Privacy Policy

Privacy Policy

1. Introduction

Firdah Innovations (“Firdah”, “we”, “our”, “us”) is committed to protecting the privacy and security of personal and sensitive data. This Privacy Policy explains how we collect, use, process, and protect information when you use our website, platforms, and services, including AI-powered solutions such as Vitaro.

This policy is designed to align with:

  • GDPR (General Data Protection Regulation – EU)
  • HIPAA (Health Insurance Portability and Accountability Act – USA principles)
  • India Digital Personal Data Protection Act (DPDP Act, 2023)

2. Information We Collect

We may collect the following categories of data:

🔹 Personal Information

  • Name, email address, phone number
  • Organization details
  • Contact and communication data

🔹 Healthcare / Sensitive Data (where applicable)

  • Medical records (via platforms like Vitaro)
  • Treatment details and patient journey data
  • Health-related inputs for AI-based services
⚠️ Sensitive health data is processed only with explicit consent and in compliance with applicable regulations.

🔹 Technical Data

  • IP address, browser type, device information
  • Usage behavior and analytics data

3. How We Use Your Information

We use collected data to:

  • Provide and improve our services and platforms
  • Enable AI-driven features such as recommendations and automation
  • Manage patient journeys and healthcare workflows
  • Communicate with users and provide support
  • Ensure security, compliance, and fraud prevention

4. Legal Basis for Processing (GDPR)

We process personal data based on:

  • User consent
  • Contractual necessity
  • Legal obligations
  • Legitimate business interests

For sensitive data (e.g., healthcare data), explicit consent is required.


5. Data Sharing & Disclosure

We may share data with:

  • Healthcare providers (hospitals, clinics)
  • Travel and logistics partners (for medical tourism)
  • Cloud and infrastructure providers
  • Regulatory authorities when required by law

We ensure all third parties comply with appropriate data protection standards.


6. Data Security (HIPAA-Aligned Practices)

We implement strong security measures including:

  • Encryption of data (in transit and at rest)
  • Role-based access control (RBAC)
  • Secure cloud infrastructure
  • Regular security audits and monitoring

We follow industry best practices to protect sensitive healthcare information.


7. Data Retention

We retain personal data only as long as necessary for:

  • Service delivery
  • Legal and regulatory compliance
  • Business and operational purposes

Users may request deletion of their data (subject to legal requirements).


8. Your Rights

🔹 Under GDPR & DPDP Act:

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion (“Right to be Forgotten”)
  • Withdraw consent at any time
  • Restrict or object to processing
  • Data portability (where applicable)

To exercise your rights, contact us at: contact@firdah.com


9. Cookies & Tracking Technologies

We use cookies to:

  • Improve user experience
  • Analyze website traffic
  • Personalize content

Users can manage cookie preferences via browser settings.


10. International Data Transfers

As a global platform, your data may be transferred and processed in different countries. We ensure:

  • Adequate safeguards (GDPR-compliant clauses)
  • Secure data transfer mechanisms

11. Children’s Privacy

Our services are not intended for children under 18 unless explicitly part of a healthcare service with proper consent from guardians.


12. Updates to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with the revised effective date.


13. Contact Us

For any privacy-related queries or requests:

Firdah Innovations Pvt. Ltd.

📧 Email: contact@firdah.com

🌐 Website: www.firdah.com


Effective Date: 01/04/2026