docr is a digital healthcare platform that helps patients connect with doctors, book consultations, manage prescriptions, and access medical records securely.

How do I book a doctor consultation on docr?

Patients can book a consultation by selecting a doctor, choosing an available time slot, and confirming the appointment through the docr platform.

Are my health records safe on docr?

Yes. docr uses secure systems and strict access controls to protect patient health information.

docr - Privacy Policy

Privacy Policy

Oct. 22, 2025

Updated :
Oct. 22, 2025

Introduction

Overview

Docr (“Platform”) is a digital healthcare platform developed and operated by Advanced MechIntel Dynamics Private Limited (“AMID”), based in Indore, Madhya Pradesh, India. Docr is committed to safeguarding the privacy and security of all users, including doctors, patients, and affiliated partners, who access or interact with its services.

This Privacy Policy outlines how Docr collects, uses, stores, discloses, and protects personal data in accordance with the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
Scope

This Policy applies to all individuals and entities using Docr, including registered doctors, automatically created patient accounts, franchise partners, and administrative users, across web and mobile platforms. It governs how personal and medical information is collected, stored, shared, and processed through the platform’s ecosystem.
User Consent

By accessing or using the Docr platform, you agree to the practices described in this Privacy Policy. If you do not agree with any part of this policy, you must discontinue the use of Docr’s services. Your continued usage constitutes acknowledgment and acceptance of this Privacy Policy.

Information We Collect

Overview

Docr collects personal and medical information that is essential for providing healthcare and platform-related services. The type and extent of data collected depend on whether you are a Doctor or a Patient and how you interact with the platform.
Information Collected from Patients

When a doctor creates a consultation, Docr automatically generates a patient account to securely store relevant consultation data. Upon login, the patient gains complete control over their data and profile. Docr may collect the following information from patients:

• Full name, phone number, and email address
• Profile photo and optional identification details
• Medical history, symptoms, and consultation notes
• Uploaded reports, prescriptions, and diagnostic documents
• Audio recordings or transcriptions related to consultations
• Photos or videos shared for medical review
• Payment-related information (if applicable during future integrations)
• Location data to assist in appointment or clinic mapping
Information Collected from Doctors

Docr collects details necessary to verify and display professional credentials, manage consultations, and maintain compliance with medical data standards. This includes:

• Name, contact information, and email address
• Qualifications, registration number, and specialization
• Clinic name, address, and operating hours
• Profile photo and verification documents (such as ID or certificate copies)
• Consultation data, prescriptions, and medical notes created through the platform
• Audio files or speech-to-text data generated using AI-assisted tools
Automatically Collected Information

Docr may automatically collect limited technical data such as:

• IP address and browser type
• Device information and operating system
• Activity logs and interaction patterns
• Cookies and analytics data for improving performance and user experience

This data helps in maintaining service stability, enhancing security, and improving overall platform functionality.

How We Use Your Information

Purpose of Data Usage

Docr uses collected information strictly for legitimate operational, medical, and administrative purposes. The data helps deliver a secure, personalized, and efficient experience for both doctors and patients. Your data will never be sold, traded, or used for any unrelated commercial purpose.
For Patients

Patient data is primarily used to:

• Create and maintain secure patient accounts automatically when a consultation is initiated.
• Store consultation records, prescriptions, and uploaded reports for ongoing access.
• Enable communication and follow-up between patients and their consulting doctors.
• Generate AI-assisted medical summaries, report interpretations, and recommendations (if enabled by the doctor).
• Improve platform experience through analytics and usage insights.
For Doctors

Doctor data is used to:

• Display verified professional profiles and clinic information to patients.
• Manage appointments, consultations, and patient interactions.
• Facilitate AI-assisted prescription writing, diagnosis support, and medical note transcription.
• Maintain account security, track performance, and ensure compliance with medical regulations.
For Platform Operations

General operational usage includes:

• Ensuring platform reliability, uptime, and data integrity.
• Analyzing aggregated user behavior for improving system performance.
• Detecting, preventing, and resolving technical or security issues.
• Communicating important service-related updates or policy changes.
AI Data Usage

Docr integrates select AI tools, including Google Gemini and other trusted services, to enhance the platform’s medical assistance features. When enabled by a doctor, certain consultation or report data may be securely transmitted for AI-based analysis. Such data transfers are handled responsibly, ensuring minimal disclosure and compliance with privacy standards.

AI and Third-Party Tools

Purpose of AI Integration

Docr integrates artificial intelligence (AI) tools to enhance diagnostic accuracy, streamline prescription writing, and assist doctors with data interpretation. These integrations are designed to support, not replace, medical decision-making, and are only activated when explicitly initiated by a verified doctor.
Data Handling and Transmission

When AI features are enabled, Docr may transmit certain anonymized or context-specific data (such as patient symptoms, uploaded reports, or clinical notes) to third-party AI systems like Google Gemini or equivalent technologies for processing.

