Privacy Policy - Medico

1. Information We Collect

We collect the following categories of data:

• Account and identity data: name, email, phone number, password, and authentication identifiers (including Firebase and Google sign-in identifiers).
• Profile and contact data: profile photo, date of birth, gender, blood group, height, weight, address, emergency contact details, and family profile details.
• Health data: medical conditions, allergies, medications, prescriptions, health records, lab/radiology booking details, and reminder/adherence records.
• User content: images and documents you upload (for example, prescriptions, reports, and avatar images).
• Order and payment data: medicines ordered, delivery details, order history, payment method, and payment transaction identifiers returned by Razorpay. We do not store your full card number in the app.
• App technical/session data: access and refresh tokens stored on-device to keep you signed in.

2. Permissions Used by the App

• Camera: to capture prescriptions/profile images/documents when you choose to upload.
• Photos/Media/Files: to select images/documents from your device and to save downloaded files where applicable.
• Notifications: to send medicine reminder and service notifications (if enabled by you).

Medico does not request precise location permission in the current app implementation.

3. How We Use Information

• Create and manage your account and sign-in sessions.
• Provide healthcare services such as appointments, prescription workflows, medicine orders, and reminders.
• Process and verify payments through payment providers.
• Show and manage your uploaded medical documents and records.
• Provide customer support and resolve issues.
• Maintain security, prevent misuse, and comply with legal obligations.

4. Sharing of Information

We may share data only as needed to operate the service, including with:

• Service providers: authentication, cloud/API infrastructure, notifications, OTP, and payment processing partners.
• Healthcare fulfillment partners: doctors, labs, radiology centers, pharmacies, and delivery partners for booking/order fulfillment.
• Legal authorities: when required by applicable law or valid legal process.

We do not sell personal data.

5. Data Security

We use reasonable technical and organizational safeguards to protect personal data, including authenticated API access and encrypted transport in production environments. No method of transmission or storage is 100% secure.

6. Data Retention

We retain data as long as needed to provide services, support medical/order history, comply with legal obligations, resolve disputes, and enforce agreements.

7. Your Choices and Rights

• You can update profile information in the app.
• You can manage notification permission in device settings.
• You can request account/data deletion by contacting us.

8. Children's Privacy

The app is not directed to children under 13. If you believe a child provided personal data without appropriate consent, contact us so we can take action.

9. International Transfers

Your data may be processed in countries different from your residence, subject to applicable legal safeguards.

10. Changes to This Policy

We may update this policy. Updated versions will be published on this page with a revised effective date.

11. Contact Us

For privacy questions, data access, or deletion requests:

Email: aratimedicoapp@gmail.com