Qure – Privacy Policy

Last updated: November 2025

This Privacy Policy explains how Qure ("Qure", "we", "our", "us") collects, uses, discloses, and protects personal data, including health-related information, when you use our website, WhatsApp chatbot, and teleconsultation services (collectively, the "Services").

By using the Services, you consent to the practices described in this Privacy Policy, in line with applicable law.

---

1. Scope & Roles

This Policy applies to:

• patients, users, or visitors using our website or WhatsApp chatbot,
• individuals booking or attending consultations,
• Healthcare Providers using our platform in connection with Qure.

Depending on the specific context:

• Qure may act as an independent controller/data fiduciary for certain processing activities (e.g., platform operations, security, analytics), and
• as a processor/service provider for Healthcare Providers for certain clinical data processing.

We are committed to handling all personal data lawfully, fairly, and securely.

---

2. Information We Collect

We collect only what we reasonably need to provide and improve the Services.

2.1 Information You Provide

• Identity & contact details: name, mobile number, email, age/date of birth, gender.
• Account & interaction data: OTP verification, chat interactions with our chatbot, appointment preferences.
• Health information (sensitive personal data): symptoms, medical history, reports, prescriptions, consultation details and notes, as shared by you or recorded during consultations.
• Support & feedback: messages you send for help, complaints, or suggestions.

2.2 Automatically Collected Information

When you access our website or Services, we may collect:

• IP address and general location (city/region level),
• device, browser, and operating system information,
• access logs, timestamps, pages or screens viewed,
• technical diagnostic and performance data.

We may use cookies or similar technologies for security, essential functionality, and basic analytics. We do not use invasive tracking for unrelated advertising.

2.3 Information from Third Parties

From integrated third-party services, we may receive:

• message delivery and read status from WhatsApp Business API providers,
• transaction references and status (success/failed) from payment gateways,
• technical and usage data from hosting, analytics, and video platforms.

We do not receive or store your full card or UPI details from payment providers.

---

3. How We Use Your Information

We use personal data for the following purposes:

1. Service Delivery
   • Schedule and manage appointments.
   • Enable communication between you and Healthcare Providers.
   • Send confirmations, reminders, follow-up links, and relevant notifications.
2. Medical & Operational Support
   • Allow Healthcare Providers to review your information and provide consultations.
   • Maintain appropriate consultation records as required by medical and legal standards.
3. Payments
   • Process consultation fees through secure payment gateways.
   • Handle billing queries, refunds (where applicable), and receipts.
4. Security & Compliance
   • Detect and prevent fraud, abuse, or security incidents.
   • Comply with legal obligations, regulatory requirements, and healthcare regulations.
5. Improvement & Analytics
   • Improve our Services, user experience, and reliability using aggregated or de-identified data.
   • Monitor performance and troubleshoot technical issues.

We do not sell your personal data to third parties.

---

4. Legal Basis & Consent

Where applicable, we rely on:

• Consent: for teleconsultations, WhatsApp communication, and processing of health information.
• Contractual necessity: to provide the Services you request.
• Legal obligations: for record retention, regulatory compliance, and responding to lawful requests.
• Legitimate interests: for securing our platform, preventing misuse, and improving services in a manner that respects your rights.

You may withdraw consent for certain non-essential processing (e.g., marketing messages) at any time by contacting us or using available opt-out options. Withdrawal of consent will not affect processing already carried out lawfully.

---

5. Sharing of Information

We share personal data only as necessary and with appropriate safeguards:

5.1 Healthcare Providers

• Your relevant personal and health information is shared with Healthcare Providers to enable them to deliver consultations and follow-up care.

5.2 Service Providers / Processors

We may share limited data with trusted third parties who help us operate our Services, such as:

• WhatsApp Business API / messaging providers,
• cloud hosting and infrastructure providers,
• payment gateways,
• video conferencing platforms,
• security, logging, and analytics tools.

They are required to use the data only to perform services for Qure and to apply appropriate security measures.

5.3 Legal & Regulatory

We may disclose information when required to:

• comply with law, regulation, legal process, or lawful request,
• protect the rights, property, or safety of users, Healthcare Providers, Qure, or the public.

5.4 Business Transfers

If Qure is involved in a merger, acquisition, restructuring, or asset sale, personal data may be transferred as part of that transaction, subject to continued protection and lawful processing.

We do not share your health information with third parties for their independent advertising or unrelated marketing.

---

6. International Data Transfers

Some service providers or servers used by Qure may be located outside your country.

Where cross-border data transfers occur, we:

• use reputable providers with appropriate technical and organizational safeguards,
• ensure that data is handled in accordance with this Policy and applicable legal requirements.

If future regulations impose specific cross-border requirements, we will align our practices accordingly.

---

7. Data Retention

We retain personal data:

• for as long as necessary to provide the Services,
• for periods mandated by medical, tax, regulatory, or legal requirements,
• or until you request deletion, where such deletion is permitted and not in conflict with legal obligations.

When data is no longer needed, we take reasonable steps to securely delete it or irreversibly anonymize it.

---

8. Security Measures

We implement reasonable technical and organizational measures to protect personal data, including:

• encryption in transit where appropriate,
• access controls and authentication,
• role-based access for sensitive health information,
• regular monitoring and logging for suspicious activities.

However, no system is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

---

9. WhatsApp & Communication Policy

By interacting with our official WhatsApp numbers or chatbot:

• you consent to receiving messages related to your healthcare interactions, including:
  • appointment scheduling and reminders,
  • consultation links,
  • payment links and confirmations,
  • follow-up instructions and support;
• messages are processed via WhatsApp and integrated providers in accordance with their terms and our agreements.

We will never ask for your passwords or full payment details over WhatsApp. If you receive suspicious messages claiming to be from Qure, please contact us immediately.

---

10. Children's Data

Our Services may be used on behalf of minors (under 18) only:

• with the involvement or consent of a parent or legal guardian, or
• in accordance with applicable laws and medical guidelines.

We do not knowingly provide unsupervised teleconsultation services to minors in violation of applicable regulations.

If you believe we have collected a child's data contrary to this Policy, please contact us to review or delete such information where appropriate.

---

11. Your Rights

Subject to applicable law, you may have the right to:

• Access your personal data we hold.
• Correct/Update inaccurate or incomplete information.
• Request Deletion of your data, where legally permitted.
• Withdraw Consent for specific processing where consent is the basis.
• Object or Restrict certain processing activities, where applicable.
• Lodge a Complaint with an appropriate data protection or regulatory authority.

To exercise these rights, contact us using the details in Section 12. We may take steps to verify your identity before responding.

---

12. Grievances & Contact

If you have questions, concerns, or requests related to privacy or this Policy, please contact:

Qure – Digital Healthcare Solutions
Email: healthcarequre@gmail.com
Phone: +91 8590069273
Address: Panat CMC 15, Cherthala, Kerala, India

We aim to respond within reasonable timelines and in accordance with applicable legal requirements.

---

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

• Changes will be indicated by the "Last updated" date at the top.
• For material changes, we may also provide additional notice via our website or official channels.

Your continued use of the Services after any update constitutes your acceptance of the revised Policy.

---

14. Contact for Platform & Legal Notices

For general platform or legal notices (non-privacy specific):

• Email: healthcarequre@gmail.com
• Phone: +974 9778503966 / +91 8590069273
• Address: Panat CMC 15, Cherthala, Kerala, India