1. Information We Collect
We collect the following types of information when you use MediQPro:
- Personal Information: Name, email address, phone number, username, and password
- Healthcare Information: Department, role, and facility information (for staff accounts)
- Security Data: Security questions, backup codes, and reset tokens
- Usage Data: Login times, password reset requests, and system interactions
- Technical Data: IP address, browser type, and device information
2. How We Use Your Information
Your information is used for the following purposes:
- To provide and maintain the MediQPro service
- To authenticate users and secure account access
- To facilitate password recovery through multiple verification methods
- To communicate important system updates or security alerts
- To improve system functionality and user experience
- To comply with legal obligations and healthcare regulations
3. Data Security
We implement robust security measures to protect your information:
- All passwords are hashed using bcrypt algorithm
- Sensitive data is encrypted both in transit and at rest
- Multi-factor authentication and verification options
- Regular security audits and vulnerability assessments
- Access controls and role-based permissions
- Secure backup procedures with encrypted storage
Note: Security questions and backup codes are stored as cryptographic hashes and cannot be retrieved in plain text.
4. Data Sharing
We do not sell or rent your personal information. We may share data only in these circumstances:
- With system administrators within your healthcare facility
- When required by law or legal process
- To protect the rights, property, or safety of MediQPro users
- With service providers who assist in system operation (under strict confidentiality agreements)
5. Data Retention
We retain your information only as long as necessary:
- Active account data: Retained while account is active
- Password reset tokens: Automatically deleted after 1 hour
- Backup codes: Until used or regenerated
- System logs: Retained for 90 days for security monitoring
- Inactive accounts: Deleted after 2 years of inactivity
6. Your Rights
You have the right to:
- Access and review your personal information
- Correct inaccurate or incomplete data
- Update your security settings and verification methods
- Request deletion of your account (subject to legal requirements)
- Export your data in a portable format
- Opt-out of non-essential communications
7. Contact Information
If you have questions about this Privacy Policy or your data:
- Data Protection Officer: privacy@mediqpro.com
- Technical Support: support@mediqpro.com
- Security Concerns: security@mediqpro.com
8. Changes to This Policy
We may update this Privacy Policy periodically. Significant changes will be communicated via:
- Email notification to registered users
- In-system announcements
- Updated date on this page
Last Updated: December 6, 2025