MedZyGo MedZyGo
Available in English
Menu
HomeFor UsersFor Providers Find Care Now

Privacy Policy

Last updated: 2026-06-27

This Privacy Policy explains how [COMPANY LEGAL NAME] (“MedZyGo”, “we”, “us”, “our”) collects, uses, shares, and protects personal data when you use the MedZyGo mobile application and website (the “Platform”). We act as a Data Fiduciary and process personal data in accordance with India’s Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable law. Contact: help@medzygo.com.

By using the Platform you acknowledge this Policy. Where the law requires consent, we will ask for it and you may withdraw it at any time (see Section 9).

Health-related information can be sensitive. We collect only what we need to help you discover care, we do not sell your data, and you control the symptom and location information you choose to share.

1. Scope

This Policy applies to personal data we process about Users and Providers through the Platform. It does not apply to the practices of Providers or other third parties whose services you discover or use through the Platform — their handling of your data is governed by their own policies.

2. Information we collect

You provide:

  • Health / symptom input — descriptions you choose to enter to find relevant care.
  • Contact and profile details — such as name, phone number, or email when you contact us, create an account, or register as a Provider.
  • Provider information — establishment details, licences, and listing content submitted by Providers.

Collected automatically:

  • Approximate or precise location — only with your device permission, to show nearby services.
  • Device and usage data — such as device type, operating system, browser, language, pages viewed, and interactions, collected via cookies and similar technologies and analytics.
  • Log data — such as IP address and timestamps, for security and diagnostics.

We do not require you to create an account simply to browse and discover services.

3. How we use your information

We use personal data to:

  • operate the Platform and show you relevant, nearby healthcare options;
  • process symptom text through an AI model to suggest relevant specialities or services (see Section 4);
  • enable Provider listings, advertisements, health camps, and discount/tracking codes;
  • respond to your enquiries, grievances, and support requests;
  • maintain safety and security, detect and prevent fraud or abuse;
  • analyse and improve the Platform; and
  • comply with legal obligations.

4. How AI processing works

Symptom text you enter may be processed by an AI/LLM model to suggest relevant specialists or services. This output is informational only and is not medical advice (see our Terms & Conditions). We do not use this to make any solely automated decision that produces a legal or similarly significant effect on you. We aim to minimise and limit the retention of symptom text to what is needed to provide the suggestion.

We process personal data on the basis of your consent and, where applicable, for legitimate uses permitted under the DPDP Act (such as responding to your request, security, and legal compliance). Before or at the time of collecting personal data on the basis of consent, we provide notice of the data sought and the purpose. You may withdraw consent at any time; withdrawal does not affect processing already carried out and may limit features that depend on that data.

6. Sharing and disclosure

We do not sell your personal data. We may share personal data:

  • with service providers / data processors acting on our instructions (for example: cloud hosting, a maps provider, an AI/LLM provider, analytics, and communications/SMS/email providers — [NAMED SUBPROCESSORS — to be completed]), bound to use it only to provide their service;
  • with a Provider you choose to contact, to the extent needed to facilitate your request;
  • where required by law, legal process, or a governmental authority, or to protect rights, safety, and security; and
  • in connection with a business transfer (merger, acquisition, or reorganisation), subject to this Policy.

7. Cookies and similar technologies

We use necessary and analytics cookies and similar technologies to operate the Platform, remember preferences (such as language), and understand usage. You can control cookies through your browser or device settings; disabling some may affect functionality.

8. Data retention

We retain personal data only for as long as necessary to fulfil the purposes in this Policy, to provide the Platform, and to comply with legal, accounting, or reporting requirements ([RETENTION PERIOD — to be completed]). When no longer required, we delete or anonymise it in accordance with the DPDP Act.

9. Your rights as a Data Principal

Subject to the DPDP Act, you have the right to:

  • access a summary of the personal data we process about you and the processing activities;
  • correction, completion, and updating of your personal data;
  • erasure of your personal data where it is no longer necessary;
  • withdraw consent at any time;
  • nominate another individual to exercise your rights in case of death or incapacity; and
  • grievance redressal (see Section 13).

To exercise any right, contact our Grievance Officer at help@medzygo.com. We may need to verify your identity before acting on a request.

10. Security

We use reasonable technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. If a personal data breach occurs, we will follow the notification requirements under applicable law.

11. Children and persons with a guardian

The Platform is not directed at children. We do not knowingly process the personal data of a child (under 18) or of a person with a lawful guardian without obtaining verifiable consent of the parent or lawful guardian as required by the DPDP Act, and we do not undertake tracking, behavioural monitoring, or targeted advertising directed at children.

12. International transfers

We primarily process data in India. Where data is processed or stored outside India (for example by a service provider), we take steps to ensure it is handled consistently with this Policy and applicable law, and only to countries not restricted under the DPDP Act.

13. Grievance redressal

If you have a question, concern, or complaint about how we handle your personal data, contact our Grievance Officer:

  • Grievance Officer: [GRIEVANCE OFFICER NAME]
  • Email: help@medzygo.com
  • Address: [REGISTERED ADDRESS]

We will acknowledge and respond within the timelines required by applicable law. If you are not satisfied, you may have the right to escalate to the Data Protection Board of India under the DPDP Act.

The Platform may link to third-party sites and services (Providers, maps, app stores). We are not responsible for their content or privacy practices. Please review their policies before sharing information with them.

15. Changes to this Policy

We may update this Policy from time to time. We will revise the “last updated” date above and, where appropriate, notify you through the Platform. Your continued use after changes take effect indicates acceptance of the updated Policy.

16. Contact

For privacy questions or to exercise your rights: help@medzygo.com — [COMPANY LEGAL NAME], [REGISTERED ADDRESS].