MediReport Assist ("we", "our", or "us") is committed to protecting your privacy and ensuring that your personal and health information is handled securely and transparently. This Privacy Policy explains how we collect, use, and protect your personal and health information when you use our healthcare application. It also explains your rights under the General Data Protection Regulation (GDPR) and other applicable data protection laws. Please read this Privacy Policy carefully to understand how we treat your data.
1. Information We Collect
We collect the following types of information from you when you use our app:
- Personal Information: Information such as your name, age, sex, contact details (email, phone number), and any other information you provide to us during registration or while interacting with the app.
- Health Information: Information related to your health, such as blood tests (hemoglobin levels, RBC count, WBC count), medical history, symptoms, and any other health-related data that you input into the app for the purpose of receiving insights.
- Device and Usage Data: Technical information such as IP address, device type, operating system, browser type, and location data. This data helps us improve app performance and enhance user experience.
2. How We Use Your Data
We use the collected information for the following purposes:
- To Provide Healthcare Insights: The information you provide, such as health data (hemoglobin levels, blood counts, etc.), is used temporarily to offer personalized health insights and guidance based on the data you input into the app.
- Real-Time Processing: Your personal and health data is used only for the duration of your session with the app. This data is processed in real-time and is not stored once the session ends.
- To Improve Our Service: We may use non-identifiable data (such as usage metrics, device data) to improve app functionality and the user experience.
- Compliance with Legal Requirements: We may process your data to comply with applicable healthcare regulations, such as HIPAA or GDPR. However, no personal data is retained beyond the necessary processing period.
3. Data Retention
We do not retain your personal or health information beyond the session in which it is entered.
- No Data Retention: Once you finish using the app, all data you entered (including health information) is permanently deleted from our servers. We do not store or keep any personal or health data after it is processed.
- Temporary Storage: Data is temporarily stored only for the duration of your session to provide you with real-time health insights and guidance. Once the session ends, all data is deleted.
4. GDPR Compliance
If you are located in the European Union (EU) or the European Economic Area (EEA), the General Data Protection Regulation (GDPR) provides you with specific rights and protections regarding your personal data. We are committed to complying with GDPR requirements.
Under the GDPR, you have the following rights regarding your personal data:
- Right to Access: You have the right to request access to your personal data that we hold. Since we do not retain personal data after processing, we can only provide access to data within the session.
- Right to Rectification: If you believe that the personal data we hold is inaccurate, you can request to correct it. This can be done while your session is still active.
- Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data. Since we do not retain personal data after the session ends, your data is automatically deleted once your session is complete.
- Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data if you believe it is inaccurate or if you believe that we are processing it unlawfully.
- Right to Data Portability: You can request a copy of the personal data we have collected from you in a structured, commonly used, and machine-readable format.
- Right to Object: You have the right to object to the processing of your personal data. If we are processing your data for purposes other than providing you with the app’s services, you can object to this processing.
- Right to Withdraw Consent: If you have provided consent for us to process your data, you have the right to withdraw that consent at any time. You can withdraw consent by simply stopping the use of the app, and we will delete your data as per our data retention policy.
How to Exercise Your GDPR Rights
You can exercise any of the above rights by contacting us at the contact details provided below. We will respond to your request within the time frame specified by GDPR (usually within 30 days).
If you are unsatisfied with how we handle your data or if you believe we are not complying with GDPR, you have the right to lodge a complaint with a supervisory authority in your country.
5. Data Security
While your data is temporarily stored during the session, we take the security of your information seriously:
- Encryption: All sensitive data, including personal and health information, is transmitted over encrypted channels (using HTTPS) to protect it during transfer.
- Access Control: We restrict access to the data to authorized personnel only, and all information is deleted as soon as the session ends.
- Secure Deletion: Once the session is completed, all data is permanently deleted, and there are no backups of your personal or health data.
6. Third-Party Sharing
We do not share your personal or health data with third parties for any reason, except in the following cases:
- With Service Providers: We may share information with trusted third-party service providers to support the functionality of our app (e.g., cloud hosting, data processing). These third parties are contractually obligated to keep your information confidential and delete it after processing.
- Legal Obligations: If required by law or regulation, we may share data with authorities to comply with legal obligations. However, this does not involve the retention of personal or health information.
7. User Rights
In addition to your rights under GDPR, you also have the following rights regarding your personal data:
- Access: You can access the personal and health data you’ve entered into the app during your session. Since the data is not stored after the session ends, once it is deleted, it cannot be retrieved.
- Correction: If you notice any inaccuracies in the data entered during your session, you can correct it while the session is still active.
- Deletion: As we do not retain any data after your session ends, there is no need to request deletion of your data, as it is automatically deleted.
- Withdrawal of Consent: If you no longer wish to provide your data, you can stop using the app at any time. Once you exit the app, no further data is processed or retained.
8. Children’s Privacy
Our app is not intended for children under the age of 13, and we do not knowingly collect personal information from children. If we learn that we have inadvertently collected personal data from a child under the age of 13, we will delete it immediately.
9. International Data Transfers
If you are accessing our app from outside the European Union (EU) or European Economic Area (EEA), please note that your data may be temporarily transferred to servers located in other countries. By using our app, you consent to the processing and transfer of your data in accordance with this Privacy Policy.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes to this policy through email or in-app notifications.
Please review this Privacy Policy periodically for updates.
11. Contact Us
If you have any questions or concerns about this Privacy Policy, how your data is handled, or wish to exercise any of your GDPR rights, please contact us at:
