MediSoldier
Privacy Policy
Last updated: July 2026
1. Introduction & Scope
MediSoldier ("MediSoldier", "we", "us", or "our") operates an India-based online pharmacy and medicine-delivery service. Customers can order prescription and over-the-counter (OTC) medicines through our mobile app or over WhatsApp, discover affordable generic substitutes with the same composition, and have their orders dispensed by licensed partner pharmacies and delivered to their pincode.
This Privacy Policy explains what information we collect, how we use and share it, and the choices and rights you have. It applies to our app, website, WhatsApp interactions, and related services (together, the "Services"). By using the Services, you agree to the practices described here.
Please note that Schedule H, Schedule H1, and other prescription-only drugs can only be dispensed against a valid prescription issued by a registered medical practitioner, as required under Indian law. This document is a general template provided for transparency and is not legal advice.
2. Information We Collect
To provide the Services, we collect the following categories of information:
- Identity & contact details — your name and phone number (stored in E.164 format), which is also used for OTP-based login.
- Delivery addresses — the addresses and pincodes where you want your medicines delivered.
- Uploaded prescriptions — images or documents you upload so that prescription medicines can be validated and dispensed.
- Insurance & medical documents — insurance papers and other health-related documents you choose to store or share with us.
- Order & payment records — your order history, items ordered, invoices, amounts, and payment status (payment card and banking details are handled by our payment processor, not stored by us).
- Device push tokens — identifiers used to send you order and delivery notifications.
- Usage & log data — technical information such as device and app details, IP address, timestamps, and interactions with the Services, collected to keep the platform secure and working.
3. How We Use Your Information
We use the information we collect to:
- Fulfil, process, and track your medicine orders;
- Suggest affordable generic substitutes with the same composition as the medicines you search for or order;
- Arrange dispensing by licensed partner pharmacies and delivery to your address;
- Provide customer support and respond to your queries;
- Send you transactional and service notifications (for example, order confirmations, dispatch and delivery updates) via push notifications and WhatsApp;
- Verify prescriptions and comply with applicable pharmacy, drug, tax, and other legal requirements; and
- Maintain the security, integrity, and proper functioning of the Services.
4. Sharing & Processors
We do not sell your personal data. We share your information only as needed to run the Services and with the following categories of trusted partners and processors:
- Partner / licensed pharmacies — to dispense your medicines against valid prescriptions and prepare your order.
- Razorpay — our payment gateway, to securely process payments and refunds.
- Gupshup / WhatsApp — to deliver order-related messaging and notifications over WhatsApp.
- Supabase — our cloud hosting and database provider, which stores your data on our behalf.
- Delivery partners — to complete last-mile delivery of your order to your address.
We may also disclose information where required by law, to comply with legal process, or to protect the rights, safety, and property of our users, partners, or MediSoldier.
5. Health Data Sensitivity & Consent
Prescriptions, insurance papers, medical documents, and order details reveal information about your health, and we treat them as sensitive personal information. By uploading such documents and placing orders, you give your explicit consent for us and our partner pharmacies to process this information for the purpose of validating and fulfilling your orders and providing the Services.
We access and share your health information only to the extent necessary for these purposes, and you may withdraw your consent at any time by contacting us or deleting your account, subject to the legal retention requirements described below.
6. Cookies & Local Storage
Our app and website use cookies, local storage, and similar technologies to keep you signed in, remember your preferences, maintain session security, and understand how the Services are used. You can control or clear cookies and local storage through your browser or device settings, though some features may not work correctly if you disable them.
7. Data Security
We take reasonable technical and organisational measures to protect your information, including encryption of data in transit, access controls that limit who can view your data, and row-level security (RLS) policies on our database so that you can generally only access your own records. While no system can be guaranteed to be completely secure, we work to protect your information against unauthorised access, alteration, disclosure, or destruction.
8. Data Retention
We keep your personal information for as long as your account is active and as needed to provide the Services. Some records — such as prescriptions, invoices, and order and payment records — are retained for longer where we are required to keep them to meet legal, tax, and pharmacy compliance minimums under Indian law. When information is no longer required, we take steps to delete or anonymise it.
9. Your Rights & Choices
Subject to applicable law, you can:
- Access the personal information we hold about you;
- Ask us to correct information that is inaccurate or out of date;
- Request deletion of your account and associated data via our account deletion page, subject to records we must retain for legal and compliance reasons; and
- Opt out of marketing or promotional messages at any time (service and order-related messages will still be sent).
To exercise any of these rights, you can use the tools in the app or contact us at the address below.
10. Children's Privacy
The Services are intended for adults and are not directed at children under the age of 18. We do not knowingly collect personal information from minors without the consent of a parent or guardian. If you believe a minor has provided us with personal information, please contact us so we can take appropriate action.
11. International Transfers & Hosting
Your data is stored and processed on cloud infrastructure provided by Supabase and our other processors, which may host or process data in locations outside India. Where this happens, we take reasonable steps to ensure your information continues to be protected in accordance with this Privacy Policy and applicable law.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you through the app or other channels. Your continued use of the Services after an update means you accept the revised policy.
13. Governing Law & Contact
This Privacy Policy is governed by the laws of India, and any disputes relating to it are subject to the jurisdiction of the courts of India.
If you have any questions, requests, or concerns about this Privacy Policy or how we handle your information, please contact us at support@medisoldier.com.
