Diagnopedia Medical Bot (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered medical chatbot service (the “Service”).
Please read this Privacy Policy carefully. By using the Service, you consent to the practices described in this policy.
2.1 Information You Provide Directly
Account Information
- Email address (if provided)
- User type selection (Patient, Physician, or Medical Student)
- Professional credentials (for healthcare professionals)
- Payment information (processed by third-party payment processors)
Chat Messages
- All messages you send to the chatbot
- Your questions and the bot’s responses
- Chat session timestamps and metadata
- Session identifiers
Feedback and Ratings
- Satisfaction ratings you provide
- Feedback comments
- Feature usage preferences
2.2 Information Collected Automatically
Usage Data
- IP address
- Browser type and version
- Device information (type, operating system)
- Referring/exit pages
- Date and time of access
- Pages viewed and features used
- Chat session duration
Technical Data
- Session tokens and cookies
- API request logs
- Error logs and diagnostic information
- WebSocket connection data
Analytics Data
- Aggregate usage statistics
- Response times and performance metrics
- Feature adoption rates
- Topic frequency analysis
2.3 Information from Third Parties
We may receive information from:
- Payment processors (transaction confirmation, payment status)
- AI service providers (usage logs for troubleshooting)
- Website integration (site URL, user session data if integrated via plugins)
3.1 To Provide and Improve the Service
- Deliver AI responses to your medical questions
- Maintain chat history during your active subscription
- Personalize responses based on your user type (Patient/Physician/Student)
- Improve AI accuracy through machine learning and model refinement
- Detect and prevent security threats and abuse
3.2 For Business Operations
- Process payments and manage subscriptions
- Send service notifications (subscription expiration, service updates)
- Provide customer support and respond to inquiries
- Monitor performance and troubleshoot technical issues
- Conduct analytics to understand usage patterns
3.3 For Security and Compliance
- Detect fraud and unauthorized access attempts
- Log security incidents and malicious activity for protection
- Comply with legal obligations and respond to lawful requests
- Enforce our Terms and Conditions
3.4 For Communication
- Send subscription renewal reminders when your 30-day period is ending
- Notify you of service updates or policy changes
- Respond to support requests and inquiries
- Deliver important service announcements
We will NOT use your information for:
- Unsolicited marketing or promotional emails (unless you opt-in)
- Selling your data to third parties
- Sharing identifiable medical conversations with third parties without consent
4.1 Service Providers
We share information with trusted third-party service providers who assist in operating the Service:
AI Service Providers
- Your chat messages are processed by third-party AI services to generate responses
- These providers’ data usage is governed by their respective privacy policies
- We use industry-leading AI models for natural language processing
- AI service providers may retain data according to their policies
Payment Processors
- Payment information is collected and processed by third-party payment providers
- We do not store complete credit card numbers
- Payment processors handle PCI DSS compliance
Cloud Infrastructure Providers
- Service hosting and database management
- Data backups and disaster recovery
- Performance monitoring tools
Analytics Services
- Aggregate usage analytics
- Performance monitoring
- Error tracking
4.2 Legal Requirements
We may disclose your information if required to:
- Comply with applicable laws, regulations, or legal processes
- Respond to lawful requests from public authorities
- Protect our rights, property, or safety
- Prevent fraud or security threats
- Enforce our Terms and Conditions
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner. We will notify you of any such change and give you the option to delete your data.
4.4 With Your Consent
We may share your information with third parties when you explicitly consent to such sharing.
5.1 Data Storage
Secure Database Storage
- Chat sessions are stored in secure database systems
- Messages and metadata are retained during active subscriptions
- User preferences and settings
- Payment transaction records (encrypted and tokenized)
Specialized Storage
- Medical knowledge and reference data are stored in secure systems
- Your interactions are processed for semantic understanding
- No personally identifiable information is stored with reference data
Data Location
- Primary servers are located in secure data centers
- Backup systems are maintained for reliability and disaster recovery
- Data may be processed in multiple jurisdictions for service delivery
5.2 Security Measures
We implement comprehensive, industry-standard security measures to protect your information by appropriate Data Protection , Application Security,Infrastructure Security, and Access Controls.
