Privacy Policy

Effective Date: March 10, 2026  |  Last Updated: March 10, 2026

1. Introduction

ClinicOS is a clinic management application operated by CODINGRIPPLER TECH PRIVATE LIMITED (CIN: U62012GJ2024PTC151181), a company incorporated under the Companies Act, 2013.

This Privacy Policy explains how we collect, use, store, and protect data when you use the ClinicOS mobile application (“App”) and related services. It applies to all users of the App, including doctors, assistants, and administrators (“Users”).

Our Role Under the DPDP Act, 2023

With respect to patient data, CODINGRIPPLER TECH PRIVATE LIMITED acts as a Data Processor — we process patient data on behalf of and under the instructions of the healthcare provider or clinic (“Data Fiduciary”). The Data Fiduciary is responsible for obtaining appropriate patient consent as part of the doctor-patient relationship.

With respect to user data (your account profile, authentication data, and device information), CODINGRIPPLER TECH PRIVATE LIMITED acts as the Data Fiduciary. We collect and process this data for the purpose of providing the App and its services to you.

In accordance with Section 6 of the DPDP Act, 2023, this Privacy Policy serves as the notice to you regarding the personal data we collect, the purposes for which it is processed, and your rights as a Data Principal. By consenting at the time of account creation, you acknowledge that you have read and understood this notice.

2. Data We Collect

A. Data Provided by Users (Doctors, Staff)

Category	Examples
User profile	Name, phone number, role (doctor/assistant/admin)
Doctor profile	Specialization, medical registration number, years of experience, consultation fee, qualifications, languages spoken
Organization details	Clinic name, address, working hours, bill templates

B. Patient Data (Entered by Healthcare Providers)

Category	Examples
Patient identity	Name, phone number, age, gender
Clinical records	Chief complaint, diagnosis, examination findings, general notes
Vitals	Blood pressure, pulse, temperature, weight, SpO2
Prescriptions	Medicine name, dosage, frequency, timing, duration, notes
Lab orders	Test name, type (blood, urine, imaging), notes
Follow-up	Days until next visit, follow-up notes
Visit history	Visit dates, complaint categories, total visit count
Billing	Bill items, amounts, payment status, payment date
Clinical images	Photos of lab reports, prescriptions, clinical photographs
Voice recordings	Consultation audio — deleted from your device after transcription; processed by Deepgram per their retention policy (see Section 4)
Queue & appointments	Token number, complaint text, registration/serving/completion timestamps

C. Automatically Collected Data

Category	Examples
Authentication	OTP verification records (hashed using BCrypt, auto-expired after 5 minutes), JWT tokens, refresh tokens
Device information	Device ID (persistent UUID), platform (Android/iOS), OS version, app version, device model
Sync metadata	Event timestamps, sync cursors, mutation audit trail
Security logs	IP address, HTTP User-Agent string (captured in audit logs for security monitoring)
SMS delivery logs	Recipient phone number, message content, delivery status (for operational monitoring of patient notifications)

D. Data We Do NOT Collect

Location data, contacts, browsing history, advertising identifiers, biometric data (fingerprint/face recognition), email addresses, social media profiles. The App contains no third-party analytics or crash-reporting SDKs.

Note: Clinical images uploaded through the App are stripped of embedded metadata (including EXIF location data) before storage.

3. How We Use Your Data

For App Users (Doctors, Staff)

Purpose	Legal Basis (DPDP Act, 2023)
Authentication and role-based access control	Consent under Section 6 (given at account creation)
Voice-to-text transcription of consultations (via Deepgram)	Consent under Section 6 (microphone permission + user-initiated recording)
AI-assisted extraction of clinical data from transcripts (via Google Gemini) — AI outputs are assistive only and do not constitute medical advice; clinical judgment remains with the treating physician	Consent under Section 6 (user-initiated extraction)
Offline synchronization and local caching of clinical data	Section 7(a) — voluntary provision of data for specified purpose
Profile display within your organization	Consent under Section 6 (given at account creation)

