The medical platform Doctolib would have collected the personal data of its users thanks to two cookies, to then transmit it to the social network Facebook. Without notifying the respective users, of course.
Doctolib is a Franco-German company that offers a file Online consulting management service For healthcare professionals and Online appointment booking service for patients. And thereforeThe site collects a large amount of personal data from its users.
The platform for scheduling medical appointments and remote consultations is today Accused of sending months-long research data to German users, collected using two cookiesFor advertising giants Facebook and Outbrain.
Doctolib helps Facebook collect and use user data
German mobile security company Mobilsicher discovered it Submit site keywords Searched by its users in its search engine in Facebook or Outbrain إعلانات Advertising Agency. And therefore, Once the Internet user accepts the Doctolib Terms of Service, then did a site search, Her data was sent directly to both companies, with its own IP address and marketing ID, allowing Facebook or Outbrain to do so Mastering your advertising targeting. According to German media, this practice He was stopped dead on June 21 On all Doctolib platforms after the media exposed the issue.
For its part, Doctolib ensures that it has created these two cookies on its platform in Germany in order to “Measuring the success of its media campaigns aimed at promoting its services to the general publicIt adds that it did not collect health data with these cookies, specifying that it did not “Never send medical data to a third party, whether in France or GermanyThe company also confirmed that it did. It has asked its partners to delete all data collected through cookies.
As for Facebook, the network claims it This medical data (Like any other sensitive data) It is deleted immediately By the filtering system of the data storage device. This investigation comes after nearly a year Doctolib is a victim of personal data theft on more than 6000 meetings. Then the last name, first name, gender and age of the users were stolen by the perpetrators of a computer attack.