ArcmedX

Privacy Policy for ArcmedX iOS App

Effective Date: July 31, 2025

1. Introduction

UPHEAD MANAGEMENT CONSULTING PRIVATE LIMITED ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our ArcmedX iOS mobile application, a multivendor hospital asset service management platform.

This policy applies specifically to the iOS version of ArcmedX and complies with applicable laws including the Information Technology Act, 2000 (India), General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA) where applicable.

2. Information We Collect

2.1 Personal Information

  • Name, email address, phone number, and professional credentials
  • Hospital/healthcare facility information and registration details
  • Role-specific information (administrator, technician, hospital staff)
  • Profile pictures and identification documents (when required)

2.2 Technical Information

  • Device information (iOS version, device model, unique device identifiers)
  • App usage data and analytics
  • Location data (when permission granted for service assignments)
  • Push notification tokens
  • Network and connection information

2.3 Service-Related Data

  • Equipment service requests and maintenance history
  • Task assignments and completion status
  • Communication logs within the platform
  • Photos and documentation related to service requests

3. How We Use Your Information

  • Facilitate user registration and account management
  • Enable hospital onboarding and verification processes
  • Process and manage equipment service requests
  • Assign tasks to appropriate technicians
  • Send notifications about service updates and system alerts
  • Improve app functionality and user experience
  • Ensure platform security and prevent fraud
  • Comply with legal obligations and regulatory requirements

4. Information Sharing and Disclosure

4.1 Within the Platform

Information is shared between registered hospitals, technicians, and service providers as necessary to fulfill service requests and maintain equipment.

4.2 Third-Party Service Providers

We may share information with trusted third-party service providers who assist us in operating the platform, including cloud hosting, analytics, and communication services.

4.3 Legal Requirements

We may disclose information when required by law, court order, or government regulation, particularly under Indian IT laws and healthcare regulations.

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Secure cloud infrastructure with reputable providers
  • Regular backup and disaster recovery procedures

6. Your Rights

Under applicable laws, you have the following rights regarding your personal data:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data (subject to legal requirements)
  • Portability: Request transfer of your data to another service
  • Objection: Object to processing of your personal data
  • Withdrawal: Withdraw consent for data processing

7. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. Specific retention periods include:

  • Account information: Until account deletion or 7 years after last activity
  • Service records: 7 years for compliance with healthcare regulations
  • Technical logs: 2 years for security and debugging purposes
  • Communication records: 3 years for audit and compliance purposes

8. International Data Transfers

Your data may be processed and stored on servers located outside India. We ensure appropriate safeguards are in place to protect your data during international transfers, including contractual protections and compliance with applicable data protection laws.

9. iOS-Specific Considerations

  • We use Apple's push notification service for app notifications
  • We may access iOS device features like camera, location, and contacts with your permission
  • We comply with Apple's App Store privacy requirements
  • Data processed through iOS features follows Apple's privacy standards

10. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy in the app and updating the "Effective Date." Continued use of the app after changes constitutes acceptance of the updated policy.

11. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

UPHEAD MANAGEMENT CONSULTING PRIVATE LIMITED

Email: contact@arcmedx.com

Privacy Officer: privacy@arcmedx.com

12. Compliance

This Privacy Policy is designed to comply with:

  • Information Technology Act, 2000 and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (India)
  • General Data Protection Regulation (GDPR) for EU users
  • California Consumer Privacy Act (CCPA) for California residents
  • Apple App Store Review Guidelines