Qurovo Private Limited ('we', 'us', 'Qurovo') understands and respects the importance of protecting your privacy. We are committed to maintaining the highest standards of data security and privacy protection for all our users. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our website www.qurovo.com, mobile applications, and related services (collectively, the 'Platform' or 'Services'). This Privacy Policy is published in compliance with Section 43A of the Information Technology Act, 2000, Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 ('SPI Rules'), and Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011 ('IG Rules'). IMPORTANT NOTE: Our Privacy Policy may be revised from time to time at our discretion. We recommend that you review this policy periodically to stay informed of any changes. Your continued use of the Platform after any modifications to this Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide by the modified Privacy Policy. By accessing or using the Platform, you agree to be bound by the terms and conditions of this Privacy Policy. If you do not agree with this Privacy Policy, please do not use or access the Platform. This Privacy Policy is incorporated into and subject to our Terms and Conditions, available at https://www.qurovo.com/terms-and-conditions. 1. APPLICABILITY OF THIS PRIVACY POLICY This Privacy Policy applies to all users of our Platform, including: • Patients seeking healthcare information or services; • Representatives, attendants, relatives, or friends of patients; • Healthcare providers, hospitals, and medical professionals; • Casual visitors browsing the Platform; • Any other person accessing or using the Platform. 2. DEFINITIONS For the purposes of this Privacy Policy: 'Personal Information' means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available, is capable of identifying such person. This includes but is not limited to name, email address, phone number, postal address, date of birth, gender, and similar information. 'Sensitive Personal Data or Information' (SPDI) means personal information about a person relating to: (i) passwords; (ii) financial information such as bank account, credit card, debit card, or other payment instrument details; (iii) physical, physiological and mental health condition; (iv) sexual orientation; (v) medical records and history; (vi) biometric information; (vii) information received under lawful contract or otherwise; and (viii) visitor details as provided at the time of registration or thereafter. Call data records are also considered sensitive personal data or information. 'User' or 'you' means any person who accesses or uses the Platform, whether as a patient, healthcare provider, or casual visitor. 3. INFORMATION WE COLLECT We collect information from you in various ways when you use our Platform. The type and amount of information we collect depends on how you use our Services. 3.1 Information You Provide Directly When you register for an account, book an appointment, compare hospital packages, contact us, or otherwise interact with our Platform, you may voluntarily provide us with the following information: • Contact information (name, email address, phone number, postal address); • Demographic information (age, date of birth, gender, location); • Health-related information (medical conditions, symptoms, treatment requirements, medical history); • Account credentials (username, password); • Payment information (billing address, credit/debit card details, bank account information); • Insurance information (insurance carrier, policy details); • Feedback, reviews, ratings, and testimonials about healthcare providers or services; • Any other information you choose to provide through emails, letters, chat messages, or other correspondence. 3.2 Information We Collect Automatically When you access or use our Platform, we automatically collect certain information, including: • Device information (device type, operating system, browser type, unique device identifiers); • Usage information (pages viewed, time spent on pages, links clicked, search queries, appointment history); • Location information (IP address, geographic location based on IP address or GPS data if you enable location services); • Log data (server logs, access times, pages viewed, app crashes, system activity); • Cookies and similar tracking technologies (see Section 4 below for more details). 3.3 Information from Third Parties We may receive information about you from third parties, including: • Healthcare providers and hospitals with whom you have interacted through our Platform; • Payment processors and financial institutions for transaction verification; • Social media platforms if you choose to connect your account; • Analytics providers and advertising partners; • Publicly available sources for verification purposes. 3.4 Casual Visitors If you are merely browsing the Platform without providing any personal information, we do not automatically collect any Sensitive Personal Data or Information. However, we may collect certain non-personally identifiable information such as your IP address, browser type, and pages visited for analytical purposes. You can browse portions of our Platform without revealing your identity. 4. COOKIES AND TRACKING TECHNOLOGIES We use cookies, web beacons, pixels, and similar tracking technologies to enhance your experience on our Platform, analyze usage patterns, and deliver personalized content. 