Privacy Policy
Last updated: 04/05/2026
This Privacy Policy explains how Medipapel Pvt Ltd and its related products and services, including the Medipapel mobile application, collect, use, store, disclose, and protect personal information.
In this Privacy Policy, “Medipapel”, “we”, “us”, or “our” refers to Medipapel Pvt Ltd. “App” means the Medipapel mobile application and related services. “User”, “you”, or “your” refers to any person using the App, including patients, healthcare users, clinic users, and authorised clinic staff.
1. Information we collect
We may collect personal information when you register, log in, use the App, book appointments, manage appointments, interact with clinics, or contact support.
The information we collect may include:
- Name
- Mobile number
- Email address, where provided
- Date of birth
- Gender
- Address or location selection details
- Account login and authentication details
- One-time password verification details
- Clinic or healthcare account details
- Patient profile details
- Appointment booking details
- Appointment date, time, provider, clinic, and token information
- Appointment status, such as new, confirmed, waiting, completed, cancelled, unattended, or billed
- Documents, notes, files, or other information uploaded or created through the App, where available
- Device and app information, such as app version, device type, operating system, and technical logs
- Support requests and communication with us
Some information may be health information or sensitive information, depending on how you use the App and the services provided by clinics or healthcare providers.
2. How we collect information
We collect information when:
- You create or update an account
- You verify your mobile number
- You select a country, state, district, place, clinic, hospital, provider, or appointment slot
- You create or manage a patient profile
- You book, cancel, or view appointments
- A clinic or authorised healthcare user uses the App to manage clinic-related information
- You contact us for support
- The App communicates with our servers
- We need technical logs to maintain security, reliability, and performance
We may also receive information from clinics, hospitals, healthcare providers, or authorised clinic staff who use Medipapel services.
3. How we use your information
We use personal information to:
- Create and manage your account
- Verify your identity and mobile number
- Allow you to select clinics, hospitals, providers, and appointment slots
- Book, manage, and display appointments
- Show appointment history and appointment status
- Help clinics and healthcare users manage patient and appointment workflows
- Support clinic account and healthcare account features
- Send authentication codes, service messages, and appointment-related notifications
- Provide customer support
- Improve the App, security, performance, and reliability
- Prevent fraud, misuse, unauthorised access, and security incidents
- Comply with legal, regulatory, record-keeping, and healthcare obligations
We do not sell your personal information.
4. Health and clinic information
The App may allow users to interact with clinics, hospitals, providers, and clinic staff. Some information entered into or displayed through the App may relate to healthcare services.
Clinics and healthcare providers may have their own legal, privacy, medical record, and retention obligations. Where a clinic or healthcare provider uses Medipapel to manage patient or appointment information, that clinic or provider may also be responsible for how it uses and manages that information.
Medipapel provides technology services to help clinics, healthcare providers, and users manage healthcare workflows. Medipapel does not replace professional medical advice, diagnosis, treatment, or emergency medical services.
5. Appointment information
When you book or manage an appointment through the App, we may collect and process details such as:
- Selected clinic or hospital
- Selected provider
- Appointment date and time
- Token or slot number
- Patient details required for booking
- Booking notes or appointment notes, where available
- Appointment status updates
Appointment availability and confirmation may depend on the clinic or healthcare provider. Some appointments may require clinic confirmation.
6. Sharing of information
We may share personal information with:
- Clinics, hospitals, healthcare providers, or authorised clinic staff involved in your booking or care
- Service providers who help us operate the App, hosting, security, communication, analytics, or support services
- Technical providers that help us send OTPs, emails, messages, or notifications
- Regulators, authorities, courts, or other parties where required by law
- Professional advisers where reasonably necessary
- Another entity in connection with a business transfer, merger, acquisition, or restructuring, where legally permitted
We only share information where reasonably necessary for the App, healthcare workflows, support, security, legal compliance, or service operation.
7. Storage and security
We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure.
Security measures may include:
- Secure authentication
- Role-based access controls
- Encrypted communication where supported
- Access logging and monitoring
- Restricted access to production systems
- Regular maintenance and technical safeguards
No system is completely secure. Users should keep their login details and devices secure and notify us if they believe their account has been compromised.
8. Data storage and access
Medipapel uses cloud hosting and technical service providers to operate the App and related services.
For users in India, personal information and app data are hosted on cloud infrastructure located in India. Medipapel does not intentionally transfer or host Indian user data outside India for normal App operation.
Access to information is restricted to authorised personnel, clinics, healthcare providers, and service providers who need access for App operation, support, security, legal compliance, or healthcare-related workflows.
If we are required by law, regulation, security needs, technical support requirements, or service continuity requirements to access, disclose, or transfer information in another location, we will take reasonable steps to ensure appropriate privacy and security protections are in place.
9. Retention of information
We keep personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including account management, appointment management, support, security, legal compliance, and healthcare-related record obligations.
Some healthcare, appointment, billing, audit, or clinic-related records may need to be retained for legal, regulatory, clinical, or clinic policy reasons, even if an account deletion request is made.
10. Account deletion
You may request deletion of your account through the App, where this feature is available, or by contacting us.
When an account deletion request is made, we will take reasonable steps to delete or de-identify personal information associated with your account, unless we are required or permitted to retain certain information for legal, regulatory, security, dispute resolution, clinic, healthcare, or record-keeping reasons.
If the App allows account creation, app stores may require an in-app path to initiate account deletion, and Google Play also requires a web link where users can request account and data deletion.
11. Access and correction
You may request access to personal information we hold about you. You may also request correction if you believe the information is inaccurate, incomplete, or out of date.
Some information may be controlled or maintained by a clinic or healthcare provider. In those cases, we may direct you to contact the relevant clinic or provider.
12. Notifications and communications
We may send service-related messages, including OTP verification codes, appointment updates, account messages, security messages, and support responses.
We do not use health information for marketing without appropriate consent where required.
13. Children and family members
The App may allow a user to manage appointment bookings or patient profiles for family members or dependants.
If you provide information about another person, you must have authority or consent to do so, where required. For children or dependants, a parent, guardian, or authorised person should provide and manage the information.
14. Third-party links
The App may contain links to external websites, including legal, support, clinic, or healthcare provider pages. We are not responsible for the privacy practices or content of third-party websites.
15. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The updated version will be published on our website or made available through the App. The “Last updated” date will show when the policy was last changed.
16. Contact us
For privacy questions, support requests, or account deletion requests, contact us at:
Email: support@medipapel.com