Privacy Policy

SimplisLabs Pvt Ltd. (“SimplisLabs”, “we”, “us”) operates the SimplisLabs platform. This Privacy Policy explains how we collect, use, store, and protect your data.

1. Information We Collect

2. How We Use Your Data

• Provide and improve the SimplisLabs platform
• Generate AI-powered clinical notes, prescriptions, and treatment plans (only with your explicit consent; de-identified clinical data such as age, gender, symptoms, and diagnosis is sent to third-party AI services — patient names and phone numbers are never shared)
• Transcribe consultation audio recordings into clinical notes (audio is sent to a transcription service and deleted immediately after processing)
• Verify doctor credentials with NMC and state councils
• Send appointment reminders, prescription documents, and treatment plans via WhatsApp and email at the doctor's request
• Process subscription payments
• Provide customer support
• Analyze usage patterns to improve our service (anonymized and aggregated only)

3. Data Storage & Security

• All data is stored on Google Cloud Platform servers located in Mumbai, India (asia-south1 region)
• AES-256 encryption for data at rest
• TLS 1.3 encryption for data in transit
• Google Cloud Key Management Service (KMS) for encryption keys
• Role-based access control for all internal systems
• Regular security audits and penetration testing

4. Data Sharing

5. Data Retention

• Clinical records: Retained for a minimum of 3 years per ICMR guidelines, or longer as required by applicable medical record retention laws.
• Account data: Retained while your account is active and for 90 days after account deletion.
• Audio recordings: Deleted immediately after transcription processing (typically within minutes).
• Usage analytics: Retained in anonymized form indefinitely.

6. Purpose Limitation

Data collected for a specific purpose is only used for that purpose. We do not repurpose your data without obtaining your consent first. We do not use your data for advertising, marketing, or data mining. We do not build user profiles based on collected data, and we do not attempt to identify anonymous or de-identified users.

7. Your Rights

• Access your personal data
• Correct inaccurate data
• Request data export in a portable format
• Delete your account: You can delete your account directly within the app by navigating to Settings > Delete Account. All personal data will be permanently removed within 90 days, except clinical records retained as required by law.
• Revoke AI data consent: You can revoke consent for AI data processing at any time by navigating to Settings > AI Data Consent in the app and turning it off. AI features will be immediately disabled and no further data will be sent to third-party AI services.
• Withdraw consent for any other optional data processing
• Lodge a complaint with relevant data protection authorities

To exercise these rights, you may use the in-app settings or contact privacy@simplis.in.

8. Cookies, Tracking & Advertising

Our web application uses essential cookies for authentication and session management. We use anonymized analytics (no personal data) to understand usage patterns and improve the product. We do not use advertising trackers, advertising networks, or third-party SDKs for advertising purposes. We do not sell browsing data. We do not track user activity across other apps or websites. The app does not use the App Tracking Transparency framework because no cross-app tracking occurs.

9. Children's Privacy

The Service is intended for licensed medical practitioners (18+). We do not knowingly collect data from children under 18. Patient records for minors are entered and managed by their treating physician.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact