Arogya is a personal personal health records management application available at ayur-arogya.com. It is operated by Kiran G R as a personal technology project. For all privacy matters, contact: support@ayur-arogya.com.
Under India's Digital Personal Data Protection Act 2023 (DPDP Act), Arogya is the Data Fiduciary — the party that decides what personal data is collected and why. You (the account holder) are the Data Principal.
When you upload a health document, we send it to Anthropic's AI API for processing. The AI extracts:
This extracted data is stored on our servers and displayed on your health dashboard.
Under the DPDP Act 2023 and IT Act 2000 SPDI Rules 2011, we process your health data on the basis of your explicit consent given during onboarding. All health data is Sensitive Personal Data or Information (SPDI) under the SPDI Rules and receives the highest protection available under Indian law.
By creating a workspace and ticking the consent box, you confirm you have the authority to upload health records for yourself and the family members you add, and that you consent to Arogya processing this data for the purposes described in this policy.
| Purpose | Data used |
|---|---|
| Display your health records on the dashboard | Extracted metrics, findings, profiles |
| Answer health questions via Ask Arogya chat | Extracted metrics and findings for the queried member |
| Generate vaccination schedules and health alerts | Date of birth, vaccination history, flagged metrics |
| Send Telegram reminders | Reminder text, Telegram chat ID |
| Attribute uploaded documents to the right family member | Patient name on document, age, sex, family member profiles |
| Maintain your session and keep you logged in | Google account email, session token |
| Detect and fix processing errors | Server logs (no health values) |
We do not use your health data for advertising, profiling for commercial purposes, research, or any purpose not listed above.
We share data only with the following processors, solely to provide the service:
| Processor | Role | What they receive | Their privacy terms |
|---|---|---|---|
| Anthropic, PBC | AI document extraction | The document you upload (image or PDF bytes) is sent to Anthropic's API for text and data extraction. No extracted data is sent back to Anthropic beyond the API response. | anthropic.com/privacy |
| Google LLC | Authentication (OAuth) and file storage (Drive) | Your Google identity is used to sign in. Uploaded documents are stored in a dedicated "Arogya Health" folder in your own Google Drive — Arogya can only access files it created (drive.file scope). | policies.google.com/privacy |
| Fly.io, Inc. | Server hosting | Our application server and database run on Fly.io infrastructure in the Mumbai (bom) region. Fly.io does not access your health data. | fly.io/legal/privacy-policy |
We do not sell, rent, or disclose your data to any other third party. We do not use data brokers or advertising networks.
Note on backup: Automated database backups are not yet in place (we are working on this). Your original documents are safe in Google Drive. Extracted data may be lost in a server hardware failure. We will update this notice when automated backup is implemented.
| Data type | Retention period |
|---|---|
| Health records and extracted data for an active member | Retained while your account is active |
| Data for a deleted family member | Deleted within 30 days of member deletion |
| All data on account closure | Deleted within 30 days of account closure request |
| Server access logs | 30 days, then automatically purged |
| Audit events (no health data) | 12 months |
Arogya allows you to add family members who are under 18 years of age (minors). When you add a minor, you are required to confirm that you are their parent or lawful guardian and that you consent to Arogya processing their health records on their behalf.
We do not knowingly allow minors to create their own Arogya accounts. We do not track minors' behaviour, serve them advertising, or use their data for any purpose beyond organising their health records. When a minor in the system turns 18, we will prompt the account admin to invite them to manage their own records.
This is consistent with the DPDP Act 2023 Section 9, which requires verifiable parental consent for the processing of personal data of children and prohibits behavioural monitoring of minors.
Under the DPDP Act 2023 and SPDI Rules 2011, you have the following rights:
| Right | How to exercise it |
|---|---|
| Access — view the data we hold about you | Your dashboard shows all extracted health data. Email support@ for a full data export. |
| Correction — fix inaccurate data | Edit member profiles via the web dashboard. For extracted metric corrections, contact support@. |
| Erasure — delete your data | Delete individual members from the dashboard (data erased within 30 days). To close your account and delete all data, email support@. |
| Withdrawal of consent — stop processing | Email support@. We will close your account and delete all data within 30 days. |
| Grievance — complain about how we handle your data | Contact our Grievance Officer (details below). We will respond within 30 days. |
As required under the IT Act 2000 SPDI Rules 2011 (Rule 5(9)) and the DPDP Act 2023 (Section 13), we have designated a Grievance Officer to receive and resolve complaints about our data practices.
Arogya uses Anthropic's Claude AI to extract structured data from uploaded health documents. This means the content of your uploaded document is sent to Anthropic's servers for processing.
Anthropic's API Terms of Service state that data submitted via the API is not used to train their models by default. We have reviewed Anthropic's data processing terms and rely on them as our Data Processor. You can review Anthropic's privacy policy at anthropic.com/privacy.
Note: Document processing by Anthropic occurs on servers outside India. We have assessed this as consistent with the DPDP Act's cross-border transfer provisions for processor relationships. We will update our practices if the Government of India issues specific localisation requirements for health data under the DPDP Rules.
Arogya uses a single authentication cookie (arogya_web) to keep you signed in.
This cookie is HttpOnly, Secure, and expires after 30 days. We do not use advertising cookies,
analytics tracking, or third-party tracking scripts of any kind.
We will update this policy when our data practices change in a material way. We will notify you of significant changes by showing a notice in the app and, where possible, via email. The version number and effective date at the top of this page will be updated with each change. Continued use of Arogya after a policy update constitutes acceptance of the updated terms.
This policy is governed by the laws of India, including the Information Technology Act 2000, the IT (Reasonable Security Practices and Procedures and SPDI) Rules 2011, and the Digital Personal Data Protection Act 2023.