Privacy Policy

This Privacy Policy describes how Vaidya GPT("the Service") handles personal and health-related information. The Service is built and operated by UrbanMove Services Private Limited.

UrbanMove Services Private Limited is the operator of Vaidya GPT for purposes described in this policy.

• Account information (name, email, password hash, role, plan)
• Uploaded medical documents (PDF, images, DOCX)
• Extracted text from documents (OCR and parsing)
• AI-generated summaries, findings, and recommendations
• Family member profiles, vitals, medications, appointments, conditions
• Reminders, symptom journal entries, and preferences
• Usage and billing plan data (including Razorpay payment records)
• Audit and security logs (login, uploads, sharing, admin actions)

• Authentication, account management, and email verification
• Report upload, text extraction, and AI summarization
• Family health organization, reminders, and insights
• Enforcing plan limits (uploads, AI summaries, family members)
• Security monitoring, abuse prevention, and admin support

Medical reports and health records are sensitive. You should only upload information you are authorized to store and process. The Service is not intended for emergency use.

In local or development deployments, files may be stored on the machine running the application. Production deployments should use encrypted storage, access controls, backups, and reviewed hosting practices.

• Doctor share links: time-limited links you create to share specific reports
• Caregiver sharing: invites you send to trusted caregivers
• Emergency card: optional public link with limited health information you control
• Admin access: authorized administrators may access data for support and operations as configured

We use industry-appropriate measures such as password hashing, JWT authentication, server-side validation, and audit logging. No system is perfectly secure; you are responsible for protecting your account credentials.

Data is retained while your account is active and as needed for the Service. Account deletion and data erasure workflows may be expanded in future releases. Contact us to request deletion assistance (placeholder process).

You can update profile settings, manage family members, revoke share links, and adjust caregiver access from within the app where available.

Family health features may include data about minors added by a parent or legal guardian. You represent that you have appropriate authority to add and manage such information.

Privacy questions: support@vaidya-gpt.com

Vaidya GPT is not certified as compliant with HIPAA, GDPR, DPDP, or similar healthcare privacy frameworks by default. Production deployment requires compliance review.