Privacy Policy

Effective Date: January 15, 2026

1. Introduction

Docran ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our healthcare management platform and patient portal services.

By using Docran, you agree to the collection and use of information in accordance with this policy. We comply with applicable Indian data protection laws, including the Digital Personal Data Protection Act (DPDPA), 2023, the Information Technology Act, 2000, and its associated rules, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you provide directly to us, including:

Name, email address, phone number, and contact information
Medical records, health information, and patient data
Appointment information and medical history
Billing and payment information
Organization details for hospital administrators

2.2 Automatically Collected Information

We automatically collect certain information when you use our services:

Device information (IP address, browser type, operating system)
Usage data (pages visited, features used, time spent)
Cookies and similar tracking technologies

3. How We Use Your Information

We use the collected information for the following purposes:

To provide, maintain, and improve our healthcare management services
To process appointments, manage patient records, and facilitate healthcare delivery
To communicate with you about your account, appointments, and services
To comply with legal obligations and healthcare regulations
To protect the security and integrity of our platform
To analyze usage patterns and improve user experience

4. Data Security

We implement industry-standard security measures to protect your information:

Encryption in transit (TLS/HTTPS) and at rest for all sensitive data
Role-based access controls and authentication
Regular security audits and vulnerability assessments
Secure data storage with Indian data residency compliance
Infrastructure designed to align with ABDM (Ayushman Bharat Digital Mission) standards
Designed to align with DPDPA (Digital Personal Data Protection Act, 2023) requirements
Designed to align with IT Act, 2000 and its associated rules

6. Your Rights

You have the following rights regarding your personal information:

Access: Request access to your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your data (subject to legal requirements)
Portability: Request transfer of your data
Objection: Object to processing of your data
Withdrawal: Withdraw consent at any time

To exercise these rights, please contact us at privacy@docran.in

Consent Withdrawal Process

Submit a written request to privacy@docran.in
We will verify your identity within 48 hours
Your request will be processed within 7 business days
You will receive confirmation once withdrawal is complete

Note: Withdrawal of consent may affect your ability to use certain services. Withdrawal does not affect the lawfulness of processing before the withdrawal.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements.

Specific Retention Periods:

Medical Records:7 years from the date of last treatment, or as required by applicable healthcare regulations
Account Information:Duration of account activity + 2 years after account deletion
Billing Records:8 years from date of transaction (as per Indian tax regulations)
Appointment History:5 years from the date of appointment
Communication Logs:3 years from the date of communication
Analytics Data:26 months (anonymized after 12 months)
Audit Logs:5 years from the date of the logged activity

Upon expiration of retention periods, data is securely deleted or anonymized. You may request earlier deletion subject to legal and regulatory requirements.

8. Compliance with Indian Data Privacy Laws

Docran is committed to aligning with Indian data protection and privacy laws:

Digital Personal Data Protection Act (DPDPA), 2023: We are designed to align with India's primary data protection legislation, including data processing principles, individual rights, and data fiduciary obligations.
Information Technology Act, 2000: We are designed to align with the IT Act and its associated rules, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
ABDM (Ayushman Bharat Digital Mission): Our platform is designed to align with ABDM standards for healthcare data interoperability and security.
Indian Data Residency: All personal and sensitive data is stored within India, ensuring compliance with data localization requirements.

We regularly review and update our practices to ensure continued compliance with evolving Indian data protection regulations.

9. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. For more information, please see our Cookie Policy.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

Notify affected individuals within 72 hours of becoming aware of the breach
Report to the Data Protection Board of India as required by DPDPA
Provide details about the nature of the breach and data affected
Describe measures taken to address and mitigate the breach
Offer guidance on steps you can take to protect yourself

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. You are advised to review this policy periodically.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: privacy@docran.in

Phone: +91 85559 24472

Address: Hyderabad, Telangana, India

Docran

Back to Home

Privacy Policy

Effective Date: January 15, 2026

1. Introduction

2. Information We Collect

2.1 Personal Information

We may collect personal information that you provide directly to us, including:

Name, email address, phone number, and contact information
Medical records, health information, and patient data
Appointment information and medical history
Billing and payment information
Organization details for hospital administrators

2.2 Automatically Collected Information

We automatically collect certain information when you use our services:

Device information (IP address, browser type, operating system)
Usage data (pages visited, features used, time spent)
Cookies and similar tracking technologies

3. How We Use Your Information

We use the collected information for the following purposes:

To provide, maintain, and improve our healthcare management services
To process appointments, manage patient records, and facilitate healthcare delivery
To communicate with you about your account, appointments, and services
To comply with legal obligations and healthcare regulations
To protect the security and integrity of our platform
To analyze usage patterns and improve user experience