All transfers occur through secure, encrypted channels and only after the doctor’s explicit consent. Sensitive identifiers such as patient names or contact information are not shared unless necessary for clinical context.
Third-Party Service Providers

Certain services, such as hosting, analytics, and AI computation, may rely on third-party providers bound by strict confidentiality and data protection agreements. These providers process data solely for the purposes defined by Docr and are not authorized to retain or reuse the data for any other activity.
Human Oversight and Consent

AI-generated insights are always subject to human verification. Docr ensures that no automated diagnosis, treatment recommendation, or prescription is made without a doctor’s review and approval.

Users (both doctors and patients) have the right to withdraw consent for AI-based data processing at any time by contacting info@amidsystems.com. Once withdrawn, Docr will immediately disable AI-related access for that account.
Compliance and Transparency

All AI integrations on Docr adhere to the principles of fairness, accountability, and transparency as guided by the Digital Personal Data Protection Act, 2023. The platform ensures that users remain informed about when and how their data interacts with AI tools.

Data Storage and Security

Secure Infrastructure

All user data on Docr is securely stored across verified and compliant infrastructure providers, including STPI servers, Vercel, and Hostinger. These servers maintain industry-standard encryption, controlled access, and redundancy measures to ensure reliability and data safety.
Data Protection Measures

AMID employs a combination of administrative, technical, and physical safeguards to protect all user information. This includes:

• End-to-end encryption for sensitive communication and records
• Access control with multi-factor authentication for internal users
• Regular security audits, log monitoring, and data integrity checks
• Enforced compliance with IT Rules 2011 and Digital Personal Data Protection Act, 2023
Data Access

Access to user data is limited to authorized personnel who require it to operate or support Docr’s services. Every access is logged and monitored to prevent misuse or unauthorized viewing. Doctors only have access to patient data relevant to their consultations.
Transmission and Encryption

All communications between users and Docr servers occur over encrypted channels (HTTPS/SSL). Uploaded media, consultation notes, and prescriptions are stored securely and retrieved only when required for patient or doctor access.
Limitations and User Responsibility

While AMID takes every reasonable precaution to secure data, no online platform can guarantee absolute security. Users are advised to maintain confidentiality of their credentials and exercise caution when sharing sensitive information.

By using Docr, users acknowledge that they do so at their discretion and agree to notify info@amidsystems.com in case of any suspected breach or unauthorized access.

Data Sharing

Internal and Authorized Access

Docr limits data access strictly to authorized personnel of Advanced MechIntel Dynamics Private Limited (AMID) and its operational partners who require such access for legitimate business or technical purposes. All such personnel are bound by confidentiality and data protection obligations.
Doctor–Patient Data Exchange

To facilitate consultations, certain personal and medical information is shared between the concerned doctor and patient. This includes consultation notes, uploaded reports, prescriptions, and communication logs. Such sharing is essential to the core functionality of Docr and is done only within the secure ecosystem of the platform.
Third-Party Service Providers

Docr may engage third-party service providers for hosting, analytics, AI processing, or other operational tasks. These providers process data solely for the purpose of enabling Docr’s services and are not permitted to use, store, or disclose information for any unrelated purpose.

Each third-party provider is evaluated for compliance with applicable data protection and security standards before any data exchange is initiated.
Legal and Regulatory Disclosures

AMID may disclose user information to government authorities, courts, or law enforcement agencies if required under applicable law, court order, or legal process. Such disclosures are made in good faith and only when necessary to comply with legal obligations, enforce terms, or protect user safety.
Non-Disclosure for Commercial Gain

Docr does not sell, rent, or trade user data to any third party for marketing or advertising purposes. All user data is handled ethically and transparently in alignment with the principles of the Digital Personal Data Protection Act, 2023.

Your Rights

Right to Access

Users have the right to request access to the personal data held about them by Docr. Upon verification, AMID will provide a summary of the categories of data collected, the purpose of processing, and any third parties with whom such data has been shared.
Right to Correction

Users may request correction or updating of inaccurate or incomplete information at any time through their Docr account settings or by contacting our support team at info@amidsystems.com. Docr will take reasonable steps to validate and implement such corrections promptly.
Right to Withdraw Consent

Users may withdraw previously granted consent for the collection, use, or disclosure of their data. However, such withdrawal may limit or disable access to certain features or services on the platform. Docr will honor consent withdrawal requests except where data retention is mandated by law or medical record-keeping standards.
Right to Deletion

Users can request deletion of their personal data by submitting a verified request to Docr. Certain medical data may be retained for record-keeping or legal compliance in accordance with medical practice regulations.
Right to Complaint and Redressal

If users believe their data has been mishandled, they may file a complaint with the AMID Data Protection Officer at info@amidsystems.com. Docr will investigate and respond within a reasonable timeframe. Users may also escalate concerns to the relevant data protection authority under Indian law if unsatisfied with the resolution.