4.1 What Are Cookies? Cookies are small text files placed on your device by websites you visit. They help websites remember information about your visit, making your next visit easier and the site more useful to you. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device until deleted or they expire). 4.2 How We Use Cookies We use cookies for the following purposes: • Essential cookies: To enable basic functions like page navigation and access to secure areas; • Analytics cookies: To understand how visitors interact with our Platform, which helps us improve our Services; • Functional cookies: To remember your preferences and settings; • Advertising cookies: To deliver relevant advertisements and measure the effectiveness of our marketing campaigns; • Security cookies: To authenticate users and prevent fraudulent use of login credentials. 4.3 Third-Party Cookies We may allow third-party service providers (such as Google Analytics, Facebook Pixel, and other analytics or advertising partners) to place cookies on your device. These third parties use cookies to collect information about your online activities across different websites. We do not control these third-party cookies and their use is governed by the privacy policies of these third parties. 4.4 Managing Cookies Most web browsers automatically accept cookies, but you can modify your browser settings to decline cookies if you prefer. However, disabling cookies may prevent you from accessing certain features of our Platform and may limit your user experience. To learn more about cookies and how to manage them, visit www.allaboutcookies.org. 5. HOW WE USE YOUR INFORMATION We use the information we collect for various purposes, including to provide, maintain, protect, and improve our Services. Specifically, we may use your information for the following purposes: 5.1 Service Delivery • To create and manage your account; • To process and facilitate appointment bookings with healthcare providers; • To provide hospital package comparisons and healthcare information; • To process payments and financial transactions; • To send booking confirmations, appointment reminders, and service-related communications; • To enable communication between you and healthcare providers. 5.2 Customer Support • To respond to your inquiries, requests, and feedback; • To troubleshoot technical issues and resolve disputes; • To provide customer support and assistance. 5.3 Personalization and Improvement • To personalize your experience and provide customized content and recommendations; • To analyze usage patterns and trends; • To improve and develop new features, products, and services; • To conduct research, statistical analysis, and business intelligence; • To test new features and functionality. 5.4 Marketing and Communications • To send you promotional offers, newsletters, and marketing materials about our Services; • To contact you for feedback and surveys about our Services; • To notify you about changes to our Services, new features, or special offers; • To conduct targeted advertising campaigns through various channels including email, SMS, phone calls, and online platforms. By accessing and using the Platform and/or verifying your contact number with Qurovo, you explicitly consent to receive communications (through calls, SMS, email, WhatsApp, or other digital means) from Qurovo and/or its authorized representatives, even if your contact number is registered under the DND/NCPR list under the Telecom Commercial Communications Customer Preference Regulations, 2018. 5.5 Security and Fraud Prevention • To protect the security and integrity of our Platform; • To detect, prevent, and address fraud, abuse, and illegal activities; • To verify user identities and authenticate accounts; • To enforce our Terms and Conditions and other policies. 5.6 Legal and Compliance • To comply with applicable laws, regulations, and legal processes; • To respond to lawful requests from government authorities and law enforcement; • To protect our legal rights and interests, and those of our users and partners. 6. SHARING AND DISCLOSURE OF YOUR INFORMATION We do not sell, rent, or trade your Personal Information or Sensitive Personal Data or Information to third parties for their marketing purposes. However, we may share your information in the following circumstances: 6.1 With Healthcare Providers and Hospitals We share your information with healthcare providers, hospitals, and diagnostic centers to facilitate appointment bookings, service delivery, and treatment coordination. This includes sharing your name, contact information, medical history, and appointment details as necessary for providing healthcare services. 6.2 With Service Providers and Partners We may share your information with third-party service providers and partners who perform services on our behalf, including: • Payment processors and financial institutions; • Cloud hosting and data storage providers; • Email and SMS service providers; • Customer support and call center services; • Analytics and marketing service providers; • IT and security service providers. These third-party service providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your information and use it only for the purposes for which it was disclosed. 6.3 For Legal Reasons We may disclose your information if required to do so by law or if we believe that such action is necessary to: • Comply with legal obligations, court orders, or government requests; • Protect and defend our rights, property, or safety, or that of our users or the public; • Detect, prevent, or address fraud, security, or technical issues; • Enforce our Terms and Conditions and investigate violations. 