The General Data Protection Regulation (GDPR)

As a subcontractor, WeDoxa implements all the provisions defined about the new regulation on the general data protection.

  • All data collected remains the property of the establishments.
  • All data (solicited reviews) transmitted to our distribution partners (web directories) do not contain any personal data.

How are personal data used?

WeDoxa assists healthcare institutions requesting the opinions of patients/residents. This proactive approach to request requires the use of patient contact information to :

  • send each patient a nominative satisfaction questionnaire.
  • authenticate the opinions collected within the remit of the ISO 20488 standard (fight against false opinions),
  • allow establishments to respond to reviews: acknowledgment/conversations/addressing the dissatisfaction.

The roles and responsibilities of each are defined contractually : 

  • Patient contact information is the responsibility of the group of institutions which defines the use that can be made of the data (DPO).
  • WeDoxa acts as a moderator and subcontractor to implement the process defined by the DPO.