1. Information We Collect & Categorization
At NearRx, we are committed to protecting your privacy and ensuring the security of your personally identifiable information (PII) and sensitive personal data or information (SPDI). We collect several categories of information to provide and improve our services, including: (a) Personal identifiers such as your name, mobile phone number, email address, and physical delivery address; (b) Billing information, subscription history, and payment transactions; (c) Healthcare details such as prescription images, doctor appointment booking details, and requested laboratory tests; and (d) Technical data such as device IP addresses, browser types, session activity logs, and mobile operating system models.
2. Device Location Permissions & Spatial Geolocation
Our platform promises hyper-local medicine delivery and diagnostic blood collections within 30 to 60 minutes. To perform this matchmaking, our mobile applications require access to your device's precise GPS coordinates. We access location data in two ways: (a) Foreground location: accessed while you are actively browsing the map or looking up nearby stores; and (b) Background location: accessed to calculate exact distance metrics and route delivery requests. You can disable location tracking in your mobile operating system settings, but doing so will significantly limit the core matchmaking functionalities of the User App.
3. Camera & Storage Access for Prescription Uploads
To order prescription-required medicines or submit verification documents, the applications require permission to access your device's camera and local media storage. Uploaded prescription images are transmitted securely over SSL/TLS and saved in private Firebase Cloud Storage buckets under the prescriptions/ directory. These files are protected by Firebase Security Rules and are made accessible solely to the designated registered pharmacy partner fulfilling your order and our authorized administrative audit team.
4. Partner Identification & Aadhaar Verification Data
To verify the authenticity of pharmacy and laboratory owners, partners are required to upload business drug licenses, GSTIN certificates, store layout images, and Aadhaar card details. Aadhaar verification is processed securely through standard client-side OTP simulations, and raw Aadhaar numbers or biometric details are never stored, cached, or processed on our backend database systems. Uploaded drug licenses are stored in the licenses/ directory in Firebase Storage, accessible exclusively to platform administrators for partner review and approval.
5. Data Sharing, Disclosure & Third-Party Limitations
NearRx maintains a strict zero-sharing policy with third-party marketing firms, brokers, or external advertisers. We do not sell, rent, or lease your personal, geographical, or healthcare information. Your data is disclosed only under the following limited circumstances: (a) To the specific pharmacy partner, diagnostic lab agent, or medical professional assigned to fulfill your order; (b) To secure payment gateway partners to authorize subscription plans or online transactions; and (c) To government authorities, courts, or law enforcement bodies when required by applicable laws, subpoenas, or judicial warrants.
6. Data Storage Retention & Security Standards
All user and partner information is stored securely in regional Google Cloud Platform (GCP) datacenter instances. We retain personal and healthcare records only as long as necessary to fulfill the purposes described in this policy, manage active accounts, or comply with legal holding periods mandated under Indian pharmaceutical regulations. We implement technical controls including end-to-end SSL/TLS encryption for data in transit, database access logging, and strict Firebase Authentication handshakes.
7. User Rights over Healthcare Data
You have full control over your personal and health data stored on NearRx. You have the right to: (a) Access, review, and extract a copy of your personal details, order history, and uploaded prescriptions; (b) Request correction of any inaccurate or outdated profile information; and (c) Request permanent deletion of your user account and all associated personal data from our active database nodes. Note that certain transactional records may be retained in secure archive files to comply with tax, drug control, or financial regulations.
8. Children's Privacy
NearRx is not designed or intended for use by children under the age of 18. We do not knowingly collect personal or medical information from minors. If you are under 18, you may use the platform only under the active supervision of a parent or legal guardian who accepts and agrees to these policies.
9. Grievance Redressal Officer
In accordance with the Information Technology Act, 2000 and rules made thereunder, any grievances, complaints, or questions regarding this Privacy Policy must be addressed to our designated Grievance Officer at shubhamnath143@gmail.com.