Your health data and privacy are our priority.

This Privacy Policy applies to visitors to the WOCTOR website and related pages, patients and end users who browse listings or interact with providers through WOCTOR, doctors, clinics, hospitals, laboratories, pharmacies, and other healthcare businesses whose listing or workflow may appear on or connect with WOCTOR, and vendors, service providers, applicants, and others who interact with us through WOCTOR or its related support channels.

This Privacy Policy does not apply to third-party websites, tools, platforms, or services that are not owned or controlled by Suflon TECH, even if they are linked to or accessible through WOCTOR.

WOCTOR is a healthcare discovery and engagement platform that may display listings for doctors, clinics, hospitals, laboratories, pharmacies, and other healthcare services. WOCTOR may allow users to search by city, specialization, or service type, view listing-related information, submit appointment requests, and interact with patient-facing features where enabled.

In some cases, WOCTOR may connect with MDPLIX or other connected services within the Suflon TECH ecosystem. Where such connections are enabled by the relevant healthcare provider or authorized account, appointment requests initiated through WOCTOR may be routed into MDPLIX, and certain appointment, prescription, or related care information originating from MDPLIX may be made visible to the relevant patient through WOCTOR.

WOCTOR may also participate in broader connected workflows across the ecosystem. For example, where a patient books or interacts through WOCTOR and the relevant healthcare provider uses MDPLIX, appointment coordination may occur through MDPLIX. Where the relevant provider enables it, a patient may be able to view certain appointment or prescription-related information in WOCTOR that originates from MDPLIX. Any such connected access, synchronization, or display occurs only to the extent enabled by system configuration, permissions, account controls, and applicable legal or contractual requirements.

Depending on the context, Suflon TECH may act in different roles in relation to personal data.

Where a doctor, clinic, hospital, laboratory, pharmacy, or other healthcare customer manages or controls patient or healthcare-related data using MDPLIX or connected services that integrate with WOCTOR, that healthcare customer generally remains primarily responsible for determining the purpose and manner of processing, obtaining all required notices, consents, permissions, and authorizations, ensuring the lawfulness, relevance, and accuracy of the data submitted, deciding what information is shared or displayed through connected services, and complying with its own medical, legal, professional, and regulatory obligations.

In that context, Suflon TECH generally provides the software platform and supporting infrastructure and may act as a service provider, processor, intermediary, or similar supporting role depending on applicable law and the governing contract.

For account creation, customer support, billing where applicable, fraud prevention, security, analytics, communications, platform administration, listing operations, and general business operations relating to WOCTOR, Suflon TECH may act as the primary handler of that data for its own legitimate operational purposes.

Where a patient accesses appointment or prescription information through WOCTOR that originates from MDPLIX or another connected platform, access depends on the relevant healthcare provider’s settings and permissions, successful authentication of the patient, the availability and status of connected systems, and successful synchronization or retrieval of the relevant data. Suflon TECH does not guarantee that all records will always be available in real time or that every record present in a connected system will necessarily be displayed in WOCTOR.

We may collect and process information you provide directly when you browse, register, request support, submit an appointment request, create or access a patient account, interact with listing pages, or otherwise use WOCTOR. This may include your name, email address, phone number, city or location details, account login information, and any information you choose to submit through forms, inquiries, appointment requests, feedback, or support interactions.

We may also process listing-related and business information connected to healthcare providers, clinics, hospitals, laboratories, pharmacies, or other healthcare companies, including publicly displayed or customer-submitted business details, service information, specialties, availability information, and other operational or directory-related content.

Where WOCTOR connects with MDPLIX or another authorized system, we may process certain patient-facing data made available through those connected services. This may include appointment information, prescription-related information, and limited patient-related records that the relevant healthcare provider has enabled for display or access through WOCTOR.

We may collect technical and usage information such as IP address, browser type, device type, operating system, session data, timestamps, pages or modules accessed, search and navigation activity, usage logs, performance diagnostics, audit logs, and security or error logs.

Where enabled by connected workflows, we may also receive status updates or related operational information from connected systems, including appointment status, prescription visibility status, follow-up coordination status, or other service-related updates.

We may collect information directly from you when you browse the website, use search or listing pages, submit a form, request a demo, create an account, log in, contact support, make an appointment request, or otherwise use the services.

We may also collect information from authorized healthcare customers or connected systems that supply listing data, appointment data, or patient-facing records for display or operational use through WOCTOR. In addition, we may collect information automatically through logs, cookies, analytics tools, security tools, and similar technologies. We may also receive information from vendors or service providers that support hosting, storage, email delivery, analytics, security, payments, customer support, or related platform operations.

