Rxit Logo
Privacy Policy

Privacy Policy

Last updated: January 2026

1. Introduction

NochTech Private Limited owns and operates Rxit.io ("Rxit", "we", "us", or "our"). NochTech is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

By using Rxit, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our services.

2. Information We Collect

2.1 Personal Information (all sensitive data is encrypted)

  • Name, email address, password, phone number
  • Date of birth, gender
  • Aadhaar-based authentication data
  • ABHA (Ayushman Bharat Health Account) ID

2.2 Health Information (all sensitive data is encrypted)

  • Prescription data from healthcare providers
  • Medication history and refill records
  • Pharmacy dispensing records
  • Health records shared via ABDM

2.3 Technical Information

  • Device information and identifiers
  • IP address and browser type
  • Usage patterns and analytics data

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain our services
  • Process prescription requests and medication orders
  • Enable communication between patients and pharmacies
  • Comply with healthcare regulations and legal obligations
  • Improve our platform and user experience
  • Send important service notifications

4. Data Sharing and Disclosure

We may share your information with:

  • Healthcare Providers: Doctors and hospitals as authorized by you
  • Pharmacies: Licensed pharmacies for prescription fulfillment
  • ABDM: Ayushman Bharat Digital Mission for health data exchange
  • Legal Authorities: When required by law or court order

We do not sell your personal or health information to third parties.

5. Data Security

We implement industry-standard security measures including:

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Multi-factor authentication
  • Regular security audits and penetration testing
  • Access controls and audit logging

6. Data Storage and Localization

In compliance with Indian data localization requirements, all personal and health data is stored on servers located within India. We use AWS infrastructure in the Mumbai (ap-south-1) region.

7. Your Rights

Under applicable Indian law, you have the right to:

  • Access your personal and health data
  • Correct inaccurate information
  • Request deletion of your data (subject to legal retention requirements)
  • Withdraw consent for data processing
  • Data portability

8. Legal Framework

This Privacy Policy is governed by:

  • Information Technology Act, 2000
  • IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • Digital Information Security in Healthcare Act (DISHA) guidelines
  • ABDM Health Data Management Policy

9. Data Retention

We retain your information for as long as your account is active or as needed to provide services. Health records are retained as per applicable healthcare regulations, which may require retention for a minimum of 3 years after the last interaction.

10. Children's Privacy

Our services are not intended for children under 18 without parental consent. Health records for minors are managed by their legal guardians.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email: privacy@rxit.io

Grievance Officer: grievance@rxit.io

Address: Bangalore, Karnataka, India

← Back to Home