MedAI

Privacy Policy

Last updated: September 3, 2025

1. Introduction

MedAI ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, diagmbbs.com (the "Service"). Please read this policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

2. Information We Collect

We may collect information about you in a variety of ways. The information we may collect on the Service includes:

Personal Data

Personally identifiable information, such as your name, email address, and password, that you voluntarily give to us when you register with the Service or when you choose to participate in various activities related to the Service, such as making payments.

Social Login Data

If you choose to register or log in using your Google account, we will collect authentication information from Google, such as your name, email address, and unique Google ID, as permitted by you via your Google account settings.

Usage and Performance Data

Information that our servers automatically collect when you access the Service, such as your IP address, browser type, operating system, access times, and the pages you have viewed directly before and after accessing the site. We also collect data on your performance within the app, including cases attempted, diagnoses submitted, scores, and progress.

Payment Data

All financial information is stored and processed by our payment processor, Razorpay. We do not collect or store credit card details on our servers. We may receive transactional information from Razorpay, such as your Razorpay customer ID and purchase details, to facilitate your subscription and credit purchases.

3. How We Use Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Service to:

  • Create and manage your account.
  • Process your payments and subscriptions.
  • Provide you with AI-generated clinical cases and feedback.
  • Track your progress, calculate your rank, and display your position on leaderboards.
  • Monitor and analyze usage and trends to improve your experience with the Service.
  • Notify you of updates to the Service.
  • Respond to your comments and questions and provide customer service.

4. Data Sharing and Third-Party Services

We do not share your personal information with third parties except as described in this Privacy Policy. We may share information with the following third parties:

  • OpenAI: To generate clinical cases and provide diagnostic feedback, we send anonymized or contextual data (such as the selected medical specialty and difficulty) to the OpenAI API. We do not send your personal identification data like your email or name to OpenAI for this purpose.
  • Razorpay: To process payments for subscriptions and credit bundles. We share necessary information with them to facilitate the transaction.
  • Google: To facilitate social login (Google Sign-In).
  • Render & Vercel: Our hosting providers who store and serve our application data.

We may also disclose your information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation.

5. Cookies and Tracking Technologies

We may use cookies, web beacons, tracking pixels, and other tracking technologies on the Service to help customize the Service and improve your experience. When you access the Service, your personal information is not collected through the use of tracking technology. Most browsers are set to accept cookies by default. You can remove or reject cookies, but be aware that such action could affect the availability and functionality of the Service.

6. Data Security

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

7. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

8. Your Data Rights

Depending on your location, you may have the following rights regarding your personal data:

  • The right to access – You have the right to request copies of your personal data.
  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • The right to erasure – You have the right to request that we erase your personal data, under certain conditions.

You can exercise these rights at any time by accessing your account settings or by contacting us directly for assistance.

9. International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

10. Children's Privacy

Our Service is not intended for use by children under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If we become aware that we have collected Personal Data from a child under age 13 without verification of parental consent, we will take steps to remove that information from our servers.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us through the methods provided on our Contact page.