Privacy Policy
At MUDAWA, we are committed to protecting your privacy and ensuring the security of your personal health information in compliance with Pakistani healthcare regulations.
Last updated: 19/05/2026
Data Protection
Your personal and health information is encrypted using AES-256 encryption protocols compliant with Pakistani data protection standards.
HIPAA & PIPL Compliant
We comply with international HIPAA standards and Pakistan's Personal Information Protection Law (PIPL).
No Third-Party Sharing
Your health data is never shared with third parties without explicit written consent, as per PMDC regulations.
Regulatory Compliance
We follow PMDC (Pakistan Medical and Dental Council) guidelines for AI healthcare applications.
Firebase Database
We use Firebase with enterprise-grade security, providing encrypted data at rest and in transit with strict access controls.
Data Sovereignty
Patient data is stored on secure servers compliant with Pakistan's data localization requirements.
1. Information We Collect
MUDAWA collects information you provide directly to us when you create an account, use our AI health assistant, track your vitals, or contact us for support. This includes:
- Personal Information: Name, email address, phone number, date of birth, gender
- Health Information: Medical history, vital signs, symptoms, health concerns
- Device Information: IP address, device type, browser information
- Usage Data: How you interact with our platform and features
2. Regulatory Compliance
MUDAWA complies with:
- PMDC (Pakistan Medical & Dental Council) - Guidelines for AI healthcare applications
- Pakistan Personal Information Protection Law (PIPL) - Data protection requirements
- HIPAA Standards - International healthcare privacy standards
- PTA Regulations - Pakistan Telecom Authority cybersecurity guidelines
- Data Localization - Patient data stored within Pakistan-compliant servers
3. Medical Disclaimer & AI Usage
Important Medical Disclaimer
MUDAWA's AI assistant provides general health information only and is NOT a substitute for professional medical advice. Users must consult qualified healthcare professionals for medical diagnosis, treatment, and advice. MUDAWA does not provide medical prescriptions or replace licensed medical practitioners.
4. How We Use Your Information
- To provide and improve our AI-powered healthcare services
- To process future appointments and connect you with healthcare providers
- To personalize your experience with our AI health assistant
- To send important updates about our services and regulatory compliance changes
- To protect against fraud and ensure the security of our platform
- To comply with legal obligations under Pakistani healthcare laws
5. Data Storage & Security Infrastructure
Primary Database: Firebase
Enterprise-grade encryption at rest and in transit, real-time security rules, and regular security audits
Encryption Standards
AES-256 encryption for data at rest, TLS 1.3 for data in transit, with FIPS 140-2 compliant encryption modules
Data Localization
Patient data stored on Pakistan-based or Pakistan-compliant servers to meet local data sovereignty requirements
6. Your Rights & Data Access
Under Pakistani data protection laws and PIPL, you have the right to:
- Access your personal and health information stored with MUDAWA
- Request correction or deletion of inaccurate data
- Request a copy of your data in a portable format
- Opt-out of non-essential data processing
- Request restriction or deletion of your information
- Lodge complaints with Pakistan's Data Protection Authority
To exercise these rights, contact us at mudawa.health@gmail.com with proper identification verification.
7. Mobile App Privacy Terms
When MUDAWA's mobile app launches, the following additional terms will apply:
- App permissions will be requested only for essential services (camera for vital sign tracking, location for nearby healthcare facilities)
- Biometric data (fingerprint/face recognition) will be encrypted locally on device and never transmitted to servers
- Permissions can be revoked at any time through device settings
- App analytics will not track personal health data, only usage patterns for improvement
- Push notifications will be controlled by user preferences
8. Third-Party Services & Compliance
MUDAWA uses third-party services that are carefully vetted for compliance with Pakistani healthcare regulations:
- Firebase - Secure data storage with enterprise encryption
- Third-Party Verifications - Only used with explicit user consent and proper data use agreements
- All third-party providers must comply with PIPL and international data protection standards
9. Children's Privacy
MUDAWA is not intended for children under 13 years old. We do not knowingly collect information from children. For users aged 13-18, parental/guardian consent is required before data collection.
10. Data Retention Policy
We retain your personal and health information as long as necessary to provide services and comply with legal obligations in Pakistan. You can request deletion of your data at any time. Deletion requests will be processed within 30 days.
11. Security Incident Notification
In case of any data breach or security incident, we will notify affected users within 72 hours as required by Pakistani cybersecurity guidelines. The notification will include details of the incident and steps users should take.
12. Contact & Grievance Redressal
For privacy concerns, data requests, or grievances:
MUDAWA Privacy Team
Email: mudawa.health@gmail.com
Phone: +92 XXX-XXXX-XXX (Coming Soon)
Response Time: Within 15 business days
Regulatory Authority: Pakistan Data Protection Authority
13. Changes to Privacy Policy
We may update this Privacy Policy to reflect changes in our practices or applicable regulations. We will notify users of significant changes via email and on our platform. Continued use of MUDAWA after changes signifies acceptance of the updated policy.
14. Governing Law
This Privacy Policy is governed by the laws of Pakistan and is compliant with Pakistan's Personal Information Protection Law (PIPL) and PMDC healthcare regulations.