Privacy Policy

Last Updated: April 2026

Data Residency

All clinical data is stored in secure, encrypted environments with strict residency controls.

Encryption

Data is encrypted using AES-256 at rest and TLS 1.3 during transmission.

Ownership

You retain full ownership of your clinical records and patient data at all times.

1. Introduction

This Privacy Policy applies to the access and use of the MedySoar web-based platforms (the “Platforms”) and the healthcare services provided therein (“Services”). These Platforms are managed and operated by DataSoar Technologies (hereinafter referred to as “MedySoar”, “the Company”, “we”, or “us”).

This policy outlines our commitment to protecting the personal data of medical professionals (“Pathologists/Doctors”), hospital administrators (“Hospitals”), and the patients whose records are managed via our systems (collectively referred to as “Users”).

Compliance & Consent

MedySoar operates in strict compliance with the Information Technology Act, 2000, the SPI Rules (2011), and the Digital Personal Data Protection (DPDP) Act. By utilizing our Services, you provide express consent to the collection and processing of information as described. If you do not agree with these terms, please discontinue use of the Platforms immediately.

2. Information We Collect

  • A. Demographic Data (Name, Gender, Age, Professional Credentials).
  • B. Clinical Records (Lab results, medical history, and prescriptions).
  • C. Financial Info (Payment instrument details for subscription processing).
  • D. Technical Metadata (IP addresses, browser types, and usage history).

3. Use of Information

MedySoar processes collected data solely for the following purposes:

To facilitate the generation of digital clinical reports.
To enable automated billing and revenue tracking for labs.
To verify professional credentials and prevent healthcare fraud.
To ensure compliance with statutory medical record-keeping requirements.
To provide the 'Verify Report' functionality through secure QR hashing.

4. Data Security

We adopt a "Security-by-Design" approach. We utilize Row Level Security (RLS) to ensure that a lab's data is never accessible to another user. While we implement bank-level encryption, users acknowledge that no transmission over the internet is 100% secure. MedySoar assumes no liability for unauthorized access resulting from user negligence or third-party breaches beyond our reasonable control.

5. User Rights & Data Portability

Users have the right to access, correct, or request the deletion of their personal information. However, clinical data (Reports) may be retained as "shared resources" between the Pathologist and the Patient to comply with medical litigation and history requirements. Withdrawal of consent may result in the immediate termination of access to our SaaS features.

Questions or Grievances?

If you have concerns regarding your data privacy, please contact our designated Grievance Officer.

Grievance Officer

MedySoar Privacy Desk

Email: privacy@datasoartechnologies.com