For Patients (Data Entered by Healthcare Providers)

Purpose	Legal Basis (DPDP Act, 2023)
Healthcare delivery: queue management, consultations, prescriptions, billing	Section 7(a) — voluntary provision for specified purpose; Section 7(c) — compliance with NMC regulations
Queue status notifications via SMS and/or WhatsApp to the patient’s phone number — sent unless the patient opts out via the SMS consent toggle at registration	Section 7(a) — voluntary provision of data for specified purpose; patient may opt out at registration
Medical record keeping as required by law	Section 7(c) — compliance with law (NMC Code of Medical Ethics 2002; Income Tax Act §44AA)

4. Third-Party Service Providers

We use the following third-party services to operate ClinicOS. Data shared with these providers is limited to what is necessary for their specific purpose. We have contractual agreements with each provider that include data protection and confidentiality obligations, in accordance with Section 8(2) of the DPDP Act, 2023.

5. Data Storage & Security

• Encryption in transit: All communication between the App and our servers uses TLS/HTTPS
• Encryption at rest (server): DigitalOcean encrypted volumes and AWS S3 server-side encryption (SSE)
• Encryption at rest (device): OS-level full-disk encryption on modern Android (10+) and iOS devices
• Authentication: JWT access tokens and refresh tokens, stored in the device’s secure keychain (iOS Keychain / Android Keystore)
• Access control: Role-based permissions (doctor, assistant, admin, nurse, billing) with granular permission checks
• Audit trail: All data mutations are logged with timestamp, user ID, and action type
• No third-party analytics: The App contains no analytics SDKs, ad networks, or crash-reporting tools

6. Data Retention

Data Category	Retention Period	Legal Basis
Medical records (visits, diagnosis, prescriptions, vitals, lab orders)	3 years from date of last treatment	NMC Code of Medical Ethics Regulations, 2002
Clinical images	3 years (part of medical record)	NMC Code of Medical Ethics Regulations, 2002
Financial / billing records	6 years from end of assessment year	Income Tax Act, 1961 §44AA
Audit logs	1 year minimum	DPDP Rules, 2025
User personal information (name, phone)	Until account deletion + 30-day grace period	DPDP Act, 2023 §12
Voice recordings	Deleted from your device after transcription completes. Deepgram may retain transient processing logs per their data processing policy (see Section 4).	Purpose limitation; Deepgram’s data processing terms

7. Your Rights

Under applicable Indian law (SPDI Rules, 2011 and the Digital Personal Data Protection Act, 2023), you have the right to:

• Access: Request a copy of your personal data by writing to privacy@codingrippler.com
• Correction: Update your profile information directly in the App, or request corrections for other data
• Deletion: Delete your account from the App (My Profile → Delete Account) or via our website at clinicos.codingrippler.com/delete-account
• Consent withdrawal: You may withdraw consent for specific processing activities at any time:
  • Voice transcription: Simply stop initiating recordings. Previously transcribed data can be deleted upon request.
  • AI-assisted extraction: Stop using the extraction feature. Previously extracted data can be deleted upon request.
  • Full withdrawal: Delete your account (see Section 8). Note that withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.
• Data portability: Request an export of your personal data in a commonly used, machine-readable format (where technically feasible) by writing to privacy@codingrippler.com. Note: medical records may only be exported in accordance with applicable medical regulations.
• Grievance redressal: Contact our Grievance Officer (details below)

We will respond to your request within 30 days (per SPDI Rules) and no later than 90 days (per DPDP Rules, 2025 Rule 14).

Note: Certain data (medical records, financial records, audit logs) must be retained for the periods specified in Section 6, even after account deletion, as required by law.

