MedisuperiorMedisuperior

Legal · Privacy

Privacy Policy

Effective 1 January 2026 · Last updated 1 January 2026 · Version 1.0

We take privacy seriously. This policy explains, in plain language, what we collect and why — and the strong protections around patient health data.

Contents

  1. Scope and who we are
  2. Information we collect
  3. Patient health data
  4. How we use information
  5. Google user data
  6. Sharing and disclosure
  7. Storage and security
  8. Data retention
  9. Your rights and choices
  10. Cookies and tracking
  11. Children
  12. Changes to this policy
  13. Contact us

01Scope and who we are

Medisuperior (“Medisuperior”, “we”, “us”) provides software that helps clinics, hospitals and pharmacies manage reception, doctor consultations, the laboratory, in-patient care, the pharmacy, billing and reporting (the “Service”). This Privacy Policy explains what information we collect, how we use it, and the choices you have.

When a clinic or healthcare provider (the “Provider”) uses the Service to manage their operations, the Provider is the data controller for the patient and operational records they create, and Medisuperior acts as a data processor on their behalf. When you sign up directly with us — for example as a clinic owner, doctor or staff member — we act as the controller of your own account information.

02Information we collect

Account and profile information

Your name, email address, phone number, role (owner, doctor, receptionist, lab technician, pharmacist), and the credentials you use to sign in. If you sign in with Google, we receive your basic Google profile (name, email address and profile picture) as permitted by the scopes you approve.

Clinic and business information

Clinic or pharmacy name, addresses, GST and tax identifiers, branch details, staff accounts and configuration you set up.

Operational data you create

Records you enter while using the Service, such as appointments and tokens, prescriptions, lab orders and results, inventory and purchase records, invoices and payments.

Technical and usage data

Device and browser information, IP address, log data, and basic usage analytics needed to operate, secure and improve the Service.

03Patient health data

Patient records belong to the Provider. When a Provider uses the Service to record patient details, prescriptions, lab results or billing, that data is entered and controlled by the Provider. We process it only to provide the Service, under the Provider’s instructions, and we do not use patient health data for advertising or sell it to anyone.

Providers are responsible for obtaining any consent required from their patients and for using the Service in line with applicable medical and data-protection laws.

04How we use information

  • To provide, maintain and secure the Service and your account.
  • To process subscriptions, payments and onboarding.
  • To provide support, respond to requests and send service-related notices.
  • To improve features, reliability and performance.
  • To detect, prevent and address fraud, abuse or security issues.
  • To comply with legal obligations.

We do not sell your personal information, and we do not use patient health data for advertising.

05Google user data

If you choose to sign in with Google, we request only the limited scopes needed to authenticate you and create your account — typically your name, email address and profile picture. We use this information solely to sign you in and identify your account.

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not transfer or use Google user data for serving ads, and we do not allow humans to read it except where required for security, to comply with the law, or with your explicit consent.

06Sharing and disclosure

We share information only as needed to run the Service:

  • Service providers — trusted vendors who host our infrastructure, process payments, or send communications on our behalf, under confidentiality obligations.
  • Within your organisation — data is visible to authorised staff according to the role-based permissions the Provider configures.
  • Legal reasons — where required by law, regulation or valid legal process, or to protect rights, safety and security.
  • Business transfers — in connection with a merger, acquisition or sale of assets, with continued protection of your information.

07Storage and security

We use industry-standard safeguards including encryption in transit, access controls, and role-based permissions. Critical actions such as bill edits or adding vendors require owner approval. While no system is perfectly secure, we work to protect your information and to limit access to those who need it.

08Data retention

We keep account and operational data for as long as your account is active and as needed to provide the Service. After termination, data may be retained for a limited period to meet legal, tax, accounting and dispute-resolution requirements, after which it is deleted or anonymised. Providers may request export or deletion of their data as described below.

09Your rights and choices

Depending on your location and role, you may have the right to access, correct, export or delete your personal information, and to object to or restrict certain processing. To exercise these rights, contact us at lokeshkachchhawa@gmail.com. If you are a patient, please contact the clinic or pharmacy that holds your records, as they control that data.

10Cookies and tracking

We use essential cookies and similar technologies to keep you signed in, remember preferences, and understand basic usage so we can improve the Service. We do not use advertising cookies. You can control cookies through your browser settings, though some features may not work without them.

11Children

The Service is intended for use by healthcare businesses and their staff, who must be 18 or older. It is not directed to children, and we do not knowingly collect personal information from children except as patient records entered and controlled by a Provider.

12Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes we will update the “Last updated” date and, where appropriate, notify you. Your continued use of the Service after changes take effect means you accept the updated policy.

13Contact us

For any privacy questions or requests, contact:

Medisuperior
Email: lokeshkachchhawa@gmail.com
Phone: +91 97942 84884
Bikaner, Rajasthan, India

← Back to home