ArcmedX

Privacy Policy for ArcmedX Android App

Effective Date: July 31, 2025

1. Introduction

UPHEAD MANAGEMENT CONSULTING PRIVATE LIMITED ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our ArcmedX Android mobile application, a multivendor hospital asset service management platform.

This policy applies specifically to the Android version of ArcmedX and complies with applicable laws including the Information Technology Act, 2000 (India), General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA) where applicable.

2. Information We Collect

2.1 Personal Information

  • Name, email address, phone number, and professional credentials
  • Hospital/healthcare facility information and registration details
  • Role-specific information (administrator, technician, hospital staff)
  • Profile pictures and identification documents (when required)

2.2 Technical Information

  • Device information (Android version, device model, unique device identifiers)
  • App usage data and analytics
  • Location data (when permission granted for service assignments)
  • Firebase Cloud Messaging tokens for push notifications
  • Network and connection information
  • Device storage access for document and photo management

2.3 Service-Related Data

  • Equipment service requests and maintenance history
  • Task assignments and completion status
  • Communication logs within the platform
  • Photos and documentation related to service requests

3. How We Use Your Information

  • Facilitate user registration and account management
  • Enable hospital onboarding and verification processes
  • Process and manage equipment service requests
  • Assign tasks to appropriate technicians
  • Send notifications about service updates and system alerts
  • Improve app functionality and user experience
  • Ensure platform security and prevent fraud
  • Comply with legal obligations and regulatory requirements

4. Android-Specific Permissions

Our Android app may request the following permissions to provide our services:

  • Camera: To capture images of equipment for service requests
  • Location: To assign technicians based on proximity to service locations
  • Storage: To save and access documents and photos
  • Phone: To facilitate direct communication for urgent service requests
  • Notifications: To send push notifications about service updates
  • Network Access: To communicate with our servers and other users

You can manage these permissions through your Android device settings at any time.

5. Information Sharing and Disclosure

5.1 Within the Platform

Information is shared between registered hospitals, technicians, and service providers as necessary to fulfill service requests and maintain equipment.

5.2 Third-Party Service Providers

We may share information with trusted third-party service providers who assist us in operating the platform, including:

  • Google Firebase for analytics and crash reporting
  • Cloud hosting providers for data storage
  • Communication service providers

5.3 Legal Requirements

We may disclose information when required by law, court order, or government regulation, particularly under Indian IT laws and healthcare regulations.

6. Data Security

We implement industry-standard security measures to protect your information, including:

  • End-to-end encryption for sensitive communications
  • Secure data transmission using HTTPS/TLS protocols
  • Regular security audits and vulnerability assessments
  • Access controls and multi-factor authentication
  • Secure cloud infrastructure with reputable providers
  • Regular backup and disaster recovery procedures
  • Compliance with Android security best practices

7. Your Rights

Under applicable laws, you have the following rights regarding your personal data:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data (subject to legal requirements)
  • Portability: Request transfer of your data to another service
  • Objection: Object to processing of your personal data
  • Withdrawal: Withdraw consent for data processing
  • Opt-out: Unsubscribe from marketing communications

8. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. Specific retention periods include:

  • Account information: Until account deletion or 7 years after last activity
  • Service records: 7 years for compliance with healthcare regulations
  • Technical logs: 2 years for security and debugging purposes
  • Communication records: 3 years for audit and compliance purposes
  • Crash reports and analytics: 90 days for app improvement

9. International Data Transfers

Your data may be processed and stored on servers located outside India, including Google's global infrastructure for Firebase services. We ensure appropriate safeguards are in place to protect your data during international transfers, including contractual protections and compliance with applicable data protection laws.

10. Google Play Services

Our Android app utilizes Google Play Services, which may collect additional information as described in Google's Privacy Policy. This includes:

  • Device and app usage information for Google Analytics
  • Crash reports through Firebase Crashlytics
  • Push notification delivery through Firebase Cloud Messaging

You can opt out of certain Google services through your Google account settings.

11. Children's Privacy

Our service is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information from our systems.

12. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy in the app
  • Updating the "Effective Date"
  • Sending push notifications for significant changes
  • Displaying in-app notices when you next use the service

Continued use of the app after changes constitutes acceptance of the updated policy.

13. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

UPHEAD MANAGEMENT CONSULTING PRIVATE LIMITED

Email: contact@arcmedx.com

Privacy Officer: privacy@arcmedx.com

Data Protection Officer: dpo@arcmedx.com

14. Compliance

This Privacy Policy is designed to comply with:

  • Information Technology Act, 2000 and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (India)
  • General Data Protection Regulation (GDPR) for EU users
  • California Consumer Privacy Act (CCPA) for California residents
  • Google Play Developer Policy
  • Android App Bundle security requirements