🏥 Privacy Policy for 1Heart App

Effective Date: October 15, 2025
Policy Version: 1.0
Company: Rootlynk Technology Private Limited

📌 Quick Summary: This privacy policy explains how 1Heart, operated by Rootlynk Technology Private Limited, collects, uses, stores, and protects your personal and medical data. By using our app, you consent to these practices. This policy complies with India's Digital Personal Data Protection (DPDP) Act, 2023.​

📋 Table of Contents

1. Who We Are

2. Data We Collect

3. How We Use Your Data

4. Third-Party Services

5. Data Security

6. Data Retention

7. Your DPDP Rights

8. Account Deletion

9. Children's Privacy

10. Cross-Border Data Transfer

11. Policy Updates

12. Contact & Grievance

1. 👥 Who We Are

Data Fiduciary: Rootlynk Technology Private Limited
Registered Address: 16-9-1435, A S Reddy Nagar, Warangal, Telangana, India
Application: 1Heart - Free Cardiology Hospital Management & Patient Care System
Service: Electronic Medical Records (EMR) system for cardiac hospitals serving ration card holders in India​

Under the Digital Personal Data Protection (DPDP) Act, 2023, we are the Data Fiduciary responsible for processing your personal and sensitive medical data. You are the Data Principal with specific rights as outlined in this policy.​

2. 📊 Data We Collect

2.1 Personal Information

Personal Identifiers: Name, phone number, date of birth, address, Aadhaar number (optional, scanned for registration) - Legal Basis: User Consent​

Medical Records: Vitals (blood pressure, SpO2, heart rate, temperature), diagnoses, prescriptions, lab reports, ECG images, nursing care logs, surgery notes - Legal Basis: Healthcare Treatment (Legitimate Purpose)​

Authentication Data: Phone number for OTP login, Google Sign-In credentials - Legal Basis: Service Provision​

Financial Data: Voluntary consultation fees, medication costs (for patients who choose to pay), donation records - Legal Basis: Billing & Accounting​

AI Chat History: Health questions, symptoms described, AI assistant responses, uploaded test reports (images) - Legal Basis: User Consent (Medical Guidance)​

Device Information: Device model, operating system, app version, IP address, device ID - Legal Basis: Service Improvement & Security​

Usage Analytics: App interactions, feature usage, crash logs, performance metrics - Legal Basis: Service Improvement​

Camera/Photos: Profile pictures, Aadhaar card scans (for OCR), ECG images, test reports - Legal Basis: User Consent (Feature-Specific)​

2.2 Sensitive Personal Data (Special Category)

Under DPDP Act, the following is considered sensitive data requiring heightened protection:​

• Medical records: All vitals, diagnoses, treatments, medications

• Biometric data: Aadhaar number (when provided voluntarily)

• Financial data: Transaction history, billing records

⚠️ Camera & Photo Library Access: We request permission to access your device camera and photo library ONLY when you choose to upload a profile picture, scan an Aadhaar card for registration, or upload medical test reports. This data is used solely for the stated purpose and is not shared with any third party beyond our specified service providers. You can revoke this permission anytime through your device settings.​

3. 🎯 How We Use Your Data

We process your personal data for the following purposes:​

Healthcare & Treatment

• Provide medical care coordination and treatment tracking

• Maintain electronic medical records (EMR) for patient history

• Enable nursing staff to log daily vitals, medications, and care activities

• Alert doctors of critical patient conditions via push notifications

• Generate patient journey timelines for medical review

AI-Powered Health Assistant

• Provide medical guidance through our AI chat feature (powered by OpenRouter)

• Analyze uploaded test reports (ECG, blood tests) using Google Cloud Vision OCR

• Generate patient health summaries for staff review (anonymized after 24 hours)

Service Administration

• Authenticate users via phone OTP and Google Sign-In

• Manage user accounts and role-based permissions (patients, staff, admins)

• Process clinic registrations and staff approvals

Communication

• Send critical alerts to on-call doctors (FCM push notifications)

• Notify staff of pending patient approvals or data correction requests

• Send SMS updates to family members abroad (USA) when requested by staff

Financial Management

• Track voluntary patient payments (consultations, medications)

• Record donations to the free cardiac hospital

• Generate financial reports for clinic administrators

Analytics & Improvement

• Monitor app performance, crashes, and errors (Firebase Crashlytics)

• Analyze feature usage to improve user experience

• Generate anonymized statistics (total patients treated, outcomes) for donor reports

4. 🔗 Third-Party Services

We use the following third-party services to deliver our app functionality:​

Google Firebase: Database, authentication, file storage, analytics - Data Shared: All patient data, medical records, user credentials - Data Location: India (Mumbai, asia-south1)​

OpenRouter (AI Chat): AI-powered health assistant (GPT-4o, Gemini, DeepSeek models) - Data Shared: Chat questions, symptoms, anonymized medical context - Data Location: USA (cloud servers)​

Google Cloud Vision: OCR text extraction (Aadhaar cards, ECG images, test reports) - Data Shared: Scanned images (Aadhaar, medical reports) - Data Location: India (Mumbai)​

Firebase Crashlytics: Crash reporting and error tracking - Data Shared: Device information, app logs, crash traces (no medical data) - Data Location: Google Global Servers​

🌍 Cross-Border Data Transfer: While we primarily store data in India (Firebase Mumbai region), our AI chat feature uses OpenRouter servers located in the USA. This transfer is necessary for AI processing and is protected by Standard Contractual Clauses (SCCs) as required by DPDP Act. You can opt out of AI chat at any time.​

User-Initiated Sharing

Our app allows you to export financial reports (Excel files) or patient summaries. If you choose to share these files through external apps (WhatsApp, email), the privacy of shared data is governed by those third-party applications. We have no control over data once it leaves our app.​

5. 🔒 Data Security

We implement industry-standard security measures to protect your data:​

Technical Safeguards

• Encryption in Transit: All data transfers use HTTPS/TLS encryption

• Encryption at Rest: Medical records stored in Firebase are encrypted using AES-256

• Firebase Authentication: Secure phone OTP and Google Sign-In with multi-factor authentication

• Role-Based Access Control: 58 granular permissions limit data access by user role

• Multi-Tenancy Isolation: Each clinic's data is completely isolated via clinicId filtering

Operational Safeguards

• Staff accounts require administrator approval before accessing patient data

• All data access is logged with timestamps and user attribution (audit trail)

• Nursing logs can only be edited within 30 minutes (immutable after that)

• Critical patient alerts require doctor acknowledgment (tracked in database)

Limitations

While we use commercially reasonable security measures, no system is 100% secure. We cannot guarantee absolute security of data transmitted over the internet. You are responsible for maintaining the confidentiality of your login credentials.​

6. ⏳ Data Retention

We retain your data for the following periods, as mandated by Indian law:​

Medical Records (vitals, diagnoses, treatments): 3 years from last visit - Legal Basis: Indian Medical Council Act, 1956​

Financial Transactions: 7 years - Legal Basis: Income Tax Act, 1961​

AI Chat Logs: Until account deletion (or 3 years if anonymized) - Legal Basis: Service Improvement​

Usage Analytics: 2 years - Legal Basis: Service Improvement​

Audit Logs: 3 years - Legal Basis: DPDP Compliance​

After retention periods expire, data is permanently deleted from our servers.​

7. ✊ Your Rights Under DPDP Act, 2023

As a Data Principal under India's DPDP Act, you have the following rights:​

1. Right to Access (Section 11)

You can request a copy of all personal data we hold about you. We will provide this in a commonly used electronic format within 30 days.​

2. Right to Correction (Section 12)

If your personal information is inaccurate or incomplete, you can update it directly in the app's settings. For medical records, staff can request corrections (subject to approval).​

3. Right to Erasure (Section 12)

You can request deletion of your account at any time through the app's settings.​

4. Right to Data Portability (Section 16)

You can export your medical records (PDF format) and financial reports (Excel) directly from the app.​

5. Right to Grievance Redressal (Section 13)

If you believe your data has been mishandled, you can file a grievance.​

6. Right to Nominate (Section 15)

You can nominate another individual to exercise your rights on your behalf in case of death or incapacity.​

