Privacy Policy

Personal Information

When you register on Medora — as a patient or as a hospital administrator — we collect your name, email address, phone number, and other details you provide during registration.

Health & Medical Data

For patients, we collect health information you provide or that your healthcare providers input, including appointment history, medical notes, vital signs, and AI health assistant conversations. This data is used solely to provide the healthcare services you request.

Usage Data

We automatically collect information about how you use Medora — pages visited, features used, browser type, IP address, and timestamps. This helps us improve the platform.

Healthcare Services

Your personal and health data is used to facilitate appointments, connect you with healthcare providers, and maintain your health records — exactly the services you signed up for.

Appointment Management

We use your contact information to send appointment confirmations, reminders, and updates from your healthcare provider.

AI Health Assistance

Conversations with the Medora AI assistant may be processed to improve AI accuracy and safety. These conversations are never used for advertising and are stored with the same security standards as all health data.

Platform Improvement

Aggregated, anonymized usage data helps us identify bugs, improve features, and understand how healthcare professionals use the platform.

Encryption

All data is transmitted over TLS (HTTPS). Sensitive health data is encrypted at rest using industry-standard AES-256 encryption.

Secure Storage

Medora stores data on Supabase infrastructure with row-level security policies, ensuring that each organization can only access its own data.

HIPAA-Inspired Practices

While Medora operates under Indian law (DPDPA 2023), we follow HIPAA-inspired best practices for handling protected health information — including access controls, audit logs, and data minimization.

We Do Not Sell Your Data

Medora does not sell, rent, or trade your personal or health information to any third party, ever.

Healthcare Providers

Your health data is shared only with the hospitals and doctors you actively choose to book appointments with. You control this by choosing which providers to engage with on the platform.

Legal Requirements

We may disclose information if required by law, court order, or government regulation, and only to the extent legally required.

Access Your Data

You can view all personal information stored about you through your profile page at any time.

Correct Your Data

You can update your name, contact details, and other profile information directly in the app. Contact us to correct health records.

Delete Your Data

You may request deletion of your account and associated data by contacting support@medorahealth.in. We will process deletion requests within 30 days, subject to any legal retention requirements.

Functional Cookies Only

Medora uses only functional cookies necessary for authentication and session management. We do not use advertising cookies, tracking pixels, or third-party analytics that profile you across the web.

We may update this Privacy Policy as our platform evolves or as legal requirements change. We will notify registered users via email at least 14 days before material changes take effect. Continued use of Medora after that date constitutes acceptance of the updated policy.

For any privacy-related questions, data requests, or concerns, contact our support team at support@medorahealth.in or by post at: Medora Healthcare, Gurugram, Haryana, India — 122413.