8. Account Deletion

You may delete your account at any time through:

• In-App: My Profile → Delete Account → type “DELETE” to confirm
• Web: clinicos.codingrippler.com/delete-account
• Email: If the above methods are unavailable, you may request account deletion by writing to privacy@codingrippler.com from the phone number associated with your account

Upon requesting deletion:

1. Immediately: Your account is deactivated, all authentication tokens are revoked, and your organization membership is removed
2. 30-day grace period: You may contact privacy@codingrippler.com to cancel the deletion
3. Before permanent deletion: We will make reasonable efforts to notify you before permanent deletion is executed, so that you may preserve any data you wish to retain
4. After 30 days: Your personal information (name, phone number) is permanently deleted. Clinical references are anonymized to “Deleted User”

Retained after deletion: Medical records (3 years per NMC regulations), financial records (6 years per Income Tax Act), and audit logs (1 year per DPDP Rules) are retained as required by law.

9. Data Sharing

• Within your organization: Team members with appropriate roles and permissions can access data relevant to their function
• Third-party service providers: Only as described in Section 4 (Deepgram, Google Gemini, Fast2SMS, Meta/WhatsApp, AWS, DigitalOcean)
• Patient notifications: Patients may receive queue status notifications via SMS (Fast2SMS) and/or WhatsApp (Meta) using the phone number provided at registration. Patients may opt out via the SMS consent toggle at registration, or by informing their healthcare provider
• Legal disclosure: We may disclose data if required by a court order, government investigation, or directive from CERT-In or the Data Protection Board of India

We do not currently share data with: Advertisers, insurance companies, pharmaceutical companies, data brokers, or any entity for marketing or profiling purposes. If this changes, we will update this Privacy Policy and notify you before any such sharing begins.

10. Children’s Data

ClinicOS is designed for use by healthcare professionals and is not intended for use by individuals under 18 years of age. We do not knowingly collect personal data from minors as App users.

Patient records may include data of minor patients, entered by qualified healthcare providers with appropriate professional authority and consent from parents or guardians obtained in the clinical setting, as part of standard medical care.

11. Cookies & Tracking

ClinicOS is a native mobile application and does not use cookies, web beacons, or pixel tags. The App contains no third-party analytics, advertising, or tracking SDKs. The device ID collected is used solely for authentication and sync purposes.

12. Data Breach Notification

In the event of a data breach:

• CERT-In will be notified within 6 hours of breach detection, as required by CERT-In directives
• Affected Data Principals (users) will be notified as required under the DPDP Act, 2023 and in the manner prescribed by the Data Protection Board of India
• The Data Protection Board of India will be notified in accordance with Section 8(6) of the DPDP Act, 2023
• We will take immediate steps to contain the breach and mitigate any potential harm

For breach-related inquiries, contact: privacy@codingrippler.com

13. Cross-Border Data Transfer

The following data is transferred outside India for processing:

Data	Recipient	Destination	Purpose
Voice recordings (audio)	Deepgram Inc.	United States	Transcription
Transcribed text	Google LLC (Gemini)	United States	Clinical data extraction
Patient phone + message	Meta Platforms (WhatsApp)	United States	Queue notifications

All cross-border transfers are made under contractual obligations that include data protection and confidentiality commitments, in compliance with Section 16 of the DPDP Act, 2023. Indian data protection laws apply to your data regardless of where it is processed. If the Central Government restricts transfers to any country where our service providers operate, we will comply with such restrictions and, if necessary, migrate to alternative providers within permitted jurisdictions.

Data that stays in India: All core patient records, user profiles, billing data, clinical images, and audit logs are stored on servers located in India (DigitalOcean Bangalore and AWS Mumbai).

Any disputes relating to cross-border data transfers shall be governed by Indian law and resolved in accordance with the dispute resolution mechanism described in our Terms of Use.

14. Grievance Officer

In accordance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011:

If you are not satisfied with our response, you may file a complaint with the Data Protection Board of India once it is operational under the DPDP Act, 2023.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you through an in-app notification. The updated policy will be posted at this URL with a revised “Last Updated” date.

Your continued use of ClinicOS after the updated policy is posted constitutes your acceptance of the changes. If you do not agree with the updated policy, please stop using the App and delete your account.

16. Contact Us

For any questions or concerns about this Privacy Policy or our data practices, please contact us: