Privacy Policy for Users

Mashwara is dedicated to protecting the privacy of its users. This Privacy Policy outlines how we collect, use, store, and share information when you access or use the Mashwara mobile application (the “App”) and website, a healthcare platform for users in Pakistan.

Important Notice

Mashwara AI (Private) Limited (“Mashwara”) is not a substitute for professional medical advice, diagnosis, or emergency treatment.

If you believe you are experiencing a medical emergency, please contact your nearest hospital or emergency number immediately.
All consultations and recommendations available through Mashwara are for informational and non-emergency use only.

By using the Mashwara app, you consent to the collection, use, and sharing of your information as described in this Privacy Policy.

 

Who We Are

This Privacy Policy is issued by Mashwara AI (Private) Limited (“Mashwara,” “we,” “us,” or “our”), a digital tele-clinic and health-technology company incorporated in Pakistan.
Mashwara operates a secure digital platform that connects users with independent licensed clinicians and verified healthcare providers, combining AI-driven health assistance with encrypted communication, record storage, and care-coordination tools.

 

Platform Modules

  • Appointment Booking – Schedule secure video consultations with independent licensed doctors available on the Mashwara platform.
  • Video Consultations – Secure, encrypted one-to-one video calls between users and independent clinicians. Sessions are confidential and not recorded by default.
  • Medical Vault (Electronic Health Record – EHR) – Private, encrypted storage for lab results, prescriptions, and medical history that you can share with clinicians you choose.
  • AI Health Assistant – Provides symptom-based informational guidance and triage suggestions powered by artificial intelligence; not intended for diagnosis or treatment decisions.
  • Second Opinion Service – Enables users to request expert reviews of uploaded reports from local or cross-border specialists for informational insights.
  • Blood Bank Finder – Helps donors and recipients connect through voluntary listings. Mashwara does not collect, test, store, or transfuse blood.
  • Insurance Enrollment – Allows users to explore and apply for health-insurance plans offered by licensed third-party insurers. Mashwara acts solely as an authorized agent and digital facilitator for licensed insurers, for the purpose of plan information and enrollment.
  • Wallet & Credits System – Manage in-app payments, refunds, and Mashwara credits used for consultations, AI services, or EHR storage.
  • Emergency Hospital Locator – Displays nearby hospitals and emergency centers based on your location; Mashwara does not provide emergency medical response.

Mashwara acts as a digital facilitator for healthcare interactions between users and independent clinicians. We do not guarantee clinical outcomes and do not function as a hospital or insurance company.

Mashwara acts only as an authorized agent and digital facilitator for licensed insurers, for the purpose of plan information and enrollment.

Contact: info@mashwara.ai
Website: https://mashwara.ai
Postal Address: Mashwara AI (Private) Limited, Lahore, Pakistan

 

1) What This Policy Covers

This policy explains how we collect, use, share, and protect your information when you use the Mashwara mobile apps and website, video consultations, Medical Vault (EHR), AI Health Assistant, Second Opinion Service, Blood Bank Finder, Insurance Enrollment, Wallet & Payments, and Emergency Hospital Locator.

 

2) The Data We Collect and Why

  1. Account & Identity

Name, phone, email, password/OTP, basic profile (age, sex, city), and-when required for insurance-ID verification.
Used to create and manage your account, verify identity, prevent fraud, and communicate with you.

  1. Health & Medical (Sensitive)

Data you provide during consultations with independent clinicians, including symptoms, video-consultation metadata (not recorded by default), prescriptions, lab reports, AI inputs/outputs, and records you choose to store or share.
Mashwara facilitates these interactions and processes data securely on behalf of the clinicians you consult.

  1. Blood Bank (Public Health)

Blood type, city, urgency, and optional contact info you submit for voluntary matching. Only minimal data is displayed; posts auto-expire.

  1. Location (Optional)

Approximate or precise location when enabled (e.g., nearby hospitals). Not stored for tracking.

  1. Communications & Files

Messages with support, uploaded reports, and technical session metadata.

  1. Wallet & Payments

Transaction IDs and details from PayFast/PayPro, wallet balance, credit use-processed to handle payments and manage in-app purchases.

