Privacy Policy

Introduction

CharakX ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered healthcare platform, including our website, mobile applications, and WhatsApp integration services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Services.

Information We Collect

Personal Information

We may collect personally identifiable information that you voluntarily provide when using our Services, including:

• Name, email address, and phone number
• Healthcare facility information (clinic name, address, registration numbers)
• Doctor credentials and qualifications
• Patient demographic information (name, age, gender, contact details)
• Medical information including visit records, prescriptions, and health data
• Appointment and scheduling information
• WhatsApp conversation data for booking purposes

Automatically Collected Information

When you access our Services, we automatically collect certain information, including:

• Device information (type, operating system, unique identifiers)
• Log data (IP address, browser type, pages visited, time spent)
• Usage patterns and feature interactions
• Location data (if permitted by you)

How We Use Your Information

We use the information we collect for various purposes, including:

• Providing and maintaining our healthcare platform services
• Processing appointment bookings via WhatsApp and web
• Generating AI-powered clinical summaries and recommendations
• Managing patient records and visit history
• Creating and managing digital prescriptions
• Sending appointment reminders and notifications
• Improving and personalizing user experience
• Analyzing usage patterns to enhance our Services
• Communicating with you about updates and new features
• Ensuring security and preventing fraud
• Complying with legal obligations

WhatsApp Integration

Our platform integrates with WhatsApp Business API to provide appointment booking services. When you interact with our WhatsApp service:

• We receive your phone number and message content
• Conversation history is stored for booking context and continuity
• Messages are processed by our AI to understand booking intent
• Your data is transmitted securely via WhatsApp's encrypted infrastructure
• We do not sell or share your WhatsApp data with third parties for marketing

Our use of WhatsApp Business API complies with Meta's Platform Terms and WhatsApp Business Policy. You can opt out of WhatsApp communications at any time by messaging "STOP" or contacting us directly.

Data Security

We implement robust security measures to protect your information:

• Encryption of data in transit (TLS/SSL) and at rest (AES-256)
• Secure authentication and access controls
• Regular security audits and vulnerability assessments
• Employee training on data protection practices
• Incident response procedures for potential breaches
• Compliance with healthcare data protection standards

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• With Healthcare Providers: Patient data is shared with authorized healthcare facilities and doctors you interact with
• Service Providers: Third-party vendors who assist in operating our Services (hosting, analytics, communication)
• Legal Requirements: When required by law, court order, or government regulation
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• With Your Consent: When you explicitly authorize sharing

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Medical records are retained in accordance with applicable healthcare regulations. You may request deletion of your data, subject to legal and regulatory requirements.

Your Rights

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (subject to legal requirements)
• Portability: Receive your data in a portable format
• Objection: Object to certain processing activities
• Withdrawal: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided below.

Children's Privacy

Our Services are not intended for children under the age of 18 without parental or guardian involvement. Healthcare information for minors is managed by their authorized guardians or healthcare providers. We do not knowingly collect personal information from children without appropriate consent.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes. Changes are effective when posted on this page.