VisitWise Contact

VisitWise privacy

Privacy Policy

VisitWise is a practice admin app for solo physiotherapists. This Privacy Policy explains what data is collected, why it is used, how it is protected, and how users can request deletion.

Last updated

20 May 2026.

This policy applies to the VisitWise Android app and the VisitWise website pages used for privacy, terms, support, and account-deletion requests.

VisitWise may update this policy from time to time. The date above reflects the most recent revision.

What VisitWise collects

  • Therapist account identity from Google sign-in, such as name, email address, and profile image when provided by Google.
  • Therapist profile details, app preferences, appearance settings, reminder settings, and support messages.
  • Patient records entered by the therapist, including patient name, phone number, condition text, treatment or protocol notes, visit history, manual payment records, current dues, and paid-ahead balances.
  • One selected contact's name and phone number when the therapist chooses contact import. VisitWise does not upload or store the full address book.
  • Device notification tokens and reminder interaction data needed to send and troubleshoot daily visit-log reminders.
  • De-identified product analytics events used to understand core workflows, such as app opens, patient creation, visit logging, payments, reminder outcomes, and settings changes.
  • Crash and error diagnostics used to find app failures. Diagnostics are configured to avoid patient names, phone numbers, notes, condition text, payment notes, reminder message text, auth tokens, and similar sensitive details.

How the data is used

VisitWise uses this data to authenticate the therapist, run the account, store patient and practice records, calculate visits, dues, paid-ahead balances, and earnings, show reminders, support reviewed WhatsApp handoff, provide support, maintain security, and improve reliability.

Analytics and diagnostics are used to understand whether the app works reliably and whether core beta workflows are useful. They are not intended to identify patients or collect clinical details.

Permissions and device access

Contacts access is used only when the therapist chooses to import a patient contact, and VisitWise copies only the selected contact's name and phone number. Notification permission is used for daily visit-log reminders. VisitWise does not request device location, camera, photo library, microphone, or media permissions for the MVP.

Sharing and service providers

VisitWise does not sell therapist or patient data.

VisitWise relies on the following service providers to operate the app and beta:

  • Oracle Cloud Infrastructure for backend hosting of the VisitWise PocketBase service.
  • Google for Google Sign-In authentication and Google Play distribution.
  • Expo Push Service for delivery of daily visit-log reminder notifications.
  • Self-hosted Umami, routed through the VisitWise PocketBase analytics proxy, for privacy-safe product analytics.
  • Sentry Developer for limited mobile crash and error diagnostics, configured to exclude patient-identifying data.
  • Email service used to receive support, privacy, and account-deletion requests sent to info@visitwise.in.

These providers process data only for app operation, security, support, analytics, diagnostics, and distribution purposes.

When the therapist chooses call, WhatsApp, or map actions, VisitWise may open the selected third-party app with the relevant phone number, reviewed reminder text, or stored map link. Those third-party apps handle that data under their own terms and privacy practices.

VisitWise may also disclose limited information if required for legal compliance, security, fraud prevention, abuse prevention, or to protect the app and its users.

Security

VisitWise is designed to use HTTPS in production, owner-based backend access rules, server-side secrets, secure token storage where practical, database backups, and privacy-safe analytics and diagnostics. No internet-connected service can be guaranteed to be completely secure, but VisitWise limits access and collection to what is needed for the beta.

Retention and deletion

Users can request deletion from the public account-deletion page at visitwise.in/account-deletion or by emailing info@visitwise.in.

Verified deletion requests are processed within 30 days. When a request is completed, VisitWise deletes the therapist account and associated app records such as patients, visits, payments, reminders, notification tokens, support-linked account data, and preferences. Copies in routine backups are removed on the normal backup-rotation schedule.

Limited data may be retained where needed for security, fraud prevention, legal compliance, backup integrity, incident handling, or audit logs. Audit log entries are retained for up to 180 days.

Specific patient data deletion can also be requested without deleting the whole therapist account. Support may ask for the minimum information needed to identify the account or record.

What VisitWise is not

VisitWise records completed visits and manual payments. It does not provide appointment scheduling, patient login, online payment collection, invoices, receipts, payment links, clinic teams, media storage, offline sync, AI features, telehealth, diagnosis, medical advice, or clinical decision support in the MVP.

Audience

VisitWise is intended for adult healthcare professionals operating their own practice. It is not designed for or directed to children.

Contact

Developer and privacy contact: Sthiraa Healthcare Services, info@visitwise.in.

Data principal requests, data-access questions, deletion requests, and grievances under the Digital Personal Data Protection Act, 2023 may be sent to this address.