6.4 Business Transfers In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring or successor entity. We will notify you via email and/or a prominent notice on our Platform of any such change in ownership or control of your personal information. 6.5 Aggregated and Anonymized Data We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you. This includes statistical data, research findings, and analytics reports that we may share with partners, advertisers, researchers, or the public. Such data does not contain any Personal Information or Sensitive Personal Data or Information. 6.6 With Your Consent We may share your information with third parties when you have given us explicit consent to do so. 7. DATA SECURITY We take the security of your information seriously and implement reasonable security practices and procedures to protect your Personal Information and Sensitive Personal Data or Information from unauthorized access, disclosure, alteration, and destruction. 7.1 Security Measures Our security measures include: • Encryption of data in transit and at rest using industry-standard protocols (SSL/TLS); • Secure servers and data centers with physical and electronic access controls; • Regular security audits and vulnerability assessments; • Firewalls, intrusion detection systems, and anti-malware software; • Access controls and authentication mechanisms; • Employee training on data security and privacy; • Confidentiality agreements with employees and service providers. 7.2 Your Responsibilities You are responsible for maintaining the confidentiality of your account credentials (username and password). Please: • Choose a strong, unique password; • Do not share your password with others; • Log out after using the Platform, especially on shared devices; • Notify us immediately at support@qurovo.com if you suspect unauthorized access to your account. Qurovo will never have knowledge of your password. We do not undertake any liability for unauthorized use of your account and password. You shall be liable to indemnify Qurovo for any loss suffered due to such unauthorized use. 7.3 Limitations While we implement reasonable security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information. In the event of a data breach, we will notify affected users in accordance with applicable law. Qurovo shall not be responsible for any breach of security or unauthorized access to data that occurs due to events beyond our reasonable control, including but not limited to acts of government, hacking, unauthorized access, computer crashes, or poor quality of internet or telephone services. 8. DATA RETENTION We retain your Personal Information and Sensitive Personal Data or Information for as long as necessary to fulfill the purposes for which it was collected, including: • As long as your account is active or as needed to provide you with Services; • To comply with our legal obligations, resolve disputes, and enforce our agreements; • As required by applicable laws and regulations. When your information is no longer needed for these purposes, we will securely delete or anonymize it. Anonymized data may be retained indefinitely for analytical and research purposes. 9. YOUR RIGHTS AND CHOICES You have certain rights regarding your Personal Information. Subject to applicable law, you may: 9.1 Access and Correction You have the right to access, review, update, and correct your Personal Information. You can do this by logging into your account and updating your profile information, or by contacting us at support@qurovo.com. We will make reasonable efforts to accommodate your request promptly. 9.2 Account Deletion You may request deletion of your account and Personal Information by contacting us at support@qurovo.com. Upon receiving your request, we will delete your account and information, except where we are required to retain it for legal, regulatory, or legitimate business purposes. Please note that deleting your account may result in loss of access to certain features and services. 9.3 Opt-Out of Marketing Communications You can opt out of receiving promotional emails from us by clicking the 'unsubscribe' link in any marketing email or by contacting us at support@qurovo.com. You may also adjust your communication preferences in your account settings. Please note that even if you opt out of marketing communications, we will still send you transactional messages related to your account and services (e.g., appointment confirmations, password reset emails). 9.4 Withdrawal of Consent You may withdraw your consent to our collection, use, or disclosure of your information at any time by contacting us. However, withdrawal of consent may affect our ability to provide certain Services to you. 9.5 Data Portability You may request a copy of your Personal Information in a structured, commonly used, and machine-readable format by contacting us at support@qurovo.com. 9.6 Limitations on Rights Your rights may be limited in certain circumstances, including: (a) where providing access would infringe on the privacy rights of others; (b) where the information is subject to legal privilege or is required to be retained by law; (c) where the information is opinion data kept solely for evaluative purposes; or (d) where providing access would prejudice ongoing or anticipated legal proceedings. 