Acceptable Use Policy
Last updated: 28 March 2026
1. Permitted Uses
MedFlow is designed for legitimate medical and aesthetics clinic operations. Permitted uses include: patient communication, appointment management, quote generation, follow-up automation, and clinic analytics.
2. General Prohibitions
- Sending unsolicited messages (spam) to individuals who have not inquired with your clinic
- Processing personal data without a lawful basis
- Harassing, threatening, or intimidating patients or staff
- Storing or transmitting content that is illegal, defamatory, or obscene
- Attempting to access data belonging to other clinics
- Using the Service for any unlicensed medical practice
- Sharing patient data with unauthorised third parties
- Using automated messaging to mislead patients about pricing or procedures
3. UK-Specific Requirements
- Compliance with UK GDPR and Data Protection Act 2018
- Compliance with Privacy and Electronic Communications Regulations (PECR)
- Advertising Standards Authority (ASA) rules for medical advertising
- Care Quality Commission (CQC) standards where applicable
4. Turkey-Specific Requirements
- Compliance with KVKK (Law No. 6698)
- Compliance with Turkish Ministry of Health regulations on medical advertising
- Explicit consent required for marketing communications
- Data processing must comply with Personal Data Protection Board decisions
5. UAE-Specific Requirements
- Compliance with UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection
- Compliance with Dubai Health Authority (DHA) and Health Authority Abu Dhabi (HAAD) regulations
- Respect for local cultural sensitivities in patient communications
- Compliance with UAE Telecommunications Regulatory Authority requirements
6. Saudi Arabia-Specific Requirements
- Compliance with Saudi PDPL and its implementing regulations
- Compliance with Saudi Ministry of Health regulations
- Compliance with CITC (Communications, Space and Technology Commission) requirements
- Respect for local laws and cultural norms in automated messaging
7. Consequences of Violation
Violations may result in: warning notice, temporary suspension, permanent termination without refund, and reporting to relevant authorities where required by law.
8. Reporting Violations
Report violations to abuse@medflowai.io. We investigate all reports within 48 hours.