← Niravi Health
Privacy Policy
Last updated: 17 June 2026
This Privacy Policy explains how Niravi Health ("Niravi", "we", "us") collects, uses,
shares, protects and deletes information in connection with our clinic and hospital management software
and related websites and applications (the "Service").
1. Who we are and our role
Niravi Health provides software to healthcare providers (clinics and hospitals, our "Customers"). For
patient and clinical information that a Customer manages using the Service, the Customer is the
data controller / fiduciary and Niravi acts as a data processor on the
Customer's behalf and instructions. For information we collect directly about our website visitors and
Customer staff accounts, Niravi is the controller. We aim to handle all personal data in line with
India's Digital Personal Data Protection Act, 2023 (DPDP Act).
2. Information we collect
- Account & staff data: names, work email, phone, role and login credentials of
Customer staff who use the Service.
- Clinical & patient data (processed for Customers): patient demographics,
appointments, clinical notes, prescriptions, billing and records that a Customer enters or manages in
the Service. We process this only to provide the Service to that Customer.
- Connected-platform data (with authorisation): when a Customer chooses to connect a
third-party account — for example a Meta (Facebook/Instagram) or Google advertising account — we
access only the data that account authorises (such as advertising performance and lead-form enquiries)
to bring those enquiries and metrics into the Customer's Niravi workspace.
- Technical data: device, browser, IP address, log and usage information needed to
operate, secure and improve the Service.
3. How we use information
- To provide, maintain, secure and improve the Service.
- To process clinical and operational workflows on behalf of our Customers.
- To bring authorised advertising and lead data into a Customer's workspace at their request.
- To communicate about the Service, support and security.
- To comply with legal and regulatory obligations.
We do not sell personal data, and we do not use patient or connected-platform data for
advertising.
4. How information is shared
- With the Customer: data is shared within the Customer's own organisation per their
access controls.
- ABDM network: where a Customer uses digital health-record exchange, records are
shared on India's Ayushman Bharat Digital Mission network only with the relevant patient's consent.
- Service providers: vetted infrastructure and processing partners who act under
contract and only as needed to run the Service.
- Legal: where required by law or to protect rights, safety and security.
5. Data retention
We retain personal data for as long as needed to provide the Service to the relevant Customer and to
meet legal, accounting and medical-record obligations, after which it is deleted or anonymised.
6. Data deletion & your rights
You may request access to, correction of, or deletion of your personal data, subject to applicable
medical-record retention law.
- Patients: please contact the clinic or hospital that holds your record (the data
fiduciary). We will support that Customer in fulfilling your request.
- Staff / account holders and connected-platform data: email
privacy@niravihealth.in with the subject "Data Deletion
Request". We will verify and action it within a reasonable period.
- Meta / connected accounts: a Customer can disconnect a connected advertising account
at any time from within the Service, which stops further data collection from it; to delete data
already imported, use the deletion request above.
To request deletion of data associated with a connected platform login, email
privacy@niravihealth.in and we will remove the associated
records and revoke the connection.
7. Security
We use access controls, encryption in transit, tenant isolation and audit logging to protect data.
No system is perfectly secure, but we work continuously to safeguard the information in our care.
8. Children
The Service is used by healthcare providers and may include records of minors entered by a Customer for
legitimate clinical care. The Service is not directed to children as independent users.
9. Where data is processed
We process data on infrastructure selected to meet applicable Indian data-protection requirements.
10. Changes to this policy
We may update this policy from time to time. Material changes will be reflected by the "Last updated"
date above.
11. Contact
Questions or requests: privacy@niravihealth.in
Terms of Service →