4. Data Security

We implement industry-standard security measures to protect your information:

Encryption in transit (TLS/HTTPS) and at rest for all sensitive data
Role-based access controls and authentication
Regular security audits and vulnerability assessments
Secure data storage with Indian data residency compliance
Infrastructure designed to align with ABDM (Ayushman Bharat Digital Mission) standards
Designed to align with DPDPA (Digital Personal Data Protection Act, 2023) requirements
Designed to align with IT Act, 2000 and its associated rules

6. Your Rights

You have the following rights regarding your personal information:

Access: Request access to your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your data (subject to legal requirements)
Portability: Request transfer of your data
Objection: Object to processing of your data
Withdrawal: Withdraw consent at any time

To exercise these rights, please contact us at privacy@docran.in

Consent Withdrawal Process

Submit a written request to privacy@docran.in
We will verify your identity within 48 hours
Your request will be processed within 7 business days
You will receive confirmation once withdrawal is complete

Note: Withdrawal of consent may affect your ability to use certain services. Withdrawal does not affect the lawfulness of processing before the withdrawal.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements.

Specific Retention Periods:

Medical Records:7 years from the date of last treatment, or as required by applicable healthcare regulations
Account Information:Duration of account activity + 2 years after account deletion
Billing Records:8 years from date of transaction (as per Indian tax regulations)
Appointment History:5 years from the date of appointment
Communication Logs:3 years from the date of communication
Analytics Data:26 months (anonymized after 12 months)
Audit Logs:5 years from the date of the logged activity

Upon expiration of retention periods, data is securely deleted or anonymized. You may request earlier deletion subject to legal and regulatory requirements.

8. Compliance with Indian Data Privacy Laws

Docran is committed to aligning with Indian data protection and privacy laws:

Digital Personal Data Protection Act (DPDPA), 2023: We are designed to align with India's primary data protection legislation, including data processing principles, individual rights, and data fiduciary obligations.
Information Technology Act, 2000: We are designed to align with the IT Act and its associated rules, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
ABDM (Ayushman Bharat Digital Mission): Our platform is designed to align with ABDM standards for healthcare data interoperability and security.
Indian Data Residency: All personal and sensitive data is stored within India, ensuring compliance with data localization requirements.

We regularly review and update our practices to ensure continued compliance with evolving Indian data protection regulations.

9. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. For more information, please see our Cookie Policy.

10. Children's Privacy

11. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

Notify affected individuals within 72 hours of becoming aware of the breach
Report to the Data Protection Board of India as required by DPDPA
Provide details about the nature of the breach and data affected
Describe measures taken to address and mitigate the breach
Offer guidance on steps you can take to protect yourself

12. Changes to This Policy

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: privacy@docran.in

Phone: +91 85559 24472

Address: Hyderabad, Telangana, India

Privacy Policy

Table of Contents

1. Introduction

2. Information We Collect

2.1 Personal Information

2.2 Automatically Collected Information

3. How We Use Your Information

4. Data Security

6. Your Rights

Consent Withdrawal Process

7. Data Retention

Specific Retention Periods:

8. Compliance with Indian Data Privacy Laws

9. Cookies and Tracking

10. Children's Privacy

11. Data Breach Notification

12. Changes to This Policy

13. Contact Us

Docran

Privacy Policy

Table of Contents

1. Introduction

2. Information We Collect

2.1 Personal Information

2.2 Automatically Collected Information

3. How We Use Your Information

4. Data Security

6. Your Rights

Consent Withdrawal Process

7. Data Retention

Specific Retention Periods:

8. Compliance with Indian Data Privacy Laws

9. Cookies and Tracking

10. Children's Privacy

11. Data Breach Notification

12. Changes to This Policy

13. Contact Us

Privacy Policy

Table of Contents

1. Introduction

2. Information We Collect

2.1 Personal Information

2.2 Automatically Collected Information

3. How We Use Your Information

4. Data Security

5. Data Sharing and Disclosure

6. Your Rights

Consent Withdrawal Process

7. Data Retention

Specific Retention Periods:

8. Compliance with Indian Data Privacy Laws

9. Cookies and Tracking

10. Children's Privacy

11. Data Breach Notification

12. Changes to This Policy

13. Contact Us

Docran

Privacy Policy

Table of Contents

1. Introduction

2. Information We Collect

2.1 Personal Information

2.2 Automatically Collected Information

3. How We Use Your Information

4. Data Security

5. Data Sharing and Disclosure

6. Your Rights

Consent Withdrawal Process

7. Data Retention

Specific Retention Periods:

8. Compliance with Indian Data Privacy Laws

9. Cookies and Tracking

10. Children's Privacy

11. Data Breach Notification

12. Changes to This Policy

13. Contact Us