5.3 Data Retention
During Active Subscription
- Only the latest 10 chat history retained and accessible
- Session data is maintained for service delivery
- Usage analytics are continuously collected
After Subscription Expiration
- Chat history is retained for 90 days after the subscription ends
- You can request data deletion at any time
- After 90 days, chat history is automatically deleted unless you renew
Aggregate Data
- Anonymized, aggregate analytics may be retained indefinitely
- No personally identifiable information in aggregate data
6.1 Access and Portability
6.1 Correction and Deletion
You have the right to:
- Correct inaccuracies: Update incorrect personal information
- Delete your account: Request complete deletion of your account and data
6.2 Do Not Sell My Personal Information
We do NOT sell your personal information to third parties.
6.3 Exercising Your Rights
To exercise any of these rights:
- Email us at: support@diagnopediaglobal.com
- Include your account details and specific request
- We will respond within 30 days
- Verification may be required to protect your privacy
7.1 Types of Cookies We Use
Essential Cookies
- Session cookies: Maintain your login state and active session
- Security cookies: Protect against unauthorized access and security threats
- Required for Service functionality and security
Analytics Cookies (Optional)
- Track usage patterns and feature adoption
- Monitor performance and errors
- Help us improve the Service
- You can opt out without affecting functionality
7.2 Managing Cookies
You can control cookies through:
- Browser settings (most browsers allow blocking cookies)
- Account preferences (for logged-in users)
Note: Disabling essential cookies may prevent the Service from functioning properly.
8.1 Website Integration
If you access the Service through a website plugin or integration:
- The host website may collect additional information
- That site’s privacy policy applies to their data collection
- We only receive information necessary for Service delivery
8.2 External Links
The Service may contain links to external websites. We are not responsible for:
- Privacy practices of third-party sites
- Content on external websites
- Your interactions with third parties
Please review the privacy policies of any third-party sites you visit.
The Service is NOT intended for users under 18 years of age. We do not knowingly collect information from children under 18.
If you believe we have inadvertently collected information from a child:
- Contact us immediately at support@diagnopediaglobal.com
- We will promptly delete such information
- We will take steps to prevent future collection
10.1 Cross-Border Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.
10.2 Safeguards
When transferring data internationally, we:
- Ensure adequate protection mechanisms are in place
- Comply with applicable data transfer regulations
10.3 User Consent
By using the Service, you consent to the transfer of your information to our servers and service providers globally.
- The Service is intended for users globally, but may not be available in all jurisdictions
- We make no claims that the Service is appropriate or available outside of India.
- If you access the Service from outside our primary service areas in India, you do so at your own risk
- You are responsible for compliance with local laws
11.1 Legal Basis for Processing
We process your data based on:
- Consent: You agreed to use the Service
- Contract performance: Necessary to provide the Service
- Legitimate interests: Service improvement, security, analytics
- Legal obligations: Compliance with applicable laws
- The Service is intended for users globally, but may not be available in all jurisdictions
- We make no claims that the Service is appropriate or available outside of India.
- If you access the Service from outside our primary service areas in India, you do so at your own risk
- You are responsible for compliance with local laws
11.1 Legal Basis for Processing
We process your data based on:
- Consent: You agreed to use the Service
- Contract performance: Necessary to provide the Service
- Legitimate interests: Service improvement, security, analytics
- Legal obligations: Compliance with applicable laws
12.1 Right to Modify
We may update this Privacy Policy from time to time to reflect:
- Changes in our practices
- Changes in applicable laws
- New features or services
- User feedback
12.2 Notification of Changes
We will notify you of material changes by:
- Posting the updated policy with a new “Last Updated” date
- Sending email notifications (if email provided)
- Displaying a notice on the Service
12.3 Continued Use
Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy. If you do not agree, you must stop using the Service and may request data deletion.
For questions, concerns, or requests regarding this Privacy Policy or your personal information:
General Privacy Inquiries: Email: support@diagnopediaglobal.com
Data Protection Officer (GDPR): Email: dpo@diagnopediaglobal.com
General Support: Email: support@diagnopediaglobal.com Website: diagnopediaglobal.com
We will respond to all inquiries within 30 days.
