WeCare ("WeCare", "we", "us", or "our") operates the WeCare mobile application and related services (the "Service"). This Privacy Policy explains what personal and health information we collect, how we use and protect it, who we share it with, and the choices and rights you have. By using WeCare, you agree to the practices described here.
WeCare is not a substitute for emergency care. If you have a medical emergency, call your local emergency number (112 in India) or go to the nearest hospital immediately.
Contents
1. Information we collect 2. How we use your information 3. Legal bases & consent 4. How we share information 5. Third-party services 6. Data retention 7. How we protect your data 8. Your rights & choices 9. Account & data deletion 10. Children's privacy 11. Changes to this policy 12. Contact us1. Information we collect
We collect only the information needed to provide healthcare services to you:
Information you provide
- Account & identity: mobile phone number (used for OTP-based login), name, email, age, gender, and—if you choose to link it—your ABHA (Ayushman Bharat Health Account) ID.
- Health profile: blood group, height, weight, known allergies, medical conditions, and activity information you choose to add.
- Medical records: prescriptions, lab reports, imaging, and other documents you upload.
- Family members: details of family members you add to manage their care.
- Appointments & consultations: bookings, consultation notes, and messages exchanged with care providers.
- AI assistant content: symptoms, questions, and messages you send to the in-app AI health assistant.
- Practitioner data (doctors/nurses): professional registration details (e.g. NMC number), identity documents, specialty, and practice details submitted for verification.
Information collected automatically
- Location: with your permission, approximate or precise device location to show nearby doctors and enable home-visit services. You can deny or revoke this at any time in your device settings.
- Device & push tokens: a push-notification (FCM) token and basic device information to deliver appointment and account notifications.
- Diagnostics: crash and performance data to keep the app stable.
2. How we use your information
- Authenticate your account and secure access via one-time passwords (OTP).
- Connect you with verified doctors, enable bookings, video consultations, and home nursing visits.
- Store and organise your medical records and make them available to you.
- Provide AI-assisted symptom guidance and translate content into your chosen language.
- Process payments for consultations and services.
- Send appointment reminders, confirmations, and important account notifications.
- Verify the credentials of doctors and nurses applying to join the platform.
- Maintain security, prevent fraud and abuse, and comply with legal obligations.
3. Legal bases & consent
We process your information based on your consent (which you provide on first use and can withdraw), to perform the services you request, and to comply with applicable law including the Digital Personal Data Protection Act, 2023 and applicable health-data regulations in India. Health information is treated as sensitive personal data and is processed only with your consent or as permitted by law.
4. How we share information
We do not sell your personal or health information. We share it only as follows:
- With your care providers: the doctors and nurses you book or consult, so they can deliver care.
- With service providers: trusted third parties that help us operate the Service (see Section 5), bound by confidentiality and data-protection obligations.
- For legal reasons: when required by law, regulation, legal process, or to protect the rights, safety, and security of users and the public.
- With your consent: in any other case, only after you authorise it.
5. Third-party services
WeCare relies on the following sub-processors to deliver specific features. Each receives only the data needed for its function:
- Cloud hosting — secure servers that store your account and health data.
- Google Firebase — push notifications and crash/diagnostics reporting.
- SMS provider — delivery of one-time login passwords to your phone.
- OpenAI — powering the AI health assistant and symptom triage. Messages you send to the assistant are processed to generate a response.
- Sarvam AI — translating in-app content into Indian languages.
- Cashfree — secure payment processing. Card and payment details are handled by the payment gateway, not stored by WeCare.
- Mappls (MapmyIndia) — maps and location for finding nearby doctors.
- Jitsi — secure video consultation infrastructure.
- Verification partners — services used to verify practitioner registration (e.g. NMC) during onboarding.
6. Data retention
We retain your information for as long as your account is active or as needed to provide the Service. Medical records may be retained for the period required by applicable medical-records and tax/legal regulations. When you delete your account, we delete or irreversibly anonymise your personal data within 30 days, except where we are legally required to retain certain records (see our Account & Data Deletion page).
7. How we protect your data
- Encryption of data in transit (HTTPS/TLS) and at rest.
- OTP-based authentication and access tokens; no passwords stored in plain text.
- Role-based access — staff data and patient data are separated, and practitioners are verified before activation.
- Sensitive integration keys are held server-side and never embedded in the app.
No method of transmission or storage is 100% secure, but we work continually to protect your information.
8. Your rights & choices
Subject to applicable law, you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data (you can edit your profile in-app).
- Withdraw consent for processing, including location and notifications.
- Delete your account and associated data (see Section 9).
- Grieve — raise a concern with our Grievance Officer at the contact below.
9. Account & data deletion
You can request deletion of your WeCare account and personal data at any time. Full instructions, what is deleted, and what may be retained for legal reasons are on our dedicated Account & Data Deletion page.
To request deletion, email mp@wecarehospitals.in from your registered email or with your registered phone number, with the subject line "Delete my account".
10. Children's privacy
WeCare is intended for users aged 18 and over. A parent or guardian may manage care for a minor as a family member under their own account. We do not knowingly create independent accounts for children. If you believe a child has created an account, contact us and we will remove it.
11. Changes to this policy
We may update this Privacy Policy from time to time. We will revise the "Last updated" date above and, for material changes, notify you in the app. Your continued use of WeCare after changes take effect constitutes acceptance.
12. Contact us
For any privacy question, request, or grievance, contact our Grievance Officer:
WeCare — Privacy & Grievance
Email: mp@wecarehospitals.in
We aim to respond to all requests within 30 days.