Privacy Policy

When you use DoctorUndo as a patient, we collect your name, mobile number, and optional reason for visit — only what's needed to book your appointment. We do not collect payment card details (payments are handled by Razorpay, a PCI-DSS certified gateway). When a clinic registers, we collect clinic name, location, doctor profiles, and schedule information to power the booking system.

Your mobile number is used to send a WhatsApp or SMS booking confirmation and appointment reminders. We do not sell your data to third parties, advertisers, or insurance companies. We may use anonymised, aggregated data (e.g., "most booked specialty in Thrissur") to improve our service and publish public health insights.

We share only the minimum necessary information with the clinic you book with — your name, phone number, and appointment time. Clinics are contractually prohibited from using this data for any purpose other than your appointment. We use trusted third-party services including Supabase (database hosting), Razorpay (payments), and MSG91 (SMS/WhatsApp). Each is bound by strict data processing agreements.

Appointment records are retained for 24 months to support your booking history. You may request deletion of your account and data at any time by contacting privacy@doctorundo.com. We will complete deletion within 30 days.

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We follow OWASP security guidelines and conduct periodic security reviews. In the event of a breach affecting your data, we will notify you within 72 hours as required by the DPDP Act 2023.

Under India's Digital Personal Data Protection Act 2023, you have the right to access, correct, and erase your personal data. To exercise any of these rights, contact us at privacy@doctorundo.com with your registered mobile number.

We use minimal cookies: a session token to keep you logged in, and anonymous analytics (Plausible Analytics — no cross-site tracking, no fingerprinting). We do not use advertising cookies.

For privacy-related questions or requests, email privacy@doctorundo.com. Our registered office is in Kochi, Kerala, India.