SieberEdu
Contact
← All tools
Tool review

Doctolib Business

Online appointment booking for medical practices — EU Art. 9 compliant

Visit website
Data residency
EU only
DPA available
Yes
Pricing
Subscription
Art. 9 data
OK with DPA
Best for

Who this tool is for

Industries

Healthcare
  • GP and specialist practices
  • Practices offering teleconsultation
  • Reducing no-shows via reminders
  • Replacing phone-only booking
  • Multi-location practice groups
What it is

Doctolib Business is an appointment, teleconsultation, and patient-communication platform used by more than 300,000 practitioners across Europe. It is ISO 27001 certified and runs on HDS-certified (French health data hosting) infrastructure, with all data kept inside the EU.

For DACH medical practices it covers the daily essentials: online booking, automated reminders, video consultations, and secure patient messaging. Because it processes health data under Art. 9 DSGVO, it is suitable for patient data only with a signed AV-Vertrag and proper technical and organisational safeguards.

The platform is subscription-based with no free tier, and Doctolib provides a DPA plus an Art. 28 GDPR addendum as standard.

Pros and cons

Pros and cons

Strengths

  • EU-only data hosting, HDS certified
  • ISO 27001 certified infrastructure
  • Used by 300,000+ European practitioners
  • DPA and Art. 28 addendum provided
  • Booking, teleconsultation and messaging in one

Trade-offs

  • No free tier; subscription only
  • Patient data needs AV-Vertrag plus safeguards
  • Configuration and Schweigepflicht handling remain your duty
Data protection

Where it sits with GDPR

Good fit for

  • Health data stays in the EU, HDS certified
  • AV-Vertrag and Art. 28 addendum available
  • ISO 27001 audited security controls

Think twice / not suitable for

  • Still requires correct configuration and access roles
  • Schweigepflicht and consent handling stay your responsibility

Data protection note

HDS-certified health data hosting; DPA + Art. 28 GDPR addendum provided; data in EU only.

FAQ

Frequently asked questions

Is Doctolib Business GDPR compliant?

Yes, with a signed AV-Vertrag and proper safeguards; it is ISO 27001 and HDS certified with EU-only data.

Where is Doctolib data stored?

All data is hosted in the EU on HDS-certified health data infrastructure.

Is Doctolib suitable for patient health data?

Yes, for Art. 9 DSGVO health data when an AV-Vertrag and technical safeguards are in place.

Does Doctolib offer an AV-Vertrag?

Yes, Doctolib provides a DPA plus an Art. 28 GDPR addendum as standard.

Reviews are written and reviewed by Eduardo personally. They describe what a tool does and where it sits with data protection, but they do not constitute legal advice.

Browse all tools