  1. Device & Diagnostics

Device/OS info, app version, crash logs, and de-identified analytics. Health data is never used for ads.

We do not sell personal or health data.

 

3) How We Use Your Data

  • To deliver and improve Mashwara features.
  • To coordinate care with clinicians, labs, and pharmacies you choose.
  • To verify insurance eligibility and process enrollments.
  • To process payments and manage Wallet credits.
  • To ensure security, prevent fraud, and debug issues.
  • To conduct aggregated or de-identified analytics.
  • To comply with legal obligations.

 

4) AI Recommendations (Important)

The AI Health Assistant provides informational guidance and symptom-based suggestions to help users better understand possible next steps in their care.
These suggestions are not a medical diagnosis and should not replace professional medical consultation.

You can choose whether to use the AI module at any time.
If you prefer not to receive AI-based suggestions, simply do not open or enable the AI Health Assistant in the app’s Settings.

AI interactions are processed securely and never shared with advertisers or used for profiling.
Any AI inputs and outputs are stored in your Medical Vault (Electronic Health Record – EHR) for your reference and for continuity of care with clinicians you choose to share them with.

 

5) Second Opinion (Important)

The Second Opinion feature allows users to book video consultations with independent or cross-border specialists for an additional professional review.
These appointments are informational in nature and do not replace direct medical care or local emergency services.

Before or during a Second Opinion appointment, you can choose which medical records or reports from your Medical Vault (EHR) to share with the selected clinician.
The clinician can only access the files you explicitly select for that consultation.

You may revoke access to shared files at any time. Revocation prevents new access but does not undo advice already given during the appointment.

 

6) Blood Bank (Important)

Mashwara only connects donors and recipients; no blood collection, testing, or storage.
You control what you share; posts auto-expire to protect privacy.

 

7) Insurance (Important)

Insurance plans are offered by licensed third-party insurers.
Mashwara shares only minimum data for eligibility and enrollment and acts solely as an authorized agent and digital facilitator for licensed insurers, for plan information and enrollment.
Mashwara does not underwrite, issue, or manage insurance policies.

 

8) Sharing & Disclosure

Data shared only with clinicians you consult, contracted providers (hosting, video, payments, SMS), insurance partners when you enroll, or authorities when required by law.
Never shared with advertisers.

 

9) Legal Bases

Contract/performance, consent (for optional features), legitimate interest (security, improvement), and legal obligation (record retention).

 

10) Permissions & Choices

Camera/Mic (for video consultations), Files (for uploads), Location (optional), Notifications (for updates).
Access requested only when needed and revocable anytime.

 

11) Children and Teens

Intended for users 18 and above. Minors only under guardian supervision. Unauthorized accounts removed on request.

 

12) Security (Google Cloud Platform)

All Mashwara systems and services are hosted on Google Cloud Platform (GCP) with multi-layered security controls, including TLS encryption in transit, AES-256 encryption at rest, strict Identity and Access Management (IAM) permissions, multi-factor authentication (MFA) for administrators, continuous logging, and real-time monitoring.

GCP maintains internationally recognized security certifications such as ISO/IEC 27001 (Information Security Management) and ISO/IEC 27701 (Privacy Information Management), SOC 2/3, and PCI DSS for relevant services.
Mashwara inherits these protections and implements additional application-level safeguards appropriate for digital health operations.

Mashwara follows security and privacy standards aligned with ISO/IEC 27001 (Information Security Management) and ISO/IEC 27701 (Privacy Information Management) for the protection of health information.

These measures ensure that all health and personal data processed through Mashwara remain encrypted, access-controlled, and protected against unauthorized use, disclosure, alteration, or destruction.

 

13) Data Retention & Deletion

Medical records kept while account is active or as required by law, then deleted or de-identified.
Blood Bank posts auto-expire. Payment records retained per financial rules.
Backups encrypted and purged on schedule.
You can view, download, correct, or delete data via the app or by contacting us; requests processed within 30 days.

 

14) International Transfers

Cross-border data (e.g., Second Opinion) protected by encryption and contractual safeguards. You may decline such features.