If you provide us with information relating to another person, you represent that you are authorized to do so and that such disclosure and processing are permitted under applicable law.

We use information to provide, operate, maintain, and improve WOCTOR and related connected services. This includes operating listing and discovery functionality, displaying provider and facility information, processing appointment requests, supporting patient account access where enabled, and facilitating connected workflows with MDPLIX or other authorized systems where applicable.

We may use information to create and manage accounts, authenticate users, secure accounts and sessions, provide onboarding, implementation, troubleshooting, and customer support, monitor performance, service quality, reliability, and product usage, detect, investigate, and prevent fraud, abuse, misuse, unauthorized access, and technical issues, and send administrative, transactional, service, and security communications.

We may also use information to facilitate authorized data flow between WOCTOR and MDPLIX, including appointment coordination, patient access to certain records, and related care coordination or business workflows enabled by the relevant healthcare provider or authorized account.

In addition, we may use information to comply with legal, regulatory, tax, audit, and recordkeeping obligations, enforce contracts, platform rules, policies, and legal rights, and create aggregated or de-identified analytics, reports, and operational insights that do not identify individuals.

We do not sell personal data as a standalone data brokerage activity.

We may share personal data only where reasonably necessary and appropriate.

This includes sharing with trusted service providers and subprocessors that help us operate the services, such as providers supporting cloud hosting and infrastructure, managed databases, file and object storage, transactional email delivery, analytics and diagnostics, customer support, security and monitoring, payment processing where applicable, and implementation or technical support.

Where WOCTOR is connected to MDPLIX or another authorized system, information may be shared internally within the Suflon TECH ecosystem to support intended functionality. This may include routing appointment requests into MDPLIX, making certain appointment information visible in WOCTOR, and making certain prescription-related information visible to the relevant patient in WOCTOR where the relevant healthcare provider has enabled that functionality.

Where a patient interacts with a listed doctor, clinic, hospital, laboratory, pharmacy, or other healthcare company through WOCTOR, the relevant information necessary to support that interaction, inquiry, booking, or related workflow may be shared with that healthcare provider or entity.

Where enabled and authorized, patients may access certain appointment or prescription-related information associated with their account through WOCTOR or other connected patient-facing components.

We may also disclose information in connection with a merger, acquisition, restructuring, financing, reorganization, or transfer of assets, to auditors, lawyers, insurers, or professional advisers, where required by law, legal process, court order, or regulatory request, or where necessary to protect rights, enforce agreements, investigate misuse, or support safety and security.

We do not rent, sell, or trade personal information to third parties for their own independent marketing purposes.

To operate WOCTOR, we may use third-party infrastructure and operational providers. Our current or typical operational stack may include Amazon Web Services (AWS) for cloud infrastructure and hosting, Amazon RDS for managed database services, Amazon S3 for file and object storage, and Amazon SES for transactional and service-related email delivery. We may also use other vendors for analytics, support, monitoring, security, and payments where relevant.

These providers may process personal data only to the extent reasonably necessary to provide services to us. We may add, remove, or replace service providers from time to time as part of normal operations, scaling, security, or system improvements.

We take reasonable technical and organizational measures designed to protect personal data from unauthorized access, misuse, alteration, loss, or unlawful disclosure. These measures may include access controls, authentication safeguards, logging and monitoring, secure hosting practices, encryption in transit, controlled storage environments, environment and account administration controls, and incident response procedures.

However, no software platform, hosting environment, cloud provider, network, or storage system is completely secure, no method of transmission or storage can guarantee absolute protection, and no backup or recovery process can guarantee zero-loss restoration in every circumstance. Outages, interruptions, delays, unauthorized access, system failures, integration issues, user actions, or third-party failures may affect data availability or integrity.

Accordingly, while we use commercially reasonable safeguards, we do not guarantee uninterrupted service, error-free operation, or complete prevention of all loss, corruption, delay, or unauthorized access. Users and customers are responsible for maintaining credential confidentiality, controlling access to their accounts and devices, and using the services in a secure and authorized manner.

Because WOCTOR may rely on connected services, listings, integrations, and ecosystem workflows, certain features may depend on the availability, status, configuration, and permissions of third-party or connected systems, including MDPLIX or provider-side systems. Appointment routing, patient access to certain records, and other connected features may be delayed, incomplete, interrupted, or unavailable from time to time due to configuration, synchronization, maintenance, technical issues, or factors beyond our reasonable control.

Users should not rely on WOCTOR alone as their sole archive, sole backup, or sole fail-safe repository for critical, regulated, medical, financial, or operationally essential records unless expressly agreed in a separate written contract.

