top of page

Privacy Policy

Effective Date: April 11, 2025
Last Updated: Feb 2, 2026

Welcome to Ascguard Health LLP ("we", "us", or "our"). For the purposes of this document, “Ascguard” refers to Ascguard Health LLP, the legal entity that operates the service. Ascguard provides secure online storage and organization for your and your family’s medical data and provides AI-powered healthcare insights and a higher quality of interaction with your healthcare providers (the "Service"). We are committed to protecting your privacy and ensuring the security of your personal health information. This Privacy Policy explains how Ascguard collects, uses, stores, discloses, and protects personal data in accordance with the Digital Personal Data Protection Act, 2023 (India) and applicable healthcare data protection standards.

 

1. Introduction

Ascguard Health LLP is committed to protecting the privacy and security of personal and health-related information of its users, including patients, healthcare professionals, and partners.

This Privacy Policy explains:

  • What data we collect

  • Why we collect it

  • How it is used and protected

  • Your rights as a data principal

 

2. Scope of This Policy

This policy applies to:

  • All users of Ascguard applications and platforms

  • Patients and healthcare providers

  • Visitors to our website

  • All digital products and services offered by Ascguard

 

3. Definitions

  • Data Principal        

Individual whose personal data is processed

  • Data Fiduciary

Ascguard Health LLP

  • Personal Data

Any data that identifies an individual

  • Sensitive Personal Data

Health, medical, biometric, or financial data

  • Processing

Collection, storage, use, sharing, or deletion of data

 

4. Personal Data We Collect

4.1 Information You Provide

  • Name

  • Phone number

  • Email address

  • Age and gender

  • Medical history and reports

  • Appointment and consultation details

4.2 Information Collected Automatically

  • Device information

  • IP address

  • Usage logs

  • Session information

4.3 Information from Third Parties

  • AI & Automated Processing Providers

Ascguard may use third-party artificial intelligence service providers to process data for purposes such as clinical summarization, documentation assistance, and system intelligence.

These providers process data only on Ascguard’s instructions, do not retain personal data for training, and are contractually bound to maintain confidentiality and security.

  • Authorized service providers

5. Purpose of Data Collection

We collect and process personal data for the following purposes:

  • Provide personalized health insights through our AI engine
     

  • Assist healthcare providers in delivering enhanced care
     

  • Improve quality of clinical interactions and decision-making
     

  • Communicate updates, notifications, and support messages
     

  • Comply with legal and regulatory obligations
     

We do not use personal data for purposes unrelated to healthcare without explicit consent.

 

6. Legal Basis for Processing

Personal data is processed based on:

  • Explicit user consent

  • Performance of healthcare services

We process your data as necessary to provide the services described in our Terms & Conditions, including delivering personalized AI-based insights, maintaining your health records, and facilitating communication with healthcare providers.

  • Legal and regulatory obligations

We may process your data to comply with legal, regulatory, or court-mandated obligations.

  • Protection of vital interests

We may process your data to improve our services, ensure platform security, and conduct research using de-identified data, provided that such interests do not override your rights and freedoms.

 

7. Consent

  • Consent is obtained explicitly before collecting personal data

  • Consent is purpose-specific and revocable

  • Users may withdraw consent at any time

  • Withdrawal of consent may affect service availability

 

8. Data Storage and Retention

  • User Account Data

       Until account deletion

  • Medical Records

       As per legal requirements

  • Logs

       90–180 days

  • Backups

       Encrypted and time-bound

Data is securely deleted or anonymized once retention requirements are met.

9. Data Security Measures

We implement industry-standard security measures including:

  • Encryption at rest and in transit

  • Role-based access control

  • Secure authentication

  • Regular audits, vulnerability assessments, and breach protocols

Only authorized personnel can access sensitive data.

 

 

10. Mobile App Permissions

Our mobile application may request access to certain features or data on your device in order to provide full functionality. We only request permissions that are necessary for delivering our healthcare services and AI-based insights.

a. Camera Access

We may request access to your device's camera for features such as:

  • Capturing images of prescriptions, lab results, or health reports
     

  • Enabling video consultations with healthcare providers
     

  • Uploading medical documents or scans for analysis
     

Camera access is optional and only used with your explicit consent within the app.

b. Microphone Access

We may request microphone access to:

  • Facilitate voice-based interaction or dictation (e.g., notes, symptom reporting)
     

  • Enable voice communication during telehealth sessions or video calls
     

Microphone access is only active during those specific interactions and is never used to record or listen without your knowledge or permission.

c. Storage Access

We may request permission to:

  • Upload or download health documents, reports, and analysis
     

  • Temporarily store AI-generated insights and care summaries
     

  • Access health data files you choose to upload to the platform

d. Notifications

We may request permission to:

  • Send notifications for medicine reminders.
     

  • Reconfigure reminders after phone reboot.

All permissions are requested at runtime and only activated with your approval. You can revoke access at any time via your device settings.

11. Data Sharing and Disclosure

We may share data only with:

  • Authorized healthcare providers after User consent

  • Cloud and infrastructure partners

  • Legal or regulatory authorities (if required)

All third parties are contractually bound to protect data confidentiality.

 

11.1 Authentication Service

We use a third-party authentication provider (Auth0) to securely manage user authentication and access control.

Auth0 processes limited identity information such as name, email address, and login credentials solely for authentication purposes.

No health or medical data is shared with the authentication provider.

Auth0 acts as a data processor and processes data in accordance with applicable data protection laws.

 

11.2 Use of Artificial Intelligence (AI) and LLM Services

Ascguard may use third‑party Artificial Intelligence (AI) services, including Large Language Models (LLMs), to support features such as:

  • Clinical documentation assistance

  • Medical data summarization

  • Workflow automation

  • User support and query handling

​All insights are informational only, no diagnosis or treatment information is provided.

When AI services are used:

  • Personal data is shared only when necessary for the requested functionality, for example, when processing a document containing Patient name. All other data is anonymized before sending to LLM.

  • Data is processed solely on Ascguard’s instructions

  • Data is not used for training AI models

  • Data is not retained beyond processing

  • Appropriate contractual, technical, and organizational safeguards are in place

AI service providers act strictly as data processors and are bound by confidentiality and data protection obligations.

12. Cross-Border Data Transfers

Some of our service providers, including authentication service providers, may process data outside India.

If personal data is transferred outside India:

  • Adequate security safeguards are ensured

  • Transfers comply with DPDP Act requirements

  • Users are informed via this policy

 

13. User Rights

You have the right to:

  • Access your personal data

  • Correct inaccurate information

  • Request deletion of data

  • Withdraw consent

  • File a grievance

User can contact us to request account deletion.

Requests will be addressed within 7 working days.

 

14. Grievance Redressal

If you have concerns regarding your data, contact:

Grievance Officer
Ascguard Health LLP
Email: contact@ascguard.ai
Response Time: Within 7 working days

 

15. Data Breach Management

In the event of a data breach:

  • The incident will be investigated immediately

  • Affected users will be notified

  • Authorities will be informed as required

  • Corrective measures will be implemented

 

16. Children’s Data

  • Services are not intended for children without parental consent

  • Data of minors is processed only with verified guardian consent

  • No behavioral tracking or targeted advertising is performed

 

17. Policy Updates

This Privacy Policy may be updated periodically.

Users will be notified of material changes through the platform or email.

 

18. Contact Information

For any questions regarding this Privacy Policy:

Ascguard Health LLP
Email: contact@ascguard.ai

 

By using Ascguard services, you agree to the terms of this Privacy Policy.

 

bottom of page