Privacy Policy

Introduction

Welcome to RucJa ("we", "our", "us"). We provide a secure, cloud-enabled platform and mobile application to facilitate remote patient monitoring and communication between patients and healthcare providers. Protecting your privacy and the confidentiality of your health information is a core priority.

This Privacy Policy explains what information we collect, how we use it, when we share it, and the choices you have. By using the Application you agree to the collection and use of information as described in this policy.

Safety & Medical Use

Important: The Application is a monitoring and communication tool. It is not intended to provide medical advice, diagnosis, or treatment. Information provided by the Application should not replace consultation with a licensed healthcare professional.

Do not rely on the Application for urgent medical decisions. If you are experiencing a medical emergency, call your local emergency services immediately.

Information We Collect

We collect information necessary to operate the Application and to provide remote monitoring services. Collection occurs only with your consent and as permitted by applicable law.

• Personal Identifiable Information (PII): name, date of birth, contact information (email, phone), address (optional), patient ID, and emergency contact. Used for account creation, identification, and care coordination.
• Health & Medical Information (Sensitive):
  • Vitals: heart rate, blood pressure, oxygen saturation (SpO₂), temperature, respiratory rate.
  • Symptoms and patient-reported outcomes (pain level, sleep, medication side effects).
  • Medication schedules and adherence data.
  • Diagnostic results from integrated devices or systems (if you connect them).
• Device & Technical Data: device model, operating system, unique device identifier (or advertising identifier if permitted), IP address, crash reports, and usage telemetry used for analytics and app improvement.

How We Use Your Information

We use the information we collect for specific, limited purposes:

• Deliver care: share health data with your authorized healthcare provider for monitoring, trend analysis, alerts, and clinical follow-up.
• App functionality: authentication, account management, notifications, and device integrations.
• AI & analytics: process data (including aggregated or de-identified data) to detect trends, generate non-diagnostic insights, and improve early-warning algorithms. These outputs are intended to assist clinicians, not to replace them.
• Security & fraud prevention: protect user accounts and the integrity of the service.
• Research & improvement: with consent, anonymized data may be used for clinical research, quality improvement, and product development.
• Legal compliance: to comply with legal or regulatory obligations (e.g., public health reporting when required by law).

Data Retention

We retain personal and health information only for as long as necessary to provide the service, to fulfill the purposes described in this policy, and to comply with legal and regulatory requirements. Retention periods may vary by data type and jurisdiction — if you need exact retention period information for your account, contact us at info@oncofit.in.

How We Share Your Information

We share information in limited circumstances and always with appropriate safeguards:

• Authorized healthcare providers: your data is shared with doctors and clinical teams you authorize so they can provide care.
• With your consent: we will share information with third parties (family members, caregivers, research partners) only when you explicitly authorize it.
• Service providers: secure third-party vendors (cloud storage, analytics providers) who process data on our behalf under strict contractual terms and security controls.
• Legal obligations: when required by law or to comply with valid legal process (court orders, government requests).
• Business transfers: in the event of a merger, acquisition, or sale of assets. We will notify you and preserve privacy protections where possible.
• Aggregated/De-identified data: we may share non-identifiable summaries for research and service improvement.

Data Security

We apply industry-standard technical and organizational measures to protect your information:

• Encryption: all data is encrypted in transit (TLS) and at rest.
• Access controls: role-based access and strict authentication for staff and healthcare providers.
• Monitoring & audits: regular security testing and audits to detect and address vulnerabilities.

No system is 100% secure. If a security incident affects your data we will notify you according to applicable law and our incident response procedures.

Your Rights & Choices

Depending on your jurisdiction, you may have rights regarding your personal data. Common rights include:

• Access & correction: request a copy of your data and correct inaccuracies.
• Data portability: request your data in a machine-readable format.
• Deletion: request deletion of your account and data (subject to legal obligations or clinical retention requirements).
• Withdraw consent: you can withdraw data-sharing consent at any time; withdrawing consent may limit app functionality and clinical monitoring.

To exercise any right, visit the account settings in the Application or contact us at info@oncofit.in. We will verify requests to protect your privacy.

How to Delete or Close Your Account

You can request account deletion from within the app (Account > Settings > Delete Account) or by emailing info@oncofit.in. We will process deletion requests in accordance with applicable law and any clinical record retention obligations.

Third-Party Services & Integrations

If you connect third-party devices (wearables, home monitors) or diagnostic systems, those services may collect and store data independently. You should review the privacy policies of those third-party providers. We are not responsible for third-party privacy practices.

International Data Transfers

Your data may be stored and processed in countries outside your home jurisdiction. We implement appropriate safeguards (standard contractual clauses, approved mechanisms) where required by law.

Children's Privacy

The Application is not intended for use by individuals under 18 without parental or guardian consent. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, contact us and we will take prompt steps to remove the data.

Legal Compliance

We process personal data in accordance with applicable laws, including health data protections where relevant (for example, HIPAA in the United States when we act as a business associate under a covered entity agreement). If you require details about how we handle data in your jurisdiction, contact us.

App Permissions & App Store Notes

The Application may request permission to access:

• Health data / HealthKit (iOS): only accessed with explicit user consent and only to the extent required to provide monitoring features.
• Bluetooth / device pairing: to collect readings from compatible devices.
• Notifications: to deliver alerts and messages from your care team.

All permission requests include clear, purpose-driven prompts in the Application. You can change permissions in your device settings at any time.

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will provide notice through the Application and update the "Last updated" date at the top of this page.