BilalMD (“we”, “us”, “our”) provides medical education content for healthcare professionals, students, and patients. This Privacy Policy explains what information is processed when you use our website, why it is processed, and how you can control it.

If you do not agree with this Policy, please do not use this website.

1. Data Controller

The website is operated by:

BilalMD
Email: realbilalmd@gmail.com

For any privacy–related questions, contact us at this email address.

2. What We Collect (and What We Don’t)

2.1 No user accounts, logins, or comment profiles

  • We do not provide user registration or login on BilalMD.
  • We do not host on-site user comments requiring an account.
  • We do not maintain internal user profiles for marketing or resale.

However, some data is still processed automatically by analytics, advertising, and social-sharing tools, and that data is personal data under GDPR (for example, IP addresses, cookies, device identifiers).

2.2 Information you actively provide

You may choose to contact us directly by email.

  • When you email us, we process:
    • Your email address
    • The content of your message
    • Any other information you decide to share

We use this information solely to respond to your inquiry and maintain basic correspondence records.

We do not currently run contact forms on the site. If we add forms in the future, we will update this section.

3. Analytics and Site Usage (Google Analytics & Search Console)

We use Google Analytics and Google Search Console via WordPress Site Kit to understand how visitors use our site and to improve content and performance.

3.1 What Google Analytics collects

Google Analytics uses first-party cookies and similar technologies to collect information such as:

  • Pages visited and links clicked
  • Time spent on pages and user navigation paths
  • Browser type, operating system, and device type
  • Referrer URL (the site you came from)
  • Approximate location (based on IP)
  • Technical identifiers (e.g., cookie IDs)

For Google Analytics 4, Google states that IP addresses are used for geolocation but are not stored or logged in reporting.

We use this data only in aggregated form to:

  • Measure traffic and performance of our content
  • Detect technical issues (e.g., broken pages)
  • Improve user experience and site structure

3.2 What Google Search Console does

Google Search Console provides us with aggregated search-performance data, such as:

  • Search queries that lead to our site
  • Impressions and clicks in Google Search
  • Average position in search results

This data is handled by Google under its own Privacy Policy and is presented to us in aggregated form; we cannot identify individual users from Search Console data.

3.3 Legal basis (GDPR)

For visitors in the EEA/UK, our legal basis for processing analytics data is:

  • Legitimate interest (Art. 6(1)(f) GDPR): to understand site usage and improve our content and services.

If in the future we use analytics that require consent (e.g., via a cookie banner), that consent will become the legal basis where required.

4. Advertising (Google AdSense)

We display ads served by Google AdSense.

4.1 How AdSense uses data

Google AdSense may use cookies and similar technologies to:

  • Show ads on this and other sites
  • Measure ad performance (impressions, clicks, conversions)
  • Limit how many times you see the same ad
  • Show personalized ads based on your previous visits to websites, search history, interests, or demographic information (if you have consented to such personalization in your Google account or via cookie/banner settings)

These cookies and identifiers allow Google to track interactions with ads and content, and some of this data is personal data under privacy laws.

4.2 Personalized vs non-personalized ads

Depending on your region and your Google settings:

  • You may see personalized ads, based on your past activity; or
  • You may see non-personalized ads, which are based only on contextual information (like the page content or your approximate location).

You can control how Google uses your data for ads via Google Ads Settings and other industry opt-out tools.

4.3 Legal basis (GDPR)

  • Non-personalized ads & basic measurement: Legitimate interest (Art. 6(1)(f) GDPR).
  • Personalized ads (where applicable): Consent (Art. 6(1)(a) GDPR), usually obtained and managed by Google’s own systems and/or any cookie banner solution if implemented.

5. Social Sharing (Sassy Social Share)

We use the Sassy Social Share WordPress plugin to provide share buttons so you can share our content on various social networks.

5.1 What Sassy Social Share itself does

According to Heateor (the plugin developer):

  • The plugin itself does not track or store user data on Heateor’s servers.
  • Any data required for the plugin to work (e.g., local settings, cached share counts) is stored only in our own WordPress database.
  • When the plugin calls third-party APIs (for example, to get share counts), the request is made from the visitor’s browser to the third-party service and may include the visitor’s IP address.

5.2 Embedded widgets and third-party services

If we enable official share/like buttons or widgets (e.g., Facebook Like/Share, Twitter/X Tweet, LinkedIn Share, Pinterest Save, etc.), those services may collect data directly from your browser when the widget loads or when you interact with it.

