Docran ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our healthcare management platform and patient portal services.
By using Docran, you agree to the collection and use of information in accordance with this policy. We comply with applicable Indian data protection laws, including the Digital Personal Data Protection Act (DPDPA), 2023, the Information Technology Act, 2000, and its associated rules, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
2. Information We Collect
2.1 Personal Information
We may collect personal information that you provide directly to us, including:
Name, email address, phone number, and contact information
Medical records, health information, and patient data
Appointment information and medical history
Billing and payment information
Organization details for hospital administrators
2.2 Automatically Collected Information
We automatically collect certain information when you use our services:
Device information (IP address, browser type, operating system)
Usage data (pages visited, features used, time spent)
Cookies and similar tracking technologies
3. How We Use Your Information
We use the collected information for the following purposes:
To provide, maintain, and improve our healthcare management services
To process appointments, manage patient records, and facilitate healthcare delivery
To communicate with you about your account, appointments, and services
To comply with legal obligations and healthcare regulations
To protect the security and integrity of our platform
To analyze usage patterns and improve user experience
4. Data Security
We implement industry-standard security measures to protect your information:
End-to-end encryption for data in transit and at rest
Role-based access controls and authentication
Regular security audits and vulnerability assessments
Secure data storage with Indian data residency compliance
ABDM (Ayushman Bharat Digital Mission) compliant infrastructure
DPDPA (Digital Personal Data Protection Act, 2023) compliant
IT Act, 2000 and its associated rules compliant
5. Data Sharing and Disclosure
We do not sell your personal information. We may share your information only in the following circumstances:
With healthcare providers and facilities as part of service delivery
With your explicit consent
To comply with legal obligations or court orders
To protect our rights, privacy, safety, or property
With service providers who assist in our operations (under strict confidentiality agreements)
6. Your Rights
You have the following rights regarding your personal information:
Access: Request access to your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your data (subject to legal requirements)
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. Medical records are retained in accordance with applicable healthcare regulations.
8. Compliance with Indian Data Privacy Laws
Docran is committed to full compliance with Indian data protection and privacy laws:
Digital Personal Data Protection Act (DPDPA), 2023: We comply with all provisions of India's primary data protection legislation, including data processing principles, individual rights, and data fiduciary obligations.
Information Technology Act, 2000: We adhere to the IT Act and its associated rules, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
ABDM (Ayushman Bharat Digital Mission): Our platform is designed to comply with ABDM standards for healthcare data interoperability and security.
Indian Data Residency: All personal and sensitive data is stored within India, ensuring compliance with data localization requirements.
We regularly review and update our practices to ensure continued compliance with evolving Indian data protection regulations.
9. Cookies and Tracking
We use cookies and similar technologies to enhance your experience. For more information, please see our Cookie Policy.
10. Children's Privacy
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. You are advised to review this policy periodically.
12. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us: