Privacy Policy | prajnaScan

1. Introduction

AlakhAgam India Pvt. Ltd. ("AlakhAgam", "we", "our", "us") is committed to protecting the privacy and confidentiality of individuals and clinics using our AI-powered healthcare solutions, including prajnaScan. This Privacy Policy explains how we collect, use, store, and protect personal and health information in compliance with India's Digital Personal Data Protection Act 2023 (DPDP Act) and applicable international standards.

2. Data We Collect

Patient Data: physiological readings, basic demographic details, chief complaint records, and AI-generated pre-diagnosis notes — accessible only by licensed doctors connected to the clinic.
Clinic Data: information required for system integration, billing, and access management for authorised medical personnel.
Website Data: limited usage analytics (non-identifiable) to improve site performance and user experience. No personal identifiers collected without consent.

3. How We Use Data

We process personal and health information to:

Provide accurate pre-diagnosis reports and smart triage support to licensed clinicians.
Enable authorised doctors to review structured patient data securely before consultation.
Improve our AI algorithms and ensure ongoing clinical safety and system quality.
Comply with medical, legal, and regulatory obligations applicable in India.
Respond to support requests and communicate about the service where consent exists.

Note: AI-generated pre-diagnosis outputs are intended for review by licensed physicians only. Patients do not receive raw AI outputs — only clinician-approved summaries are visible to patients.

4. Data Sharing

We do not sell, rent, or trade personal data. Patient data is shared only in the following limited circumstances:

With authorised doctors and healthcare professionals connected to the patient's registered clinic — strictly for clinical care purposes.
With regulatory authorities or law enforcement bodies, only where required by applicable Indian law or court order.
With trusted infrastructure providers (e.g., Azure India) operating under strict data processing agreements and bound by equivalent privacy standards.

No cross-clinic patient data sharing occurs without explicit written consent.

5. Security Measures

We implement industry-standard technical and organisational security measures, including:

AES-256 encryption for data at rest; TLS 1.3 for all data in transit.
Role-based access controls (RBAC) limiting data access to authorised personnel only.
Continuous monitoring, audit trails, and anomaly detection.
Regular security reviews and third-party penetration testing.

For a detailed view of our security architecture, see our Security & Compliance statement.

6. Your Rights

Under the DPDP Act 2023, patients and clinics have the right to:

Access personal data held about them.
Request correction of inaccurate or incomplete data.
Request erasure of data where retention is no longer necessary or lawful.
Withdraw consent for data processing (subject to clinical and legal retention obligations).
Raise a grievance with our Data Protection Officer.

We respond to all valid requests within 30 days. Contact: privacy@alakhagam.com

7. Updates to this Policy

This Privacy Policy may be updated periodically to reflect changes in our practices, technology, or legal requirements. The "Effective Date" at the top of this page indicates the latest revision. We will notify registered clinics of material changes via email.

8. Contact Us

For privacy-related inquiries or to exercise your rights under the DPDP Act 2023:

AlakhAgam India Pvt. Ltd.
Email: privacy@alakhagam.com
Website: www.alakhagam.com