8. 🗑️ Account Deletion & Data Anonymization

How to Delete Your Account

You can delete your account at any time:​

1. Open the 1Heart app

2. Go to Settings → Account

3. Tap "Delete My Account"

4. Confirm deletion

What Happens When You Delete

Immediate Actions (Within 24 Hours):​

• Your personal information (name, phone, address, Aadhaar) is anonymized (replaced with "Patient-DELETED-[ID]")

• Your Firebase authentication account is permanently deleted

• You lose access to the app immediately

Retained Data (3 Years, Anonymized):​

• Medical records (vitals, medications, nursing logs) are retained in anonymized form for 3 years as required by Indian Medical Council regulations

• This data cannot be linked back to you (no name, phone, or identifiers)

• Staff can still view anonymized medical data for audit and legal compliance

Final Deletion (After 3 Years):​

• All remaining data (including anonymized medical records) is permanently deleted

• No recovery is possible

Alternative: Update Information Instead of Deletion

You can update your personal information anytime in Settings → Profile without deleting your account. Medical record corrections can be requested through staff (with approval).​

9. 👶 Children's Privacy (Under 18 Years)

Under DPDP Act 2023, individuals under 18 years are considered children requiring parental consent.​

Parental Consent

• During patient registration, we ask if the patient is under 18 years

• If yes, we require a parent or legal guardian to provide consent

• Parental consent is logged with timestamp and guardian's name

Parents' Rights

• Parents can access, correct, or delete their child's data using the same rights outlined above

• Parents can request account deletion on behalf of their child

10. 🌍 Cross-Border Data Transfer

Primary Data Storage: All medical records, patient data, and authentication information is stored in India (Firebase Mumbai region, asia-south1).​

AI Chat Processing (USA Transfer):​

• When you use the AI health assistant feature, your questions and medical context are sent to OpenRouter servers in the USA

• This is necessary for AI processing (GPT-4o, Gemini models)

• We use Standard Contractual Clauses (SCCs) to ensure DPDP compliance

• OpenRouter does not retain your data beyond processing (ephemeral)

• You can opt out by not using the AI chat feature

Crashlytics (Global): Crash logs (device info, app logs) may be processed on Google global servers for error analysis. No medical data is included in crash reports.​

11. 🔄 Privacy Policy Updates

We may update this privacy policy from time to time to reflect:​

• Changes in our data practices

• New features added to the app

• Changes in DPDP Act regulations or rules

• Addition of new third-party services

How We Notify You

• Major Changes: We will require re-consent via in-app modal (cannot be dismissed)

• Minor Changes: We will show a banner notification with "View Changes" button

• The "Last Updated" date at the top of this policy will reflect the latest changes

We encourage you to review this policy periodically. Continued use of the app after changes constitutes acceptance of the updated policy.​

12. 📞 Contact Information & Grievance Redressal

General Inquiries

Email: support@rootlynk.com
Phone: +91-6305267118 (9 AM - 6 PM IST, Monday - Saturday)
Website: https://rootlynk.com​

Data Privacy Requests

For data access, correction, or deletion requests:
Email: contact@rootlynk.com
Response Time: Within 30 days as mandated by DPDP Act​

Grievance Officer (DPDP Act Section 13)

Name: Data Protection Officer, Rootlynk Technology Private Limited
Email: contact@rootlynk.com
Address: 16-9-1435, A S Reddy Nagar, Warangal, Telangana, India
Grievance Response Time: 30 days (as per DPDP Rules)​

Registered Office

Rootlynk Technology Private Limited
16-9-1435, A S Reddy Nagar
Warangal, Telangana
India​

🔐 Legal Compliance Summary

This privacy policy complies with:​

• ✅ Digital Personal Data Protection (DPDP) Act, 2023

• ✅ DPDP Rules, 2025 (as applicable)

• ✅ Indian Medical Council Act, 1956 (3-year medical record retention)

• ✅ Income Tax Act, 1961 (7-year financial data retention)

• ✅ Information Technology Act, 2000

• ✅ Google Play Store Privacy Policy Requirements

Document Version: 1.0
Last Updated: October 15, 2025
Next Review Date: November 15, 2026

© 2025 Rootlynk Technology Private Limited. All rights reserved.
1Heart is a product of Rootlynk Technology Private Limited, designed to empower cardiac hospitals in India