Your data is yours.

Rudhiraksh is a clinical operating system used by hospitals, blood banks, and NGO networks. When you use Rudhiraksh, your organization controls your records (it is the data fiduciary). We process those records on its behalf as a data processor.

We never sell personal data. We never use clinical data for advertising. We never train external AI models on patient records.

Account data. Name, role, work email, and (where required) ABHA-linked identity for clinical roles.

Clinical data your organization records in Rudhiraksh. Includes patient identifiers, transfusion logs, lab results, ferritin and chelation tracking, growth measurements, and uploaded documents and images.

Operational data. Audit logs, login events, IP addresses, and device metadata required for security and compliance.

Site analytics. Aggregated, non-identifying analytics on rudhiraksh.in to understand how the marketing site is used.

To provide the service. Render the application, fetch and store records, deliver notifications.

To keep the service safe. Detect abuse, investigate incidents, support audit obligations.

To support clinical care. Surface trajectories, reminders, and reports requested by your organization.

We do not use clinical data for any purpose outside the scope your organization has configured.

Subprocessors. Vetted infrastructure and tooling providers (cloud hosting, email delivery, error tracking) operating under data processing agreements. The current list is published and updated.

Your organization. All clinical data is visible to authorized roles within your tenant, scoped by RBAC.

Authorities. Only when legally compelled, and only the minimum required. We notify your organization unless prohibited by law.

We do not sell data and we do not share it for marketing.

Clinical records are retained for as long as your organization keeps its tenant active, plus the medico-legal retention period required by Indian law.

Audit logs are retained for a minimum of seven years.

Marketing site analytics are retained for thirteen months.

On tenant offboarding, your records are exported on request and then irreversibly deleted within ninety days.

Access. You can ask your organization for a copy of the records we hold about you. As a processor, we will support that request through your organization.

Correction. You can request correction of inaccurate data through your organization or by writing to us if your organization is unreachable.

Deletion. You can request deletion of personal data, subject to medico-legal retention obligations.

Withdraw consent. Where processing is based on consent, you can withdraw it at any time.

Grievance. If something is not right, write to our grievance officer (details below).

We treat security as a product surface, not a checklist. Tenant isolation, encryption in transit and at rest, signed URLs, audit logging, and least-privilege production access are applied to every tenant by default.

Read the long version on our security page.

Rudhiraksh is used in pediatric thalassemia care. Records of minors are processed only on behalf of and under the authority of the treating organization. Direct accounts for minors are not provisioned.

All production patient data is stored within India. Limited operational metadata may be processed by subprocessors outside India under contractual safeguards. The current list of regions is published with our subprocessor list.

If we make material changes, we will notify your organization and update the date at the top of this page. We keep an archive of previous versions and can share them on request.

Privacy and grievance officer: privacy@rudhiraksh.in

Security reports: security@rudhiraksh.in

General contact: hello@rudhiraksh.in