Retention of Data

General Retention

Docr retains personal and medical information for as long as it is necessary to provide healthcare services, maintain compliance with applicable regulations, and fulfill contractual or legal obligations. Once data is no longer required for these purposes, it will be securely deleted or anonymized.
Medical Records

Medical data, including consultation notes, prescriptions, and uploaded reports, may be retained for a longer duration in accordance with recognized medical record-keeping laws and best practices. This ensures continuity of care, future reference, and compliance with professional standards.
Legal and Compliance Requirements

Certain data may be preserved beyond the service period to comply with legal obligations, respond to lawful requests, resolve disputes, or enforce agreements. Such retention will always adhere to the minimum duration required by applicable laws.
Deletion Requests

Users may request deletion of their personal information at any time by contacting info@amidsystems.com. Docr will review and process such requests within a reasonable timeframe, subject to medical and legal data retention requirements.

Cookies and Analytics

Use of Cookies

Docr uses cookies and similar technologies to enhance your browsing experience, store user preferences, and ensure seamless functionality across web and mobile platforms. These cookies enable session management, security validation, and personalization of content for both doctors and patients.
Analytics Tools

Docr may integrate third-party analytics tools such as Google Analytics or equivalent services to monitor user engagement and understand platform usage patterns. This helps improve performance, identify usability challenges, and guide future product enhancements.
Data Collected Through Analytics

Analytics data is collected in aggregated and anonymized form. No personally identifiable medical or personal information is shared or sold to any third party for marketing purposes. Insights derived are used solely for improving Docr’s user experience and technical reliability.
User Control

You may choose to disable or restrict cookies through your browser settings. Please note that disabling cookies may affect certain functionalities, such as secure login sessions and user personalization.
Periodic Review

Docr periodically reviews all third-party analytics integrations to ensure compliance with privacy standards and applicable data protection laws. Any major change in analytics partners or practices will be reflected in an updated version of this policy.

Franchise Expansion

Overview

As Docr expands through its franchise network, participating doctors or clinics may operate under Docr’s branding and digital infrastructure. This involves standardized systems for appointments, consultations, and data management, all governed by Docr’s data protection framework.
Data Handling Across Franchises

Franchise partners will have access only to data necessary for managing their respective clinics or patients. All shared data is protected under strict access control measures, encrypted communications, and confidentiality agreements in compliance with Docr’s core privacy policy.
Independent Data Responsibilities

Each franchise entity is responsible for maintaining compliance with local data protection laws and ensuring that all staff members adhere to Docr’s privacy and ethical standards. Docr monitors data security practices periodically to ensure alignment with its centralized policy.
Transparency with Users

Patients and doctors using franchise-operated platforms will be clearly informed about the ownership and management of the respective clinic, including how their data is processed within that local entity.

Updates to This Policy

Policy Revisions

Docr may update this Privacy Policy periodically to reflect changes in operational practices, legal requirements, or the introduction of new services and technologies. All updates will be effective immediately upon posting on the platform unless otherwise stated.
User Notification

In case of significant changes, such as new data usage practices or third-party integrations, users will be notified through email or prominent in-app messages before the revisions take effect. Continued use of the platform after such notice constitutes acceptance of the updated terms.
Version Control

Each version of this policy will include a “Last Updated” date for transparency. Users are encouraged to review this policy periodically to stay informed about how their data is managed and protected.

Contact Information

Primary Contact

For any privacy concerns, data protection inquiries, or to exercise your rights under this Privacy Policy, users can contact our data protection team directly at:

info@amidsystems.com
Postal Address

Advanced MechIntel Dynamics Private Limited
Indore, Madhya Pradesh, India
Response Time

Our team strives to respond to all valid privacy-related requests within a reasonable timeframe, typically within 15 working days, unless additional verification or documentation is required.
Escalation

If you are unsatisfied with our response or believe your data rights have been infringed, you may escalate the matter to the concerned data protection authority under applicable Indian law.

Pricing Terms of Use Privacy Policy Blogs

Crafted in Indore, INDIA

Privacy Policy

Oct. 22, 2025

Updated : Oct. 22, 2025

Log in to docr

Updated :
Oct. 22, 2025