Privacy Policy

1. Information We Collect

Personal Information: When you request access or create an account, we collect your name, email address, phone number, organisation name, state, and city.

Usage Data: We automatically collect information about how you interact with our application, including log data, device information, and feature usage patterns. This helps us improve the product.

Patient Data: When you use Muco to manage your hospital, you upload and process patient records, clinical data, billing information, and other healthcare data. This data is your property; we act as a data processor.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Muco HMS platform
• Process your hospital registration request and set up your account
• Communicate with you about product updates, security alerts, and support
• Monitor and analyse usage trends to enhance the user experience
• Comply with legal obligations and enforce our Terms of Service

3. Data Storage and Security

All data is stored in secure PostgreSQL databases hosted on DigitalOcean infrastructure in India. We use industry-standard encryption for data in transit (TLS 1.3) and at rest (AES-256).

Access to production data is strictly limited to authorised personnel on a need-to-know basis. We maintain comprehensive audit logs of all data access.

Muco operates an offline-first architecture. Patient data is stored locally on your desktop and synchronised with our servers. This means your hospital can continue functioning even during internet outages.

4. Data Sharing and Third Parties

We do not sell your data to third parties. We may share information only in the following circumstances:

• With your consent: When you explicitly authorise us to share information
• Service providers: With trusted third-party vendors who help us operate our platform (cloud hosting, email delivery), bound by confidentiality agreements
• Legal requirements: When required by law, court order, or government regulation

5. Data Retention

We retain your account information for as long as your account is active. Patient records and clinical data are retained for the duration of your subscription. Upon termination, you may request a complete export of your data. We will delete your data within 90 days of termination, unless required by law to retain it longer.

6. Your Rights

You have the right to:

• Access, correct, or delete your personal information
• Export your data in a machine-readable format
• Object to or restrict processing of your data
• Withdraw consent at any time (for processing based on consent)
• Lodge a complaint with the relevant data protection authority

7. Cookies

Muco uses essential cookies for authentication and session management. We do not use tracking cookies or third-party analytics cookies on our platform. The landing website may use minimal analytics to understand visitor interest.

8. Healthcare Data Compliance

As a healthcare technology provider, we align our practices with NABH digital health standards. Hospitals using Muco remain the data controller for patient records. We provide the technical safeguards (encryption, audit trails, access control) required by healthcare regulations.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the application. Your continued use of Muco after such changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact our Data Protection Officer:

Email: legal@muco.in
Phone: +91 94116 63559
Address: Patna, Bihar, India