We retain information only for as long as reasonably necessary to provide the services, support customers and users, maintain operational, audit, and security records, comply with legal, tax, accounting, contractual, and regulatory obligations, resolve disputes, and enforce agreements and legal rights.

In general, account or business data may be retained while the relevant account or listing is active and for a reasonable period thereafter. Patient-facing access data or connected records made available through WOCTOR may be retained in accordance with the instructions of the relevant healthcare customer, applicable contractual terms, and any applicable legal or medical recordkeeping requirements. Logs and technical records may be retained for shorter periods, or longer where necessary for security, compliance, or investigations.

After the applicable retention period, data may be deleted, archived, anonymized, or irreversibly de-identified, subject to legal, contractual, backup, and technical constraints. Where immediate deletion is not technically possible, including due to backups, archives, or disaster recovery systems, we may retain limited copies until deletion becomes reasonably practicable.

Depending on applicable law and the role in which we process the data, you may have rights such as the right to request access to your personal data, correction of inaccurate or incomplete information, deletion of certain information subject to applicable exceptions, restriction of or objection to certain processing in some cases, withdrawal of consent where processing is based on consent, and the right to opt out of non-essential marketing communications.

Patients and end users may be able to access certain appointment or prescription-related information through WOCTOR where such access is enabled. However, where patient data is controlled by a clinic, doctor, hospital, laboratory, pharmacy, or other healthcare provider using MDPLIX or a connected system, requests for correction, deletion, restriction, or other substantive changes may need to be directed to that healthcare provider first, because that provider may be the primary decision-maker for that data. We may refer such requests to the relevant healthcare customer where appropriate.

If a patient or user requests deletion of data that is controlled by a healthcare provider customer, we may process that request only in accordance with the instructions of the relevant customer, applicable law, contractual obligations, technical feasibility, and required record retention obligations. Customers remain responsible for maintaining any separate records they are required to preserve under applicable law, professional obligations, or internal policies.

We may use cookies, session storage, and similar technologies to support authentication and login continuity, security and fraud prevention, service functionality, user preferences, performance monitoring, search and listing performance, and usage analytics and product improvement.

You may be able to manage certain cookie preferences through your browser settings. Disabling certain cookies may affect functionality or availability of parts of the services.

Suflon TECH may use infrastructure, vendors, and support functions that involve processing data in jurisdictions outside the location where the data was originally collected. By using the services, you understand that your information may be processed in locations where we or our service providers operate, subject to applicable law and the relevant contractual and operational safeguards.

The services may contain links to third-party websites, portals, or tools, including websites of listed providers, connected entities, or external service platforms. We are not responsible for the privacy, security, content, uptime, or data handling practices of third-party services that we do not own or control. Those services are governed by their own terms and privacy policies.

If we become aware of a confirmed security incident or personal data breach affecting information under our control, we may take reasonable steps to assess and contain the incident, investigate its scope and impact, mitigate further harm where feasible, restore affected systems or services where reasonably possible, and provide notice to affected customers, users, or authorities where required by applicable law, contract, or regulatory obligation.

Nothing in this section should be interpreted as a guarantee that every incident can be prevented, detected immediately, or fully remediated without any loss, delay, or interruption.

For privacy-related questions, requests, or complaints, please contact:

Suflon TECH LLP 703, B-68, Moreshwar Building, Sector 1, Mira Road East, Thane, Maharashtra 401107, India

Privacy Email: support@woctor.com Support Email: support@woctor.com

If you are a patient and your data is controlled by a clinic, hospital, doctor, laboratory, pharmacy, or other healthcare provider using WOCTOR, MDPLIX, or a connected system, you may also need to contact that organization directly for certain requests. We will make reasonable efforts to acknowledge and address privacy-related requests within a reasonable timeframe and in accordance with applicable law.

We may update this Privacy Policy from time to time to reflect changes in law or regulation, business operations, platform features, service providers, product structure, or privacy and security practices. We will update the “Last Updated” date when changes are made. Where appropriate, we may provide additional notice through the services or by email.

Your continued use of the services after the effective date of an updated Privacy Policy constitutes acknowledgment of the revised policy, to the extent permitted by law.

This Privacy Policy explains how personal data is collected, used, stored, shared, and protected. It does not, by itself, create any specific service-level commitment, uptime guarantee, restoration obligation, or warranty unless such commitment is expressly set out in a separate written agreement.

Any detailed commercial protections, service commitments, limitation of liability terms, backup commitments, or support terms should be governed by the applicable Terms of Service, subscription agreement, enterprise agreement, or separate written contract.

By using the services, you acknowledge that you have read and understood this Privacy Policy.