Privacy Policy
Last Updated: March 13, 2026. Compliant with HIPAA and India's DPDP Act 2023.
1. Introduction & Definitions
This Privacy Policy describes how Audentix ("we," "our," or "us") collects, uses, and discloses your information in connection with our pharmacy management SaaS platform. We are committed to protecting digital personal data in compliance with the Digital Personal Data Protection (DPDP) Act 2023 and healthcare industry standards.
2. Data Roles
**Data Fiduciary:** Audentix acts as the Data Fiduciary for user account information, subscription data, and platform usage metrics. **Data Processor:** For patient health records (PHI), prescriptions, and billing data managed by pharmacies, Audentix acts as a Data Processor, handling data strictly under the instructions of the pharmacy owner.
3. Information Collection
We collect information necessary for pharmacy operations: - **User Identity:** Pharmacy name, drug license numbers, GSTIN, and staff details. - **Patient Data:** Name, contact, medication history, and prescriptions. - **Billing & Inventory:** MRP, purchase prices, batch numbers, and tax details.
4. Consent & Legal Basis
Processing is based on explicit, informed, and unambiguous consent. By using the platform, you verify that you have obtained necessary patient consent for digital record-keeping as required by Indian healthcare regulations.
5. Security Measures
We implement enterprise-grade security: - **Encryption:** All data is encrypted at rest (AES-256) and in transit (TLS 1.3). - **Isolation:** Row-Level Security (RLS) ensures absolute multi-tenant data isolation. - **Audit Logs:** Immutable tracking of every record access and modification.
6. Purpose of Processing
Data is processed solely for: - Generating legal GST-compliant invoices. - Managing inventory with FEFO (First Expiry First Out) logic. - Submitting insurance claims and regulatory reports.
7. Retention & Rights
Data is retained as per statutory requirements for medical records in India. Users maintain the right to access, correct, or erase their data, and export it in machine-readable formats.
8. Grievance Redressal
For any privacy concerns or to exercise your rights, contact our Data Protection Officer at **contact@audentix.com**. We aim to resolve all grievances within the timelines mandated by the DPDP Act.