Skip to main content

Privacy Policy

Last updated: January 30, 2026

Privacy Policy FAQ

We believe trust is fundamental to healthcare. Our approach to data privacy respects patient autonomy, protects clinical integrity, and supports continuity of care through clear consent and responsible safeguards.

Who owns the patient data on AyurAdhar?
Patient health data belongs to the patient. Doctors retain professional responsibility over the clinical records they create. AyurAdhar acts as a custodian of data, storing and organizing information to support continuity of care, based on patient consent and defined usage boundaries.
Is patient data ever shared with pharmaceutical or medicine companies?
Patient-identifiable clinical data, including diagnoses and prescriptions, is not shared with pharmaceutical or medicine companies. With patient consent, limited non-clinical information may be shared to support services such as medicine fulfillment, logistics, or quality assurance. This information does not include diagnostic details or treatment decisions. AyurAdhar does not allow patient data to be used for marketing, promotion, or targeting.
How is patient consent handled when data is accessed or shared?
Access to patient records is governed by patient consent. Patients control which doctors or services can access their information, and consent can be withdrawn. Any sharing of data beyond direct care follows explicit consent and clearly defined safeguards.
Is patient data used for research or analytics?
Data may be used to support learning, analytics, and research only in an ethical and responsible manner. Such use is designed to be anonymized or aggregated so that individuals cannot be identified, and follows consent and governance principles appropriate to healthcare research.
What rights do patients have over their data?
Patients have the right to access, correct, and request deletion of their personal health information, subject to applicable legal and clinical requirements. They also retain control over consent for data access and sharing. Details on how to exercise these rights are outlined in the Privacy Notice below.
How is patient data protected on the platform?
AyurAdhar uses industry-standard security practices to protect health information, including controlled access, secure infrastructure, and encryption where appropriate. Privacy and data protection are treated as core platform responsibilities and are reviewed continuously as the platform evolves.

Full Privacy Policy

This Privacy Policy explains how AyurAdhar (the platform operated by AyurIntelligence Data Private Limited) collects, uses, shares, and protects personal data when you access our website, mobile app, WhatsApp experiences, and related services (together, the “Services”). We are committed to privacy-by-design, clinical autonomy, and responsible data use aligned with our mission to strengthen Ayurveda through clarity, continuity, and trust.

Regulatory Context (India)

We comply with applicable Indian laws, including the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules), as well as the Digital Personal Data Protection Act, 2023 (DPDP Act), as it becomes effective. Where health data is involved, we follow sectoral medical ethics and data privacy expectations, and align with Telemedicine and clinical confidentiality principles applicable in India.

Who We Are

AyurAdhar is an independent technology platform. Doctors on the platform are independent practitioners who control diagnosis, treatment, and clinical decisions. We do not standardize or override medical judgment.

Personal Data We Collect

1) Information you provide

  • Identity and contact data: name, phone number, email, address, age or age band.
  • Account data: login credentials, user preferences, language choice.
  • Patient-provided health data: medical history, symptoms, reports, prescriptions, images, lab results, and notes you upload or share.
  • Doctor-provided clinical data: consultation notes, diagnoses, treatment plans, follow‑up guidance, and care continuity records.
  • Consent and authorization records: consent logs, approvals for sharing or accessing records.
  • Communications: messages and interactions with support, WhatsApp interactions, appointment coordination, and feedback.

2) Information collected automatically

  • Device and usage data: IP address, device identifiers, browser/app version, OS, time zone.
  • Log data: pages viewed, features used, session duration, referral sources.
  • Security and fraud signals: unusual login patterns, abuse prevention signals.

3) Information from healthcare interactions

We process health-related data to enable continuity of care, appointment management, record access, and patient-doctor communication. Such data is treated as sensitive personal data under Indian law.

How We Use Personal Data

  • To provide, operate, and improve the Services and continuity of care.
  • To facilitate patient-doctor communication and care coordination.
  • To manage onboarding, authentication, and account security.
  • To send service updates, reminders, and care-related notifications.
  • To provide customer support and resolve issues.
  • To comply with legal obligations and respond to lawful requests.
  • To conduct analytics and product improvement with privacy safeguards.

Legal Basis and Consent

We process personal data based on your consent, contractual necessity (to deliver the Services), and legitimate uses consistent with the DPDP Act and SPDI Rules. For sensitive personal data such as health information, we obtain explicit consent and provide clear purpose statements. You may withdraw consent as permitted by law, though this may limit service functionality.

Data Sharing and Disclosure

We do not sell personal data. We may share data only as follows:

  • With doctors and care teams involved in your care, subject to consent.
  • Service providers who support hosting, messaging, analytics, and support, bound by confidentiality and security obligations.
  • Regulatory or legal requests when required by law or to protect rights, safety, and platform integrity.
  • Business changes such as mergers or restructuring, with continued protections.

Data Retention

We retain data only as long as necessary to provide Services, meet legal or medical record requirements, resolve disputes, and enforce agreements. Where feasible, we anonymize data for analytics and research purposes.

Security Measures

We implement reasonable security practices aligned with Indian SPDI Rules, including access controls, encryption in transit, audit logging, and secure infrastructure. No system is 100% secure; users should safeguard credentials and report suspicious activity.

Patient Rights and Choices

  • Access and review your personal data.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of data, subject to legal or clinical retention requirements.
  • Withdraw consent for specific processing, where applicable.
  • Opt out of non-essential communications.

Children and Family Accounts

If a parent or guardian uses the platform for a minor, they represent that they have the authority to provide consent. We do not knowingly solicit data from minors without appropriate guardian involvement.

Data Localization and Cross‑Border Transfers

We store and process data in secure environments. If data is transferred outside India, we apply protections consistent with applicable Indian law and ensure contractual safeguards with service providers.

Third‑Party Links and Services

Our Services may link to third‑party sites or services (for example, pharmacy or payment providers). We are not responsible for their privacy practices; please review their policies directly.

Changes to This Policy

We may update this Privacy Policy from time to time. We will post changes here and update the “Last updated” date. Material changes will be communicated through appropriate channels.

Contact and Grievance

If you have questions, requests, or complaints regarding privacy or data handling, you can contact our privacy team or grievance officer.