Privacy Policy
Last updated: July 11, 2026
1. Who We Are
MR Visits Track is operated by the MR Visits Track team. For privacy-related queries, contact us at support@webauditaitool.com.
2. Data We Collect
Company & Account Data
- Company name, email address, phone number, address
- Admin name, email address, and hashed password
- Subscription plan and payment status
Medical Representative Data
- Name, email address, phone number
- GPS location data (latitude, longitude, timestamp) during active work sessions
- Attendance clock-in/clock-out records
- Visit records, photos, and notes
- Expense reports and receipts
- Order submissions and leave requests
Customer (Doctor/Chemist) Data
- Name, specialisation, clinic/shop name, contact details
- Address and GPS coordinates for geofencing
- Visit history, prescriptions, and purchase records
Technical Data
- Device type and operating system (mobile app)
- Session logs and error logs
- IP address and browser type (web portal)
3. How We Use Your Data
- To provide and operate the visit tracking and MR management platform.
- To authenticate users and maintain account security.
- To process subscription payments via Razorpay.
- To generate visit reports, analytics, and AI summaries for your company.
- To send account-related notifications (leave approvals, expense updates, etc.) via email.
- To detect fraudulent GPS activity and maintain data integrity.
- To improve our platform and fix technical issues.
4. GPS & Location Data
GPS location is the core functionality of this platform. Here is how we handle it:
- Collection: Location pings are collected every 30–60 seconds during the MR's active work session (after clock-in, before clock-out).
- Purpose: To verify field visits, generate route history, and enable geofence check-ins.
- Consent: Representatives must clock in to activate tracking — the app does not track passively without a logged-in, active session.
- Access: Location data is accessible only to the Company Admin and authorised managers of the same company.
- Retention: Location history is retained for the duration of the subscription and deleted upon account termination.
5. Data Sharing
We do not sell your data. We share data only with:
- Razorpay — for payment processing. Subject to Razorpay's privacy policy.
- OpenAI — visit data summaries are sent to OpenAI's API to generate AI reports. No personally identifiable information (PII) is included in these requests.
- Google Maps — for geocoding and map display. Only coordinates are shared.
- Email provider (Gmail SMTP) — for sending transactional emails.
6. Data Security
- All data is transmitted over HTTPS (TLS encryption).
- Passwords are hashed using bcrypt and never stored in plain text.
- API tokens (Sanctum) are stored securely in the device keychain on mobile.
- Database access is restricted to authorised server infrastructure.
- We perform regular backups of company data.
7. Your Rights
As a company admin or registered user, you have the right to:
- Access — Request a copy of your data held on our platform.
- Correction — Update incorrect personal information via your account settings.
- Deletion — Request deletion of your account and all associated data by emailing us.
- Portability — Request an export of your data in a structured format.
To exercise these rights, email support@webauditaitool.com.
8. Cookies
The web portal uses essential session cookies only — for authentication and CSRF protection. We do not use advertising, analytics, or tracking cookies.
9. Data Retention
We retain your data for as long as your account is active. Upon account deletion or subscription cancellation (after a 30-day grace period), all company data is permanently deleted from our servers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you by email before significant changes take effect. Your continued use of the platform after the effective date constitutes acceptance.
11. Contact
For privacy concerns, data requests, or questions about this policy, contact us at: