CUREVO

Pantheon Meditech Private Limited · CUREVO

Privacy Policy

Last Updated: May 27, 2026

Table of Contents
This Privacy Policy applies to Pantheon Meditech Private Limited (“Company”, “we”, “us”), operating the CUREVO platform at https://curevo.in. CIN: U32509TZ2026PTC038230 · PAN: AAQCP8033R · GSTIN: 33AAQCP8033R1ZM · Registered Office: Salem, Tamil Nadu, India.

1. Overview

CUREVO is a healthcare marketplace that connects patients with verified hospitals, clinics, and doctors worldwide. We are committed to protecting your personal information and being transparent about how we collect, use, and share data.

This Privacy Policy applies to all users of curevo.in, our mobile applications, and related services. By using the platform, you agree to the practices described here.

2. Information We Collect

We collect the following categories of information:

  • Identity data: full name, date of birth, nationality, and government-issued ID details where required for medical visa facilitation.
  • Contact data: email address, phone number, and postal address.
  • Medical preferences: treatment type, desired destination, approximate budget, and health conditions you voluntarily share for provider matching. We treat this as sensitive data.
  • Account credentials: hashed passwords and authentication tokens.
  • Usage data: pages visited, search queries, click patterns, session duration, IP address, browser type, and device identifiers collected automatically.
  • Transaction data: booking references, payment method type (we do not store full card numbers), amount, and currency.
  • Communications: messages, inquiries, and support tickets you send us.
  • Provider data (for hospitals/doctors): licenses, accreditations, and listing content submitted during onboarding.

3. How We Use Your Information

We use your personal information to operate and improve the CUREVO platform:

  • Create and manage your account.
  • Match you with suitable hospitals, clinics, and doctors based on your stated preferences.
  • Facilitate appointment and procedure bookings with selected healthcare providers.
  • Process payments and issue booking confirmations.
  • Send transactional communications (booking updates, reminders, support replies).
  • Send marketing communications — with your consent, withdrawable at any time.
  • Comply with legal and regulatory obligations.
  • Improve platform performance through analytics and user feedback.
  • Detect and prevent fraud, abuse, and security threats.

Legal bases: contract performance (booking/account services), legitimate interests (security, analytics, fraud prevention), legal obligation, and consent (marketing).

4. Data Sharing

We do not sell your personal data. We share information only as follows:

  • Healthcare providers you select or consent to contact — minimum information necessary to facilitate your appointment.
  • Payment processors and financial institutions to complete transactions securely.
  • Technology sub-processors (Google Cloud/Firebase, analytics and email delivery tools) under data processing agreements.
  • Professional advisors (lawyers, accountants) under strict confidentiality.
  • Law enforcement or regulators when required by applicable law, court order, or to protect rights and safety.
  • Prospective acquirers in connection with a merger or sale of assets, with appropriate user protections.

5. Data Storage & Security

Your data is stored on Google Cloud (Firebase) infrastructure with industry-standard encryption at rest (AES-256) and in transit (TLS 1.2+). We implement role-based access controls, multi-factor authentication for administrative access, and regular security assessments.

We retain your personal data while your account is active and as needed for legal compliance, dispute resolution, and bookings history. Booking records are retained for a minimum of seven years.

While we take all reasonable steps, no electronic system is 100% secure. Please use a strong, unique password. Report security concerns to support@curevo.in.

6. Cookies & Tracking

We use cookies and similar technologies. See our full Cookie Policy for details.

  • Essential cookies: required for authentication, security, and session management.
  • Analytics cookies: anonymised usage data via Google Analytics 4.
  • Functional cookies: language, currency, and saved search preferences.
  • Marketing cookies: interest-based ads (only with your consent via the cookie banner).

7. Your Rights

Subject to applicable law, you have the right to:

  • Access: obtain a copy of personal data we hold about you.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure: request deletion of your data (subject to legal retention obligations).
  • Restriction: request we limit processing in certain circumstances.
  • Portability: receive your data in a structured, machine-readable format.
  • Object: object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent: for consent-based processing, withdraw at any time without affecting prior processing.
  • Lodge a complaint: with your local data protection supervisory authority.

To exercise these rights, email support@curevo.in. We respond within 30 days.

8. Children's Privacy

CUREVO is not directed to individuals under 18. We do not knowingly collect data from minors. If you believe a child has provided us personal data, contact us immediately at support@curevo.in and we will delete it promptly.

Where minors require medical care, a parent or legal guardian must manage the account and provide consent on their behalf.

9. International Transfers

CUREVO serves users globally. Data may be transferred to and processed in India or on Google Cloud infrastructure outside your home jurisdiction.

For EEA/UK users: transfers are conducted under appropriate safeguards including Standard Contractual Clauses (SCCs), in compliance with GDPR and UK GDPR. For users in other jurisdictions, we comply with applicable local data transfer requirements.

10. HIPAA-Aligned Practices

CUREVO is India-based and not directly subject to US HIPAA. However, we voluntarily align with HIPAA standards for health information:

  • Minimum necessary information principles when sharing health data with providers.
  • Technical safeguards: encryption, access controls, audit logs for health-data systems.
  • No use of PHI for marketing without explicit consent.
  • Breach notification to affected users in the event of a data security incident.
  • Business Associate Agreement frameworks with relevant sub-processors.

11. Contact Us

For privacy queries or to exercise your rights:

  • Email: support@curevo.in
  • Legal Name: Pantheon Meditech Private Limited
  • Registered Office: Salem, Tamil Nadu, India
  • CIN: U32509TZ2026PTC038230

Mark urgent data-security concerns “URGENT — Privacy” in the subject line.