Skip to content
+971509379212

Privacy Policy

Last updated: 10 May 2026

1. Who we are

AyurConnect (“we”, “our”, “the platform”) operates ayurconnect.com — a directory of verified Ayurvedic doctors, AYUSH-certified hospitals, classical herb information, and AI-assisted health tools. This policy explains what personal information we collect, why, and your rights as a user.

The platform is operated from Kerala, India and complies with the Digital Personal Data Protection Act, 2023 (DPDP). Where applicable to international users, we honor GDPR principles.

2. What we collect

2.1 Account information

When you register: name, email address, optional phone, role (patient / doctor / hospital), prakriti (Ayurvedic body type — only if you choose to enter it). Authentication uses Better Auth; passwords are hashed and never stored in plain text.

2.2 Doctor & hospital profile data

If you sign up as a doctor or hospital, the public profile fields (name, qualification, district, photo, services) are visible to anyone visiting your profile page. Your TCMC/AYUSH registration number is used only for admin verification and is not displayed publicly unless you place it in the bio.

2.3 Health data

Reviews, forum posts, journal entries, AyurBot conversations, symptom triage queries, appointments, and any prescription you upload constitute health-related data. We treat this with the higher protection requirements of DPDP-classified sensitive data.

2.4 Technical & analytics data

If you accept non-essential cookies, we collect: pages viewed, search terms, AyurBot/triage usage events, doctor-profile views, IP-derived city, browser/device. This is aggregated for product analytics only; we do not sell or share any individual-level analytics data.

2.5 What we don't collect

  • Card numbers — payments are processed by Razorpay; we only see transaction IDs and status.
  • Voice / video recordings — Daily.co video consultations are not recorded by AyurConnect.
  • Precise location — only the district/city you provide on your profile.

3. How we use your data

  • Provide the service: show doctors near you, deliver appointment notifications, run AyurBot replies.
  • Verification: cross-check doctor TCMC numbers and hospital AYUSH certifications before a profile goes live.
  • Communication: send appointment confirmations and reminders via email (Resend), WhatsApp/SMS (Twilio).
  • AI features: search queries, symptom descriptions, journal entries, and forum content may be sent to Google Gemini, Groq, or Anthropic — whichever provider is active — to generate responses. Providers are configured to not retain content for training.
  • Improve the platform: aggregated, anonymized analytics on which features are used.
  • Legal compliance: respond to lawful requests under DPDP / Indian law.

4. Sharing

  • Doctors you book with see your name, contact, chief complaint, and any health journal entries you choose to share — not your full account history.
  • Service providers we rely on: Razorpay (payments), Resend (email), Twilio (SMS / WhatsApp), Daily.co (video), MinIO/S3 (file storage), Cloudflare (CDN), Meilisearch (search), our database host. Each is bound by their own privacy commitments.
  • AI providers: Google AI (Gemini), Groq, Anthropic — when you use AyurBot, semantic search, AI summaries, or triage. We do not send your name or email to these providers, only the relevant content.
  • Aggregated, non-identifying statistics may be shared publicly (e.g. “500 doctors verified across 14 districts”).
  • We do not sell personal data. We do not share data with insurers or employers.

5. Cookies

Two categories:

  • Essential — login session token, language preference, cookie consent record. These cannot be disabled if you want to use the site.
  • Analytics (optional) — page views and feature usage. Off by default; only enabled if you click “Accept all” on the cookie banner.

You can revoke consent at any time by clearing the ayur_cookie_consent_v1 entry in your browser's local storage. The banner will reappear and you can choose “Essential only”.

6. Retention

  • Account & profile data: kept until you delete your account.
  • Health journal entries: retained until you delete them individually or close your account.
  • AyurBot conversation logs: not stored on our server (each request is independent and stateless).
  • Analytics events: aggregated indefinitely; raw events purged after 13 months.
  • Audit logs for verification actions: 3 years (regulatory).

7. Your rights (DPDP / GDPR)

You can:

  • Access a copy of your personal data — email [email protected].
  • Correct inaccuracies via your dashboard or by emailing us.
  • Delete your account and all associated journal entries, reviews, posts. Contact us; we'll process within 30 days.
  • Withdraw consent for analytics cookies at any time.
  • Lodge a complaint with the Data Protection Board of India.

8. Medical disclaimer

AyurConnect helps you find practitioners and surfaces classical Ayurvedic information. Nothing on the platform — including AyurBot replies, AI symptom triage, herb information, or forum content — is medical advice. Always consult a qualified Vaidya before starting any treatment, and seek allopathic emergency care for any acute condition.

9. Changes

We may update this policy. Material changes will be announced on the home page for at least 14 days before they take effect. The “Last updated” date at the top reflects the most recent revision.

10. Contact

Privacy questions or rights requests: [email protected]

General support: [email protected]

Privacy Policy | AyurConnect