Privacy Policy

Last Updated: October 3, 2025

At Aarogya Note AI, we are committed to protecting the privacy and security of your personal and patient data. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with Indian data protection laws.

1. Information We Collect

1.1 Healthcare Professional Information

When you register and use our App, we collect:

  • Name (First and Last)
  • Email address
  • Mobile number
  • Professional credentials and license information
  • Clinic/Hospital affiliation

1.2 Patient Data (Processed on Your Behalf)

As part of the documentation service, we process:

  • Audio recordings of consultations
  • Transcribed consultation text
  • Patient demographics (name, age, contact)
  • Medical history and symptoms
  • Diagnoses and treatment plans
  • Medication prescriptions

1.3 Technical Data

  • Device information (type, OS version)
  • App usage analytics
  • Log files and error reports
  • Network information

2. How We Use Your Information

2.1 Primary Uses

  • Provide audio transcription services
  • Generate AI-powered SOAP notes
  • Create medication recommendations
  • Generate clinical documentation PDFs
  • Maintain audit logs for compliance

2.2 Secondary Uses

  • Improve App functionality and accuracy
  • Provide customer support
  • Send important service updates
  • Ensure security and prevent fraud

3. Data Storage and Security

3.1 Storage Location

All data is stored exclusively on servers located in India, in compliance with data localization requirements.

3.2 Data Retention

  • Audio recordings: 90 days from consultation date
  • Clinical notes: Up to 10 years (as per medical record requirements)
  • User account data: Duration of account plus 1 year
  • Audit logs: 7 years

3.3 Security Measures

  • End-to-end encryption for data transmission
  • Encrypted storage at rest (AES-256)
  • Multi-factor authentication support
  • Regular security audits and penetration testing
  • Role-based access control
  • Automatic data backup with encryption

4. Data Sharing and Disclosure

4.1 We DO NOT Share Patient Data With:

  • Third-party advertisers
  • Marketing companies
  • Data brokers
  • Any unauthorized parties

4.2 Limited Sharing for Service Delivery

We may share data only with:

  • OpenAI (for AI processing, under strict DPA)
  • Soniox (for transcription services, under strict DPA)
  • Cloud infrastructure providers (AWS/Azure India regions)

All third-party processors are bound by strict Data Processing Agreements (DPAs) and confidentiality obligations.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government authority, but only to the extent legally necessary.

5. Patient Consent

Healthcare professionals are responsible for obtaining appropriate patient consent before recording consultations. The App provides tools for consent capture and documentation.

6. Your Rights

As a Healthcare Professional, You Have the Right To:

  • Access your account information
  • Update or correct your details
  • Delete your account (subject to legal retention requirements)
  • Export your data in portable format
  • Withdraw consent (where applicable)
  • Lodge complaints with data protection authorities

As a Patient (Through Your Healthcare Provider):

  • Request access to your medical records
  • Request corrections to inaccurate data
  • Request deletion (subject to medical record laws)

7. Children's Privacy

This App is not intended for use by children under 18, except as patients under the care of registered healthcare professionals with appropriate parental/guardian consent.

8. Cookies and Tracking

We use minimal tracking technologies:

  • Session cookies for authentication
  • Analytics for App performance monitoring
  • Error tracking for debugging

We do NOT use advertising or behavioral tracking cookies.

9. Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be communicated via email or in-app notification. Continued use of the App constitutes acceptance of the updated policy.

10. Compliance

This Privacy Policy is designed to comply with:

  • Information Technology Act, 2000
  • Digital Personal Data Protection Act, 2023
  • Clinical Establishments Act
  • Medical Council of India regulations

11. Data Protection Officer

For privacy-related queries or to exercise your rights, contact our Data Protection Officer:

  • Email: privacy@aarogyanote.ai
  • Phone: +91-XXX-XXX-XXXX
  • Address: [Physical Address in India]

By using Aarogya Note AI, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.