KarunyaCare is operated by Spackey Digital. This Privacy Policy applies to the KarunyaCare mobile application on the Apple App Store and Google Play Store. By using KarunyaCare, you agree to the practices described here.
1. Information We Collect
Information You Provide
| Category | Data Collected | Purpose |
|---|---|---|
| Account | Full name, phone number, email address | Authentication and profile creation |
| Health Records | Medical reports, prescriptions, diagnoses, visit notes | Providing healthcare services |
| Appointments | Date, time, doctor, reason for visit, status | Booking and managing consultations |
| Images / Files | Photos of documents, medical reports | Uploading records for consultation |
| Communications | Chat messages during video consultation | In-consultation communication |
Automatically Collected
- Device type, operating system version
- App version and session timestamps
- Crash reports and performance data (anonymous)
- Network type (for connectivity checks)
Via Device Permissions
- Camera & Microphone: Only during active video consultations
- Photo Library: Only when you choose to upload a file
- Notifications: For appointment reminders and alerts
2. How We Use Your Information
- Authenticate your identity via OTP (one-time password)
- Create and manage your patient or doctor profile
- Schedule, confirm, and manage appointments
- Facilitate real-time video consultations between patients and doctors
- Store and display medical reports and prescriptions
- Send appointment reminders and notifications
- Improve app performance and fix technical issues
- Comply with applicable laws and regulations
We do not use your health data for advertising, profiling, or sale to third parties.
3. Information Sharing
We Share Data With
- Your Healthcare Provider — doctors and care staff you book appointments with can view your relevant health records.
- Google Firebase (Google LLC) — backend infrastructure for authentication, database, file storage, and cloud functions.
- WebRTC Peers — during video calls, audio/video streams are peer-to-peer and not recorded or stored by us.
We Do Not Share With
- Advertisers or marketing platforms
- Data brokers
- Insurance companies without explicit consent
- Any third party not listed above
We may disclose information if required by law or court order.
4. Data Storage & Security
All data is stored securely in Google Firebase infrastructure. Security measures include:
- All data in transit encrypted via TLS 1.2+
- All data at rest encrypted by Firebase
- Phone authentication with OTP — no passwords stored
- Firestore Security Rules restricting access to authorised users only
- Sensitive tokens stored in device secure enclave (iOS Keychain / Android Keystore)
- Role-based access control — doctors can only see their patients' data
While we take all reasonable precautions, no method of electronic storage is 100% secure. We cannot guarantee absolute security of data transmitted over the internet.
5. Data Retention
We retain your data for as long as your account is active. When you delete your account:
- Profile, appointments, and associated data permanently deleted within 30 days
- Medical reports stored in Firebase Storage permanently deleted
- Anonymous crash/analytics data may be retained up to 12 months
Request account deletion at any time from Profile → Delete Account in the app.
6. Your Rights
| Right | How to Exercise |
|---|---|
| Access — view data we hold | Profile screen in the app |
| Correction — update incorrect data | Edit profile in the app |
| Deletion — permanently delete account | Profile → Delete Account |
| Portability — export your data | Contact us via email |
| Objection — object to processing | Contact us via email |
We comply with the Digital Personal Data Protection Act, 2023 (DPDP Act) of India.
7. Health Data & Medical Disclaimer
Medical Disclaimer: KarunyaCare is a healthcare coordination and telemedicine platform, not a substitute for in-person medical care. Always consult a qualified medical professional for medical decisions.
Health data is used solely to facilitate your care. We do not:
- Sell or license your health data to third parties
- Use health data for insurance underwriting
- Use health data to train AI/ML models without explicit consent
- Share identifiable health data with employers
8. Children's Privacy
KarunyaCare is not directed to children under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided personal information through our app, please contact us immediately and we will delete it.
9. Device Permissions
| Permission | When Used | Revocable |
|---|---|---|
| Camera | Active video consultations only | Yes — device Settings |
| Microphone | Active video consultations only | Yes — device Settings |
| Photo Library | Only when uploading a document | Yes — device Settings |
| Notifications | Appointment reminders and updates | Yes — device Settings |
| Internet | All app functionality | N/A |
10. Third-Party Services
| Service | Provider | Purpose |
|---|---|---|
| Firebase Auth | Google LLC | Phone OTP authentication |
| Cloud Firestore | Google LLC | Database storage |
| Firebase Storage | Google LLC | Medical document storage |
| Cloud Functions | Google LLC | Server-side logic |
| WebRTC | Open-source | Video calls (peer-to-peer) |
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes we will update the "Last Updated" date and notify you via in-app notification.
Continued use of KarunyaCare after changes become effective constitutes acceptance of the revised policy.
12. Contact Us
For privacy-related questions, data requests, or concerns:
Spackey Digital — KarunyaCare Privacy Team
India
We respond to all privacy requests within 14 business days.