gmail.com

Visit our Contact page →