Privacy Policy

Last Updated: February 14, 2026

This Privacy Policy describes how Parentto Technologies Pvt. Ltd. ("Company", "we", "us", or "our") collects, uses, and protects your personal information when you use ProPract ("Platform").

We are committed to protecting your privacy and complying with applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (India) and other relevant regulations.

1. Information We Collect

1.1 Information You Provide

For Experts:

• Account information: name, email, phone number, password
• Professional information: qualifications, experience, specializations, certifications
• Profile content: bio, photos, videos, testimonials
• Business information: service offerings, pricing, availability
• Payment information: bank account details for payouts
• Communication preferences

For Clients:

• Booking information: name, email, phone number
• Payment information: processed through Razorpay (we do not store card details)
• Session notes and intake form responses (stored for Experts)
• Communication with Experts

1.2 Information Collected Automatically

• Device information: browser type, operating system, device identifiers
• Usage data: pages visited, features used, time spent on Platform
• Log data: IP address, access times, referring URLs
• Cookies and similar technologies (see Section 6)

1.3 Information from Third Parties

• Google account information (if using Google Sign-In)
• Google Calendar data (if calendar sync is enabled)
• Payment status from Razorpay

2. How We Use Your Information

We use your information to:

• Provide, maintain, and improve the Platform
• Process bookings and payments
• Facilitate communication between Experts and Clients
• Sync calendars and prevent scheduling conflicts
• Send transactional emails (booking confirmations, reminders)
• Send marketing communications (with your consent)
• Provide customer support
• Detect and prevent fraud, abuse, and security threats
• Comply with legal obligations
• Analyze usage patterns to improve our services

3. Legal Basis for Processing

We process your personal data based on:

• Contract: To fulfill our agreement with you (providing Platform services)
• Consent: Where you have given explicit consent (e.g., marketing emails)
• Legitimate Interest: For fraud prevention, security, and service improvement
• Legal Obligation: To comply with applicable laws and regulations

4. Information Sharing

We may share your information with:

4.1 Service Providers

• Razorpay: Payment processing
• Resend: Email delivery
• Cloudinary: Image and media storage
• Google: Authentication and calendar sync
• MongoDB: Database hosting

4.2 Between Experts and Clients

• Expert profiles are publicly visible
• Client booking information is shared with the respective Expert
• Contact details are shared as necessary for service delivery

4.3 Legal Requirements

We may disclose information if required by law, court order, or government request.

4.4 Business Transfers

In case of merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

5. Data Retention

• Account data: Retained while your account is active, plus 3 years after deletion
• Booking records: Retained for 7 years for legal and tax compliance
• Session notes: Retained as per Expert's settings and applicable healthcare regulations
• Payment records: Retained for 7 years as required by financial regulations
• Log data: Retained for 90 days

6. Cookies and Tracking

We use cookies and similar technologies for:

• Essential cookies: Required for Platform functionality (authentication, security)
• Analytics cookies: To understand how you use the Platform
• Preference cookies: To remember your settings

You can manage cookie preferences through your browser settings.

7. Your Rights

Under applicable data protection laws, you have the right to:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Portability: Receive your data in a portable format
• Withdraw Consent: Withdraw consent for processing based on consent
• Object: Object to processing based on legitimate interest
• Complaint: Lodge a complaint with the Data Protection Board of India

To exercise these rights, contact us at mail@propract.com.

8. Data Security

We implement appropriate security measures including:

• Encryption of data in transit (HTTPS/TLS)
• Encryption of sensitive data at rest
• Access controls and authentication
• Regular security assessments
• Employee training on data protection

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

9. Children's Privacy

ProPract is not intended for children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries other than India where our service providers operate. We ensure appropriate safeguards are in place for such transfers.

11. Third-Party Links

The Platform may contain links to third-party websites. We are not responsible for the privacy practices of these websites. Please review their privacy policies before providing any personal information.

12. Special Note for Experts

As an Expert, you are an independent data controller for the Client information you collect and process through your practice. You are responsible for:

• Compliance with healthcare data protection regulations (Mental Healthcare Act, 2017)
• Maintaining confidentiality of Client information
• Obtaining necessary consents from Clients
• Implementing appropriate security measures for Client data
• Retaining records as required by professional regulations

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Platform. Your continued use of the Platform after changes constitutes acceptance of the updated policy.

14. Google API Services

ProPract integrates with Google services to provide authentication and calendar synchronization features. Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

14.1 Google Data We Access

• Google Sign-In: Email address, name, and profile picture for account creation/login
• Google Calendar: Calendar events and free/busy information to sync availability and prevent double-bookings

14.2 How We Use Google Data

• Authentication: To verify your identity and create/access your ProPract account
• Calendar Sync: To display your busy times and automatically block unavailable slots for clients
• Event Creation: To add confirmed bookings to your Google Calendar

14.3 Google OAuth Application Details

You can revoke ProPract's access to your Google data at any time through your Google Account permissions.

15. Contact Us

For privacy-related inquiries, please contact:

Parentto Technologies Pvt. Ltd.
Data Protection Officer
Email: mail@propract.com
Address: Gurugram, Haryana, India

16. Grievance Officer

In accordance with the Information Technology Act, 2000 and rules thereunder, the Grievance Officer can be contacted at:

Email: mail@propract.com
Response time: Within 24 hours of receipt