Privacy Policy

1. About This App

Medical ERP is a pharmacy management system used for medicine inventory, sales, purchases, prescriptions, reports, activity logs, subscriptions, and related pharmacy operations. In this policy, "Medical ERP", "we", "our", and "us" refer to the Medical ERP application and service.

2. Information We Collect

We collect information needed to operate pharmacy management features, including:

• Account and shop information: name, phone number, email address, role, shop name, shop contact details, and login credentials.
• Medicine and inventory information: medicine names, categories, manufacturer, barcode or QR code values, batch details, expiry dates, stock levels, pricing, taxes, and reorder levels.
• Sales and purchase information: invoices, customer or supplier details, payment method, transaction amount, products sold or purchased, discounts, taxes, and billing history.
• Prescription information: prescription requirement status, prescription photos, doctor details, and related sale or medicine records when added by the user.
• Subscription and payment information: subscription plan, payment status, transaction reference, gateway order ID, gateway payment ID, and payment ledger history. We do not store complete card, UPI PIN, banking password, or sensitive payment instrument details.
• Activity and security logs: user actions, login/session activity, IP address, app user agent, timestamps, and module usage.
• Device and app information: device type, operating system, app version, crash/debug logs, and basic diagnostics needed to keep the app working.
• Camera and photo access: camera access may be used for barcode or QR scanning and prescription image capture. Photo library access may be used when a user chooses to upload an image.

3. How We Use Information

We use collected information to:

• Provide pharmacy management, inventory, billing, reporting, and subscription features.
• Authenticate users and control role-based access.
• Generate invoices, reports, activity logs, and subscription ledgers.
• Process subscription payments through payment gateway providers such as Razorpay.
• Detect errors, troubleshoot issues, secure accounts, and prevent unauthorized access.
• Improve app reliability, performance, and user experience.
• Comply with applicable legal, tax, accounting, and regulatory requirements.

4. Payment Processing

Subscription payments may be processed by third-party payment gateways, including Razorpay. When you make a payment, the payment gateway may collect and process payment details under its own terms and privacy policy. Medical ERP stores only transaction and verification details needed to confirm payment status, maintain subscription history, and support secure reconciliation.

5. Sharing of Information

We do not sell personal information. We may share information only in limited cases:

• With service providers who help host, maintain, secure, or process parts of the app.
• With payment gateway providers to initiate, verify, and reconcile payments.
• With authorized pharmacy owners, admins, and staff according to their assigned permissions.
• When required by law, court order, government request, audit, tax obligation, or to protect rights and safety.

6. Data Storage and Security

We use reasonable technical and organizational safeguards to protect data, including authenticated API access, secure token storage in the mobile app, role-based access controls, and activity logging. No system can guarantee absolute security, so users should keep their login credentials confidential and immediately report suspected unauthorized access.

7. Data Retention

We retain records for as long as needed to provide the service, maintain pharmacy records, support billing and subscription history, comply with legal or accounting obligations, resolve disputes, and enforce agreements. Some records, such as invoices, ledgers, and audit logs, may need to be retained even after an account is inactive.

8. User Choices and Rights

Depending on your role and applicable law, you may request to:

• Access, update, or correct account profile information.
• Delete or update records where deletion is allowed by the pharmacy owner and applicable law.
• Disable camera or photo access from device settings, with the understanding that scanning and image upload features may stop working.
• Request account or shop data deletion, subject to legal, audit, payment, tax, and operational retention requirements.

9. Healthcare and Prescription Data

The app may store prescription and pharmacy transaction data entered by users. Pharmacy owners and authorized staff are responsible for ensuring that they have the right to collect, upload, and process such information and that they use the app according to applicable pharmacy, healthcare, prescription, and data protection laws.

10. Children's Privacy

Medical ERP is intended for pharmacy business use and is not directed to children. Users should not create accounts for children or intentionally submit children's personal information unless required for lawful pharmacy records and handled by authorized pharmacy personnel.

11. Third-Party Links and Services

The app may link to or integrate with third-party services such as payment gateways, device operating systems, app stores, and hosting providers. Their privacy practices are governed by their own policies, and we are not responsible for their independent practices.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date and may notify users through the app, website, or other reasonable means.

13. Contact Us

For privacy questions, support requests, or data access/deletion requests, contact us at:

Email: support@medicalerp.in
Website: https://medicalerp.in