 

15) Your Rights

Access, correct, delete, download/port, or withdraw consent at any time by contacting info@mashwara.ai.

 

16) Changes to This Policy

We may update this policy to reflect new features or laws; material changes will be notified in-app or by email.

 

17) Dispute Resolution and Governing Law

All disputes arising from or in connection with this Privacy Policy shall be governed by the laws of Pakistan and resolved through arbitration in accordance with the Arbitration Act, 1940.

18) Contact Us

Email: info@mashwara.ai
Postal Address: Mashwara AI (Private) Limited, Lahore, Pakistan

Privacy Policy

Last updated: 26-05-2025

This Privacy Policy describes how Mashwara collects, uses, and protects your personal information when you use our services. By using our app, you consent to the collection, use, and sharing of your information as outlined in this Privacy Policy.

1. Information We Collect

We may collect the following information:

  • Personal Information: When you register on our App, we collect information such as your name, email address, contact number, and date of birth. When you create an account, we collect information such as your name, email address, contact number, gender, date of birth, and profile picture.
  • Device Information: We may collect information about your device, including the model, operating system version, unique identifiers, and location, provided you have granted permission for location access.
  • Health Information: You may choose to share health-related information, such as medical history, symptoms, and medication details. This information is treated with the utmost confidentiality and is used to provide personalized healthcare advice.
  • Usage Data: We may collect information about how you install our app, such as the you visit, the links you click, and the time you spend on our app.

2. How We Use Your Information

We use your information to:

  • Provide and improve our services.
  • Process appointments and payments.
  • Communicate with you about your account and services.
  • Send you promotional offers and newsletters (with your consent).
  • Analyze website usage to enhance user experience.
  • Comply with legal and regulatory requirements.

3. Data Security

We implement strong security measures to protect your personal information, including:

  • Encryption of sensitive data.
  • Secure data storage and transmission.
  • Regular security audits and vulnerability assessments.
  • Access controls to limit access to authorized personnel.

4. Data Sharing

We may share your information with trusted third-party service providers who assist us in delivering our services. These providers are bound by strict confidentiality agreements. We will not share your information with any other third parties without your consent, unless required by law.

5. Online Payments

  • Payment Methods: Mashwara enables payments for services via credit cards, debit cards, mobile wallets, and other digital methods. Users are responsible for providing accurate payment information.
  • Payment Security: Mashwara ensures secure payment processing through an encrypted payment gateway. We do not store any sensitive financial details, and all transactions are protected with industry-standard security protocols. While digital payments are secure, users are encouraged to be mindful of potential, although rare, online risks.
  • Responsibility for Accuracy: Users are accountable for ensuring the accuracy of payment details. Errors in information or unauthorized payments may lead to delays or issues with processing.
  • Refund and Cancellation Policy: If a user cancels an appointment, any applicable refund will be processed per the cancellation policy, potentially subject to charges. Refunds may take up to seven working days.
  • Liability Disclaimer: Mashwara is not liable for any errors, delays, or damages arising from the payment process, including unauthorized access to payment information. All payments are processed through a third-party payment platform, and Mashwara is not liable for any transactions or disputes related to these payments.

6. Your Rights

You have the right to:

  • Access and update your personal information.
  • Request the deletion of your account and associated data.
  • Opt out of marketing communications.

7. Data Security and Certification

Mashwara is ISO 27001 certified, adhering to stringent international standards for information security. All user data is encrypted, ensuring it remains confidential and protected from unauthorized access.

8. Dispute Resolution and Governing Law

All disputes regarding payments or service usage are governed by the laws of Pakistan and will be resolved through arbitration under the Arbitration Act, 1940.

9. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Any changes will be posted on this website, and we encourage you to review the Privacy Policy regularly.

10. Contact Us

For any questions or concerns regarding this Privacy Policy, please contact us at:

Email: info@mashwara.ai

Thank you

Join the waitlist today – we’re bringing patients a smarter way to manage their health journey with AI-powered progress tracking and personal insights.

Mashwara For Doctors
Already Launched

Choose your profile for pre- registration

Doctor

User