Privacy Policy

Last updated: 15 June 2026

This Privacy Notice for NephroNest ("we", "us", or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our Services — including when you visit our website at https://nephronest.com, download and use our mobile application, or use NephroNest to manage your renal health. NephroNest is provided for informational purposes only and is not a substitute for professional medical advice. If you have questions, contact us at Nestnephro@gmail.com.

1. What information do we collect

Personal information you provide to us — the data we collect depends on how you use the Services. It may include:

• Names
• Phone numbers
• Email addresses
• Passwords
• Contact or authentication data

Sensitive information. With your consent, we process health data — the symptoms and questions you submit to the AI assistant, the medical concern you describe when booking, and the contents of medical reports you upload.

Social login data. If you register using Google, we receive your name, email, and profile photo from Google. See "How do we handle your social logins?" below.

Application data. With your permission we may access approximate device location (only when you tap "Near Me") to show nearby doctors and centers, and basic mobile-device data.

Automatically collected information. We collect log and usage data, device data, and approximate location (IP address, device/browser type, request logs) to keep the Services secure and working. We do not use analytics or advertising trackers.

Google API. Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

2. How do we process your information

We process your information to:

• facilitate account creation, authentication, and account management;
• deliver and facilitate delivery of the Services to you;
• respond to your inquiries and offer support;
• send you administrative information (account, booking, and policy notices);
• manage your bookings and requests made through the Services;
• enable user-to-user communications (connecting you with doctors for consultations);
• protect our Services, including fraud monitoring and prevention;
• evaluate and improve our Services and your experience;
• comply with our legal obligations; and
• provide AI-generated health information — we process the symptoms, questions, and medical reports you submit to generate informational AI health analyses through a third-party AI service, for informational purposes only and not as medical advice or diagnosis.

3. When and with whom do we share your personal information

We may share your information in the following situations:

• AI service providers — we share the input (symptoms, questions, report content) and output with Groq to power the AI features.
• Infrastructure providers — Google Firebase (authentication, database, hosting) and Cloudflare (secure API proxy; stores only per-user rate-limit counters, no health data).
• Maps — OpenStreetMap serves map tiles; your location is not sent to it.
• Business transfers — we may share or transfer your information in connection with a merger, financing, or acquisition of our business.

4. Do we offer AI-based products

Yes. We provide AI products (including a health-assistant chatbot) through a third-party AI service provider, Groq. Your input, output, and personal information are shared with and processed by this provider to enable the AI features. AI output may be inaccurate and is not medical advice, diagnosis, or treatment.

5. How do we handle your social logins

You can register or log in using your Google account. When you do, we receive certain profile information from Google — typically your name, email address, and profile picture. We use it only for the purposes described in this notice. Please review Google’s privacy notice for how they handle your information.

6. How long do we keep your information

We keep your personal information for as long as your account is active or as needed to provide the Services and meet legal obligations. When there is no ongoing legitimate need to process it, we will delete or anonymise it, or securely store and isolate it until deletion is possible.

7. How do we keep your information safe

We use appropriate technical and organisational security measures, including HTTPS/TLS in transit and encryption at rest, with access restricted so users can only access their own records. However, no transmission or storage method is 100% secure.

8. Do we collect information from minors

No. We do not knowingly collect data from or market to children under 18. By using the Services, you represent that you are at least 18. If you believe we have collected such data, contact us at Nestnephro@gmail.com and we will take reasonable steps to delete it.

9. What are your privacy rights

You may review, change, or terminate your account at any time. If we rely on your consent, you may withdraw it at any time — withdrawal is as easy as giving consent — without affecting prior lawful processing. To exercise your rights, contact us at Nestnephro@gmail.com.

10. Controls for Do-Not-Track features

Most browsers and some mobile systems offer a Do-Not-Track ("DNT") setting. No uniform DNT standard has been finalised, so we do not currently respond to DNT signals. If a standard is adopted, we will update this notice.

11. India data protection (DPDP Act 2023) & health data

If you are located in India, we act as a "Data Fiduciary" under the Digital Personal Data Protection Act, 2023. We process your personal data, including sensitive health information, only with your consent and only for the purposes described in this policy. You have the right to access, correct, and erase your personal data, to withdraw your consent at any time (withdrawal is as easy as giving consent), and to nominate another individual to exercise your rights in the event of death or incapacity.

Health and medical information you provide — including symptoms, questions, and uploaded medical reports — is processed to generate informational AI analyses through a third-party AI provider. This is for informational and educational purposes only and is not medical advice, diagnosis, or treatment. Uploaded report files are not stored; only the resulting analysis is retained.

To exercise any of your rights, or to raise a grievance, contact our Grievance Officer at Nestnephro@gmail.com. We will respond within the timelines required by applicable law.

12. Do we make updates to this notice

Yes. We will update this notice as necessary to stay compliant with relevant laws, revising the "Last updated" date above. Material changes may be notified within the Services.

13. How can you contact us about this notice

If you have questions or comments about this notice, email us at Nestnephro@gmail.com.

14. How can you review, update, or delete your data

You have the right to request access to, correction of, or deletion of your personal information. To do so, email Nestnephro@gmail.com or use the in-app "Delete my account & data" option in your Profile.