1. Introduction
Homeopathic Assistant ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.
Beta Version: Homeopathic Assistant is currently offered as a FREE BETA VERSION. This application may transition to a paid subscription model in the future. Your data handling and privacy protections will remain consistent regardless of any future pricing changes.
2. Beta Service & Future Changes
As a beta service that may become paid in the future, please note:
- Your personal and patient data will be handled with the same care regardless of pricing model
- We may collect additional billing information if/when paid plans are introduced
- You will be notified of any changes to data collection practices related to payment processing
- Your data will not be sold or used differently based on your subscription status
3. Information We Collect
3.1 Doctor Information
- Full name and professional credentials
- Email address and phone number
- Medical registration number and state council
- Qualification details
- Profile picture (optional)
3.2 Patient Information (Collected by You)
- Patient demographics (name, age, gender, contact)
- Medical history and symptoms
- Consultation records
- Prescriptions and treatment plans
- Lab reports and test results
- Skin images uploaded for Dermo analysis
3.3 Usage Information
- Login timestamps and IP addresses
- Browser and device information
- Feature usage patterns
Data Isolation: Each doctor's patient data is completely isolated. You can only access data for patients you have created. No other user can view your patient records.
4. How We Use Your Information
| Purpose |
Data Used |
| Account Management |
Email, name, credentials |
| Service Delivery |
All platform features |
| AI Suggestions |
Consultation data (anonymized) |
| Disease Diagnosis |
Symptoms, clinical findings (local processing only) |
| Dermo Skin Analysis |
Skin images, symptoms (AI + RAG processing) |
| Security |
IP addresses, login data |
| Communication |
Email for notifications |
5. Data Security
We implement industry-standard security measures:
- Encryption: All data encrypted in transit (HTTPS/TLS) and at rest
- Password Security: Passwords are hashed using bcrypt with high cost factor
- Session Security: Secure session handling with regeneration and fingerprinting
- Access Control: Strict role-based access with doctor isolation
- Per-Account Rate Limiting: Protection against brute force attacks on individual accounts without affecting other users on the same network
- CSRF Protection: Token-based protection against cross-site attacks
6. Data Sharing
We do NOT sell or share your data with third parties except:
- When required by law or legal process
- To protect our rights or safety of users
- With service providers essential to platform operation (under strict agreements)
AI Processing: When using AI features (remedy suggestions and Dermo skin analysis), relevant consultation data or skin images are sent to Google's Gemini AI for processing. This data is not stored by Google and is used solely for generating suggestions. No patient identifying information is included in AI requests.
7. Data Retention
We retain your data:
- Account Data: As long as your account is active
- Patient Records: Until you delete them or close your account
- Activity Logs: 90 days for security purposes
- Backup Data: Up to 30 days after deletion
8. Your Rights
You have the right to:
- Access: View all data we have about you
- Correction: Update or correct your information
- Deletion: Request deletion of your account and data
- Data Portability: Request your data (contact support for export assistance)
- Restrict: Limit how we process your data
9. Cookies and Tracking
We use minimal cookies for:
- Session management (essential for login)
- Security tokens (CSRF protection)
- User preferences (theme, settings)
Google Analytics
We use Google Analytics 4 (GA4) to understand how visitors interact with our public website (such as pages visited, time on page, device type, approximate geographic region, and referral source). This helps us improve the platform and content.
- What is collected: Anonymous usage data such as page views, clicks, session duration, browser/device information, and IP-derived approximate location. IP addresses are anonymized by Google before storage.
- What is NOT collected: We do not send any patient data, consultation details, prescriptions, or personally identifiable information (PII) to Google Analytics. Analytics is only loaded on public marketing pages and never within the clinical/patient management areas of the platform.
- Cookies used: Google Analytics sets cookies (such as
_ga, _ga_*) to distinguish unique users. These are first-party cookies under our domain.
- Data sharing with Google: Data is processed by Google LLC under their Privacy Policy and how Google uses information from sites that use their services.
- Opt-out: You can opt out of Google Analytics by installing the official Google Analytics Opt-out Browser Add-on, or by enabling "Do Not Track" / blocking analytics cookies in your browser.
By continuing to use this website, you acknowledge our use of Google Analytics as described above.
10. Children's Privacy
Our platform is intended for adult medical professionals only. We do not knowingly collect data from individuals under 18 years of age.
11. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes via email or platform notification. Continued use after changes constitutes acceptance of the updated policy.
12. Contact Us
For privacy-related inquiries:
13. Compliance
We strive to comply with applicable data protection laws including:
- Information Technology Act, 2000 (India)
- Personal Data Protection principles
- Healthcare data handling best practices