Typically, this can include:

  • Your IP address
  • Browser and device information (User Agent, OS, screen resolution)
  • Referrer URL (the page you’re on)
  • Cookies and other identifiers already set by the social network
  • Your interactions with the widget (e.g., “like”, “share”, “tweet”)

Exact behavior depends on each provider’s privacy policy, for example:

  • Facebook: may collect IP, browser information, cookies, and link actions to your Facebook account if you are logged in.
  • Twitter/X: tweet widgets make your IP address visible to Twitter when loading and using the button.
  • LinkedIn: share widgets may track your IP and usage in line with LinkedIn’s privacy policy.
  • Pinterest: save buttons may track IP and requests as described in Pinterest’s policy.

Sassy Social Share often replaces native buttons with static icons that only create a link to the social network. In that case, the social network only receives data when you click and are redirected to their site.

We do not control how these third-party networks use your data. They act as independent controllers, and your relationship with them is governed by their own privacy policies.

5.3 Legal basis (GDPR)

For visitors in the EEA/UK:

  • Displaying basic share icons and links: legitimate interest (Art. 6(1)(f) GDPR) in promoting our content.
  • Loading official social widgets that set or read non-essential cookies may rely on your consent where required by local law (often via your browser or any cookie tools you use).

6. Cookies and Similar Technologies

6.1 What cookies are used for

On BilalMD, cookies and similar technologies are used mainly by:

  • Google Analytics – to measure traffic and usage.
  • Google AdSense – to deliver and measure ads, and in some regions to personalize ads.
  • Social networks – if you interact with share buttons or have active sessions with those networks.

We do not set our own marketing or retargeting cookies beyond what is required by these third-party services.

6.2 How to control cookies

You can:

  • Change your browser settings to block or delete cookies.
  • Use Google’s Ads Settings and industry tools such as aboutads.info to opt out of personalized advertising from certain providers.
  • Use privacy tools or extensions that block third-party scripts/widgets.

Blocking cookies may affect some functionality (e.g., ad display, or social-sharing convenience), but our core content should remain accessible.

7. Data Sharing and Transfers

We do not sell or rent your personal data.

We share or allow access to data only through:

  • Google (Analytics, Search Console, AdSense): as a service provider processing analytics and ad-related data. Data may be stored on servers in the EU, US, or other locations and is processed under Google’s Privacy Policy.
  • Social networks (e.g., Facebook, Twitter/X, LinkedIn, Pinterest): which receive data only when their widgets load or when you interact with them, under their own privacy policies.
  • Email provider/hosting: to handle incoming/outgoing email.

Where data is transferred outside your country (for example, to Google or major social networks), it is done under their standard mechanisms (such as standard contractual clauses) as described in their policies.

8. Data Retention

  • We do not maintain separate databases of identifiable visitor profiles on our side.
  • Email correspondence is retained as long as necessary to handle your query and for a reasonable period afterward for legal and administrative purposes.
  • Analytics and advertising data are retained according to the retention settings in our Google accounts and Google’s own policies.

We may retain aggregated, non-identifiable statistics about site usage indefinitely.

9. Your Rights (EEA/UK and Similar Jurisdictions)

If you are in the EEA, UK, or other regions with similar data-protection laws, you may have the following rights regarding your personal data:

  • Access – to know whether we process your data and obtain a copy.
  • Rectification – to correct inaccurate or incomplete information.
  • Erasure – to request deletion of your data where there is no legal basis to continue processing.
  • Restriction – to request limitation of processing under certain conditions.
  • Objection – to object to processing based on legitimate interests, including profiling.
  • Portability – to receive your data in a structured, commonly used format where applicable.
  • Withdraw consent – where processing is based on consent (e.g., some advertising/cookie scenarios), you can withdraw that consent at any time.

To exercise these rights in relation to BilalMD, contact realbilalmd@gmail.com. For data processed by Google or social networks as independent controllers, you must exercise your rights directly with those providers.

You also have the right to lodge a complaint with your local data-protection authority.

10. Children’s Privacy

BilalMD is aimed at medical professionals, students, and patients seeking medical information. Content is not specifically targeted at children.

We do not knowingly collect or maintain personal data from children under applicable age thresholds (e.g., 13 or 16, depending on jurisdiction). If you believe we have inadvertently collected such data, contact us and we will delete it.

11. Security

We take reasonable technical and organizational measures to protect our website and email systems against unauthorized access, misuse, and loss.

However, no system can be guaranteed 100% secure. Use the site at your own risk and avoid sending highly sensitive information via email.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, technologies, or legal requirements.

When we make changes, we will update the “Last updated” date at the top of this page. Continued use of the website after changes are posted constitutes your acceptance of the updated Policy.

13. Contact

For questions about this Privacy Policy or how we handle data, contact: Email: realbilalmd@gmail.com

Share