Privacy Policy

Last Updated: June 30, 2026

PathLab Pro ("we", "us", or "our") operates the PathLab Pro mobile application (the "App"). We are committed to protecting the privacy and security of clinical, patient, and user data. This Privacy Policy details how we collect, use, process, and secure user information in compliance with Google Play Developer Policies and applicable data protection regulations.

1. Information We Collect and Process

To provide laboratory ERP, diagnostic record-keeping, and report generation services, the App collects and processes the following categories of data:

A. Authentication & Account Data

  • Google & Firebase Account Info: When logging in via Google Sign-In or Firebase Auth, we collect your email address, display name, and unique Firebase UID to identify your user account and associate you with your specific Laboratory/Institute.

B. Laboratory Operational Data

  • Patient Records: Full name, age, gender, contact number, email address, pregnancy status, blood group, and diagnostic sample numbers.
  • Report Details: Observation values, referral doctor details, laboratory technician signatures, and clinical notes/interpretations.
  • Referring Physicians: Doctor names, qualifications, genders, and commission percentages.

C. Device Identifiers

  • Device UUID: The App generates a persistent, installation-specific unique identifier (stored locally on the device) used to construct conflict-free prefixes. This prefix prevents sequence overlaps and duplicate report numbers when multiple devices operate offline. We do not track location or capture hardware serial numbers.

2. How We Use Your Information

We process collected data solely for the following purposes:

  • To authenticate and authorize laboratory technicians and administrators.
  • To generate, format, and export patient diagnostics and PDF laboratory reports.
  • To sync records between the device's local Room SQLite database and Cloud Firestore.
  • To maintain sequence tracking, sample codes, and prevent invoice number collisions across devices.
  • To auto-calculate laboratory billing, discounts, payments, and referring doctor commission details.

3. Permissions We Request

The App requests the following system permissions to perform its core functionalities:

  • Internet Access: Required to synchronize database records with Cloud Firestore.
  • Read/Write Storage: Required to generate and save patient PDF reports to the device's local storage and to select laboratory logos for PDF branding.

4. Data Storage, Synchronization, and Security

We apply high-security standards to safeguard sensitive diagnostic and patient data:

  • Local Storage Encryption: The App stores local user preferences and sync cursors inside EncryptedSharedPreferences using AES256-GCM encryption.
  • Offline Database: Offline records are managed in a local Room SQLite database. If a database is found to be corrupted or undecryptable, the App safely deletes it and triggers a fresh synchronization from Firestore to protect data integrity.
  • Firestore Transit: All communication between the App and Firebase servers is encrypted in transit using Secure Sockets Layer (SSL/TLS) protocols.
  • Backup & Export: Users can manually export database files and PDFs to their personal Google Drive or local directories. We do not upload backups to third-party servers.

5. Data Sharing and Third-Party Disclosure

We do not sell, trade, or share patient diagnostic details or technician identities with third parties. All data remains strictly within your laboratory's private Firebase instance and local device storage. We may only disclose information if required to comply with legal obligations or protect rights under applicable law.

6. Data Deletion and Retention Rights

In compliance with Google Play Console policies regarding user control over their data:

  • Retention: We retain patient records and laboratory reports as long as your Laboratory account remains active or as required by clinical retention laws.
  • Deletions: Account administrators can delete individual patient records, referring doctors, and diagnostic reports directly from the App dashboard, which immediately propagates deletions to Cloud Firestore.
  • Account Terminations: If you wish to permanently delete your Laboratory account, Firebase Auth profile, and all associated Firestore data, you can request a complete data wipe by contacting our support team at [email protected].

7. Children's Privacy

PathLab Pro is designed for medical laboratories and adult practitioners. We do not knowingly collect personal information directly from children under 13 years of age. Patient records of minors may only be entered into the App by authorized clinical professionals with parent or guardian consent.

8. Policy Updates

We may modify this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically to stay informed about our data protection practices.

9. Contact Us

If you have any questions, concerns, or deletion requests regarding this Privacy Policy, please reach out to us:

Email: [email protected]