Privacy Policy

Medipro Training and Consultancy ("Medipro", "we", "us", or "our") is deeply committed to safeguarding the privacy and digital security of our students, website visitors, and corporate partners. This Privacy Policy details our procedural compliance in accordance with the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 of India.

1. Information We Collect

To effectively orchestrate our educational and placement services, we must collect and process both identifiable and non-identifiable datasets. The specific taxonomies of data we collect include:

A. Personally Identifiable Information (PII)

We strictly collect PII only when you voluntarily submit it to us through our operational touchpoints (e.g., enrollment forms, contact inquiries, newsletter subscriptions, or downloading gated PDF resources). This includes:

• Identity Vectors: Full legal name, date of birth, gender, and government-issued identification numbers (Aadhar/PAN) strictly for financial invoicing and AAPC registration purposes.
• Contact Modalities: Valid email addresses, physical locational addresses (residential and shipping), and primary/secondary cellular numbers.
• Academic & Professional History: Highest educational qualification, university transcripts, resume/CV files, current employment status, and prior medical coding certifications.
• Financial Apparatus: Encrypted credit/debit card dimensions, UPI IDs, or direct bank account numbers utilized exclusively for processing course tuition via our RBI-compliant payment gateways (e.g., Razorpay/PayU). Medipro does not store full raw card PANs on our local servers.

B. Automated Usage & Telemetry Data

Whenever you traverse our digital web properties, our servers passively intercept and log generalized telemetry data to ensure infrastructural stability and optimizing UX. This includes:

• Internet Protocol (IP) addresses indicating regional geolocation.
• Browser morphology (e.g., Chrome v120, Safari), Operating System (e.g., Windows 11, iOS), and device typologies.
• Referral URLs, explicit timestamps of visitations, and session duration matrices per page.
• Clickstream behaviors detailing exactly which course modules invoke the highest user interest.

2. How We Use Your Information

Medipro exclusively processes your data under stringent lawful bases, primarily focusing on fulfilling educational contractual obligations and authorized legitimate interests. Your data is engineered to fuel the following 6 core use cases:

1. Academic Fulfillment: To register you for AAPC CPC examinations, grant you secure SSO access to our Learning Management System (LMS), and issue verifiable blockchain-backed graduation certificates.
2. Placement Facilitation: To construct formatted resumes and forward your academic performance metrics directly to our 50+ corporate hiring partners (e.g., AGS Health, Optum) purely for interview scheduling.
3. Financial Processing: To generate GST-compliant tax invoices, track EMI schedules with our NBFC partners (Eduvanz, Bajaj Finserv), and process authorized refunds.
4. Communication & Support: To transmit critical transactional notifications (e.g., schedule changes, live-class Zoom URLs), respond to technical support tickets, and administer student satisfaction surveys.
5. Marketing & Lead Nurturing: To broadcast relevant promotional intelligence (such as new specialty courses or webinar invitations) exclusively if you have explicitly opted into our newsletter matrix.
6. Security & Legal Compliance: To execute fraud detection algorithms, mitigate DDoS attacks on our infrastructure, and comply unconditionally with binding legal subpoenas from Indian judicial authorities.

3. Information Sharing and Disclosure

Medipro operates on a foundational principle of data minimization. We never sell, rent, or blindly auction your personal data to illicit third-party data brokers. We only expose your data to strictly vetted entities under the following paradigms:

• Global Certification Bodies: Specifically, the American Academy of Professional Coders (AAPC), to procure examination vouchers and validate your credentialing status.
• Corporate Hiring Partners: Exclusively for students opting into the "100% Placement Assistance" program, granting hospitals and RCM corporations access to your resume.
• Infrastructural Venders: Cloud hosting providers (AWS/Vercel), email delivery grids (SendGrid), and payment processors (Razorpay) who are contractually bound by rigid Non-Disclosure Agreements (NDAs).
• Statutory Mandates: If legally compelled by a court order or authorized governmental request adhering to the IT Act 2000.

4. Data Security Protocols

We implement AES-256 bit encryption at rest and TLS 1.3 transit encryption across all data packets traveling to and from our Vercel-hosted infrastructure. Access to the student database is aggressively restricted through Zero-Trust architecture, Role-Based Access Control (RBAC), and mandatory Multi-Factor Authentication (MFA) for all internal Medipro staff. While we deploy enterprise-grade persistent security, no transmission over the public web is mathematically 100% immune, and we cannot guarantee absolute absolute invulnerability.

5. Your Digital Rights

Under Indian jurisdiction and aligning with global GDPR philosophies, you retain absolute sovereignty over your digital footprint:

• Right to Access: You may request a synthesized JSON dump of all personal data we currently hold connected to your profile.
• Right to Rectification: You may immediately correct any inaccurate academic or contact data via the backend student portal.
• Right to Erasure (Right to be Forgotten): You may formally petition the outright deletion of your PII, provided it does not conflict with our legal GST record-keeping obligations (which require 8 years of invoice retention).
• Right to Opt-Out: Every marketing communication possesses a universal 1-click unsubscribe anchor.

6. Cookies and Tracking Technologies

Medipro utilizes transient and persistent cookies to streamline your session continuity. Authentication Cookies keep you logged into the LMS without requiring repetitive credential inputs. Analytical Cookies (powered via Google Analytics 4) help us understand geographic traffic density. You retain the power to outright block all non-essential cookies via our frontend Cookie Consent Banner or via your native browser (Chrome/Edge) settings.

7. Third-Party Links

Our blog and course materials frequently hyperlink to exterior authoritative domains (e.g., AAPC.com, CMS.gov). Medipro wields zero jurisdictional control over the privacy architectures of these external nodes. Navigating away from the Medipro realm means you are subject to the destination’s discrete policies.

8. Children's Privacy Governance

Our curriculum is strictly designed for post-graduate adults entering the corporate workforce. We do not intentionally or knowingly solicit, collect, or store personal telemetry from minors definitively under the age of 18. If a guardian suspects minor data has been inadvertently collected, please contact our Data Protection Officer immediately.

9. Policy Modifications

Medipro reserves the unilateral right to append, modify, or completely rewrite this Privacy Policy framework synchronously with evolving Indian IT legislative amendments or internal systemic shifts. We will broadcast a "Material Change" notification via email 15 days prior to executing severe alterations.

10. Dedicated Contact for Privacy Concerns

For any severe escalations, data extraction requests, or explicit clarifications regarding this policy, direct your correspondence straight to our designated Data Protection Officer (DPO):