Privacy Policy

Last updated: 15 June 2026

This Privacy Policy explains how Keficorp Private Limited ("Keficorp", "we", "us") collects, uses, stores, and protects personal data through the MediRoute platform (the "Service") — our mobile app and website that connects healthcare professionals with hospitals, clinics, and other healthcare organisations for shifts and permanent roles.

Keficorp is the data fiduciary for personal data processed through the Service. Our registered office is at Aparna Sarovar Zicon, 1-100/264/AAZC/F/1608, CUC, Serilingampally, Hyderabad, Telangana – 500046, India.

1. Information we collect

We collect the following, depending on how you use the Service:

• Account & identity: your name, mobile number, and the role you select (for example, nurse, doctor, or recruiter). We use your mobile number to sign you in via one-time password (OTP), or you may sign in with Google.
• Professional & verification details (for healthcare professionals): registration number, issuing council, council state, qualification, registration expiry, and documents you upload such as your registration certificate and degree certificate, so that hospitals can verify your credentials.
• Organisation details (for recruiters / healthcare organisations): organisation name, official email address, and facility type.
• Location: if you enable it, your location is used to match you with nearby shifts and to show your availability.
• Device & technical data: device and push-notification identifiers (to deliver notifications), and standard log data such as app activity and error reports.
• Service activity: shifts, jobs, applications, and related actions you take on the platform.

We do not currently process payment-card or bank details through the Service.

Cookies & local storage. The MediRoute app and website use device storage (such as local storage and similar technologies) to keep you signed in, remember your preferences, and operate the Service. We do not use third-party advertising or cross-site tracking cookies.

2. How we use your information

• To provide and operate the Service — creating your account, matching professionals with shifts and roles, and processing applications.
• To verify professional credentials submitted for review.
• To send you service communications and notifications — including in-app messages, push notifications, SMS (for example, login OTPs), and WhatsApp messages (where you have opted in) — about shifts, applications, and account activity.
• To provide customer support and respond to your requests.
• To maintain safety, prevent fraud and misuse, and keep the platform secure.
• To comply with applicable laws and legal obligations.

3. How we share your information

We share personal data only as needed to run the Service. We do not sell your personal data. We share with:

• Other users, as relevant to the service: for example, a healthcare professional's relevant profile and verification status may be shown to a hospital considering them for a shift or role.
• Service providers who process data on our behalf, including: MSG91 (one-time-password and SMS delivery); Google (Google Sign-In); Firebase Cloud Messaging (push notifications); Supabase (PostgreSQL database and uploaded-file storage) and Render (backend hosting); and Anthropic (AI features such as generating job descriptions and summaries).
• Authorities or third parties where required by law, or to protect the rights, safety, and security of our users, the public, or Keficorp.

4. Where your data is stored

Your personal data is stored in India on Supabase (PostgreSQL hosted on AWS in the ap-south-1 (Mumbai) region), with uploaded files in Supabase Storage; data in transit is encrypted over TLS/HTTPS. Some service providers we use (for example, Google for sign-in and Anthropic for AI features) may process limited data outside India to deliver their services; where that happens, we take steps intended to keep your data protected.

5. Data retention

We keep personal data for as long as your account is active and as needed to provide the Service, and thereafter only as required to meet legal, regulatory, or legitimate business obligations. You can request deletion of your account, after which we delete or anonymise your data subject to any retention the law requires.

6. Your rights

Subject to applicable law, you may:

• Access the personal data we hold about you and request a correction of inaccurate data.
• Request deletion of your account and personal data — account deletion is available in the app, or via /delete-account.
• Withdraw consent you have given, such as turning off location or opting out of certain communications.
• Raise a grievance about how your data is handled (see Contact below).

7. Children

The Service is intended for users who are 18 years or older and are working professionals or representatives of healthcare organisations. It is not directed at children, and we do not knowingly collect data from minors.

8. Security

We use reasonable technical and organisational measures to protect personal data against unauthorised access, loss, or misuse. No method of transmission or storage is completely secure, but we work to safeguard your information.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version here and revise the "Last updated" date above. Significant changes will be communicated where appropriate.

10. Contact us

For questions about this policy, or to exercise your rights or raise a grievance, contact:

• Keficorp Private Limited
• Email: admin@keficorp.com
• Phone: +91 99080 06268
• Aparna Sarovar Zicon, 1-100/264/AAZC/F/1608, CUC, Serilingampally, Hyderabad, Telangana – 500046, India

If you have a grievance about how your personal data is handled, you may contact us using the details above and we will work to address it.