10. CALL RECORDING AND MONITORING For quality assurance, training, and customer support purposes, calls made to or from our call center may be recorded. By continuing with a call, you consent to such recording. If you do not wish to be recorded, please inform the call center representative at the beginning of the call. However, please note that non-recorded calls may limit our ability to resolve disputes or quality issues that may arise. We may also monitor calls to ensure compliance with our policies and applicable laws. Call recordings are stored securely and accessed only by authorized personnel for the purposes stated above. They are retained for as long as necessary for these purposes and then securely deleted. 11. THIRD-PARTY WEBSITES AND SERVICES Our Platform may contain links to third-party websites, applications, or services that are not owned or controlled by Qurovo. We are not responsible for the privacy practices or content of these third parties. This Privacy Policy does not apply to third-party websites or services. We encourage you to review the privacy policies of any third-party websites or services before providing them with your information. The inclusion of any link does not imply endorsement by Qurovo. You access third-party websites and services at your own risk. 12. CHILDREN'S PRIVACY Our Platform is not intended for use by individuals under the age of 18. We do not knowingly collect Personal Information from children under 18. If you are under 18, please do not use our Platform or provide any information to us. If we become aware that we have collected Personal Information from a child under 18 without parental consent, we will take steps to delete such information. Parents and guardians are encouraged to monitor their children's internet usage and to help enforce this Privacy Policy by instructing their children never to provide personal information through our Platform without their permission. If you believe we have collected information from a child under 18, please contact us at support@qurovo.com so we can delete the information. 13. INTERNATIONAL DATA TRANSFERS Your information may be transferred to, stored, and processed in locations outside of India, including countries that may not have the same data protection laws as India. When we transfer your information internationally, we take steps to ensure that your information receives an adequate level of protection, including through contractual agreements with service providers. By using our Platform, you consent to the transfer of your information to countries outside of India for the purposes described in this Privacy Policy. 14. CHANGES TO THIS PRIVACY POLICY We reserve the right to modify this Privacy Policy at any time, with or without prior notice. When we make material changes to this Privacy Policy, we will notify you by: • Posting the updated Privacy Policy on our Platform with the 'Last Updated' date; • Sending you an email notification (if you have provided your email address); • Displaying a prominent notice on our Platform. Your continued use of the Platform after any changes to this Privacy Policy constitutes your acceptance of the revised Privacy Policy. If you do not agree with the changes, you should discontinue use of the Platform and contact us to delete your account. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. 15. YOUR CONSENT By using our Platform and/or providing your information to us, you: • Acknowledge that you have read and understood this Privacy Policy; • Consent to the collection, use, storage, processing, disclosure, and transfer of your information as described in this Privacy Policy; • Agree to be bound by the terms of this Privacy Policy; • Understand that you may withdraw your consent at any time by contacting us, subject to legal and contractual restrictions. 16. GRIEVANCE OFFICER AND CONTACT INFORMATION In accordance with the Information Technology Act, 2000 and the rules made thereunder, if you have any grievance concerning our Platform, Services, or the processing of your information, you can contact our Grievance Officer: Grievance Officer Qurovo Private Limited CIN: U62090HR2025PTC136098 Plot no 4, 2nd floor, Minarch Tower Sector 44, Gurgaon Haryana, India - 122003 Tel.: +91-8588817448 Email: support@qurovo.com We will use reasonable efforts to respond promptly to your requests, questions, or concerns. If you have any questions about this Privacy Policy or our data practices, please contact us using the information above. *** Last Updated: February 11, 2026 Thank you for trusting Qurovo with your healthcare needs. Your privacy is important to us. APPENDIX: MOBILE APPLICATION PERMISSIONS When we launch our mobile application, it will require certain permissions to function properly and provide you with the best possible experience. This appendix will be updated at that time to describe: • Camera and Photo Library Access - For uploading medical documents and images • Location Services - To show nearby healthcare providers and hospitals • Microphone and Audio - For voice/video consultations with doctors • Phone and SMS - For OTP verification and calling healthcare providers • Storage - To save and access medical records and documents • Notifications - To send appointment reminders and updates We will only request permissions that are necessary for the app functionality and will explain why each permission is needed.
