Privacy Policy - VaidyaAI

Last Updated: January 21, 2026

Team vaidya ("VaidyaAI," "we," "us," or "our") operates the VaidyaAI clinical decision support platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

            IMPORTANT: By using VaidyaAI, you consent to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not access or use the Service.
        

1. Information We Collect

1.1 Personal Information

We collect information that identifies you as an individual or relates to an identifiable individual:

Account Information: Name, email address, phone number, clinic name, medical registration number
Professional Information: Medical specialty, qualifications, years of practice
Payment Information: Billing address, payment card details (processed securely through Razorpay)

1.2 Patient Health Information (PHI)

When you use our AI tools, we process the following patient information:

Patient demographics (age, gender, weight)
Medical history and symptoms
Prescription data (medications, dosages, frequencies)
Laboratory test results
Diagnostic information
Treatment plans

            CRITICAL: We do NOT collect or store patient names, addresses, phone numbers, or any direct identifiers. All patient data is anonymized and linked only to your clinic's account via an internal ID system.
        

1.3 Usage Information

We automatically collect information about how you interact with our Service:

Device information (IP address, browser type, operating system)
Usage patterns (features used, time spent, frequency of access)
Performance data (response times, error logs, system diagnostics)
Cookies and similar tracking technologies

2. How We Use Your Information

2.1 To Provide and Improve Our Service

Process prescriptions and generate AI-powered safety analyses
Provide differential diagnosis suggestions
Interpret laboratory results
Generate smart prescriptions with drug interaction checks
Maintain and improve our AI models and algorithms
Provide customer support and respond to your inquiries

2.2 To Ensure Safety and Security

Detect and prevent fraud, abuse, or unauthorized access
Monitor system performance and identify technical issues
Conduct internal audits and quality assessments
Comply with legal obligations and regulatory requirements

2.3 For Research and Development (Anonymized Data Only)

Improve AI model accuracy through machine learning
Conduct medical research on prescription patterns and safety (all data is de-identified)
Develop new features and clinical decision support tools
Generate aggregated statistical reports on drug interactions and medical trends

            GUARANTEE: Patient Health Information (PHI) used for research is ALWAYS anonymized and aggregated. We never use identifiable patient data for research without explicit consent.
        

3. How We Share Your Information

3.1 We DO NOT Sell Your Data

We will NEVER sell, rent, or trade your personal information or patient health information to third parties for marketing purposes.

3.2 Service Providers

We may share information with trusted third-party service providers who assist us in operating our Service:

Cloud Hosting: Hostinger (servers located in secure data centers)
Payment Processing: Razorpay (for subscription billing - they do NOT receive patient data)
AI/ML Services: Anthropic Claude API (for AI-powered analysis - data is encrypted in transit)
Email Services: For sending transactional emails (account verification, password resets)

All service providers are bound by strict confidentiality agreements and are prohibited from using your data for any purpose other than providing services to VaidyaAI.

3.3 Legal Requirements

We may disclose information if required by law, court order, or government regulation, including:

Responding to subpoenas, warrants, or legal process
Complying with regulatory audits (Medical Council of India, IT Act 2000)
Protecting our legal rights or defending against legal claims
Preventing fraud, security breaches, or criminal activity

3.4 Business Transfers

If VaidyaAI is acquired, merged, or undergoes a business transfer, your information may be transferred to the new entity. You will be notified via email and/or a prominent notice on our platform.

4. Data Security

4.1 Technical Safeguards

We implement industry-standard security measures to protect your information:

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls: Role-based access with multi-factor authentication (MFA)
Secure Servers: Hosted on ISO 27001 certified infrastructure
Regular Backups: Daily encrypted backups with 30-day retention
Intrusion Detection: 24/7 monitoring for unauthorized access attempts
Penetration Testing: Annual security audits by third-party experts

4.2 Organizational Safeguards

Employee training on data privacy and security best practices
Strict confidentiality agreements for all team members
Incident response plan for data breaches
Regular security awareness programs

            DISCLAIMER: While we implement robust security measures, no system is 100% secure. We cannot guarantee absolute security of data transmitted over the internet.
        

5. Data Retention

5.1 How Long We Keep Your Data

Active Accounts: Your account data is retained for as long as your account remains active
Patient Health Information: Retained for 7 years from the date of last consultation (as required by Medical Council of India guidelines)
Usage Logs: Retained for 2 years for security and performance analysis
Payment Records: Retained for 7 years for tax and accounting purposes
Anonymized Research Data: May be retained indefinitely for medical research

5.2 Account Deletion

If you delete your account:

Personal information is deleted within 30 days
Patient Health Information is anonymized (not deleted) to comply with medical record retention laws
Backup copies may persist for up to 90 days before permanent deletion
Aggregated/anonymized data used for research is NOT deleted

6. Your Rights and Choices

6.1 Access and Correction

You have the right to:

Access your personal information and patient data stored in your account
Correct inaccurate or incomplete information
Download a copy of your data (data portability)
Request deletion of your account (subject to legal retention requirements)

6.2 Marketing Communications

You can opt out of marketing emails by:

Clicking the "Unsubscribe" link in any marketing email
Adjusting your email preferences in your account settings
Contacting us at vaidya07.ai@gmail.com

Note: You cannot opt out of transactional emails (e.g., password resets, billing notifications) as they are essential for service delivery.

6.3 Cookies

You can control cookies through your browser settings. However, disabling cookies may limit functionality of our Service.

7. Children's Privacy

VaidyaAI is NOT intended for use by individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately.

8. International Data Transfers

VaidyaAI operates primarily in India. Your data is stored on servers located in India. If you access our Service from outside India, you acknowledge that your data will be transferred to and processed in India, which may have different data protection laws than your country of residence.

9. Third-Party Links

Our Service may contain links to third-party websites or services (e.g., medical databases, research papers). We are not responsible for the privacy practices of these external sites. Please review their privacy policies before providing any information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes:

We will update the "Last Updated" date at the top of this page
We will notify you via email (if you have provided an email address)
We will display a prominent notice on our platform for 30 days

Your continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information:

VaidyaAI - Data Protection Officer
Team vaidya
Email: vaidya07.ai@gmail.com
Website: https://clinical.careandcures.icu
Response Time: Within 48 hours for privacy-related inquiries

12. Governing Law

This Privacy Policy is governed by the laws of India, including:

Information Technology Act, 2000
Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
Digital Personal Data Protection Act, 2023 (when enacted)

Any disputes arising from this Privacy Policy shall be subject to the exclusive jurisdiction of courts in Hyderabad, Telangana, India.

← Back to VaidyaAI