PillMitra
๐Ÿ”’ Your privacy matters

Privacy Policy

Last updated: 17 May 2026

1. Who We Are

PillMitra is a medication adherence service operated by PillMitra Technologies Pvt. Ltd. (registered in India). We help patients take their medicines on time via WhatsApp reminders. Our registered address and grievance officer contact is: support@pillmitra.in.

2. What Data We Collect

  • WhatsApp phone number โ€” required to send reminders.
  • Prescription images โ€” uploaded by you to parse medicine names and schedules. Processed by AI and deleted after parsing.
  • Medicine schedule โ€” names, timings, duration as extracted from your prescription.
  • Language preference โ€” the language you choose for reminders.
  • Confirmation logs โ€” when you tap "Taken" or "Skipped" on a reminder.

We do not collect: Aadhaar, PAN, payment data, or health records beyond what you voluntarily send us.

3. How We Use Your Data

  • Send medication reminders at the times specified in your prescription.
  • Parse your prescription using AI (Google Gemini Vision) to extract medicine details.
  • Generate adherence reports that you can share with your doctor.
  • Improve our service (anonymised, aggregated data only).

We never sell, rent, or share your personal data with advertisers or third-party marketers.

4. Data Storage & Security

All data is stored on servers located in India (Microsoft Azure โ€” Central India region). Data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Access is restricted to authorised PillMitra personnel only.

Prescription images are processed in memory and are not permanently stored. They are sent to Google Gemini for AI parsing and immediately discarded.

5. Third-Party Services

  • WhatsApp Business API (Meta) โ€” for message delivery. Meta's data processing terms apply.
  • Google Gemini Vision โ€” for prescription OCR. Images are sent to Google's API for processing. We do not enable model training on your data.
  • Supabase โ€” managed PostgreSQL database (hosted on AWS Mumbai region).
  • Upstash Redis โ€” job queue for reminder scheduling (EU-West region; job metadata only, no PHI).

6. Your Rights (DPDP Act 2023)

Under the Digital Personal Data Protection Act 2023, you have the right to:

  • Access โ€” request a copy of the data we hold about you.
  • Correction โ€” ask us to fix inaccurate data.
  • Erasure โ€” request deletion of your data. We will delete it within 30 days.
  • Grievance redressal โ€” raise a complaint with our Grievance Officer.
  • Nomination โ€” nominate another person to exercise your rights on your behalf.

To exercise any right, WhatsApp us or email support@pillmitra.in with the subject "Data Request โ€” [your request type]".

7. Retention

We retain your medicine schedules and adherence logs for 2 years from your last interaction, or until you request deletion, whichever is earlier.

8. Children

PillMitra is not directed at children under 18. If a parent or guardian uses PillMitra to manage a child's medicines, they are the data principal.

9. Changes to This Policy

We may update this policy. Material changes will be notified via WhatsApp message to active users at least 7 days before taking effect.

10. Contact & Grievance Officer

Grievance Officer: PillMitra Support Team
Email: support@pillmitra.in
Response time: Within 7 business days