Last updated: Feb 24, 2026
BookLine Life ("BookLine", "we", "us", or "our") respects your privacy and is legally bound by the Digital Personal Data Protection Act of India, alongside modern legal practices concerning personal data. We are committed to protecting the Personal Information that you share with us through our web platform and WhatsApp Bot integration.
We collect and process personal data exclusively required to authenticate identity, process financial settlement, and fulfill a medical queueing event.
• Identity Data: First name, Last name, and Phone number provided during the WhatsApp interaction.
• Transactional Data: Digital tokens assigned to your number, clinic choices, selected healthcare provider, appointment slot timing, and Razopray tracking codes.
• Exclusions: BookLine is **not an EHR (Electronic Health Record)** system. We do not solicit, store, nor transmit diagnosis, prescriptions, or laboratory results.
For Clinics operating on the BookLine service, we collect extended operational and financial details necessary for account verification and fund settlement:
• Business details: Clinic Name, Address, Contact Person, UIDAI, or UDYAM MSME Certificate Data for Razorpay KYC.
• Financial parameters: Nodal bank account numbers, IFSC codes, PAN details needed solely for routing your 95% settlement cuts.
Communication sent via BookLine's bot happens over Meta's WhatsApp Cloud API. WhatsApp uses the Signal encryption protocol, meaning your data in transit between our cloud servers and your mobile device is encrypted. BookLine uses **Supabase (PostgreSQL)** for the data layer, equipped with Row Level Security (RLS) to ensure Clinics can only access data belonging to their own patient queues.
We categorically prohibit selling or trading user data across our user base. Your information is only shared with trusted infrastructural partners necessary for the BookLine process:
• Razorpay: To facilitate UPI/Card processing, generating payment links, and processing refunds.
• Meta: For message orchestration via their Cloud platform.
We may disclose data if legally required by valid subpoenas, court orders, or state investigations from valid regulatory authorities in India.
Our public-facing website employs standard server-side rendering session data strictly for maintaining application state. We do not use third-party invasive tracking pixels or fingerprinting models.
Users (Patients and Clinics) reserve the absolute right to request an account deletion and data purge. Written requests sent via WhatsApp or directly communicating to the BookLine support node will result in the scrubbing of associated PII (Personally Identifiable Information) within 14 business days, barring financial transaction records that must be retained for 7 years as mandated by the RBI regulations.