Privacy Policy
AV TeleMed
Last updated: June 3, 2026
1. Introduction
AV TeleMed ("we", "our", or "us") operates the Heppa mobile application ("App") available on Android and iOS. This Privacy Policy explains how we collect, use, store, share, and protect information when you use our App, and your rights regarding that information.
By registering or using the App, you agree to the practices described in this policy. If you do not agree, please do not use the App.
2. Who This App Is For
The App is designed exclusively for licensed medical professionals (doctors) to manage patient records, appointments, clinical tests, prescriptions, and reports. It is not intended for use by or directly accessible to patients.
3. Information We Collect
3.1 Doctor / User Account Information
When you register as a doctor, we collect:
- Full name, email address, and password
- Professional designation and educational qualification
- Medical council registration number
- Specialisation, years of experience
- Hospital / clinic address, state, and city
- Languages known
- Professional bio / description
3.2 Patient Records (Entered by You)
As a healthcare provider using the App, you enter patient information on behalf of your patients. This includes:
- Name, phone number, email address, date of birth
- Gender, marital status
- Height, weight, blood pressure, blood sugar (fasting/random), HbA1c, temperature, pulse rate
- Residential address (street, area, pincode, state, city)
- Emergency contact name and phone number
- Spouse name
- Medical history notes
- Diabetes type and related flags
3.3 Clinical Test & Medical Data
- CFF (Critical Flicker Frequency) test results and reports
- ECG and BP history records
- Prescriptions (medicines, dosage, instructions)
- Clinical reports and attachments
3.4 Appointment Data
- Appointment bookings, dates, times, status
- Doctor availability slots
3.5 Payment Information
- Subscription plan selections
- Payment orders and transaction verification details (processed via a third-party payment gateway)
- We do not store full card numbers or banking credentials on our servers
3.6 Technical / Device Data
- Authentication tokens stored locally on your device
- Basic usage and error logs for App stability
4. How We Use Your Information
| Purpose | Data Used |
|---|---|
| Account creation and authentication | Doctor account details |
| Patient management and clinical records | Patient and medical data |
| Generating clinical reports and PDFs | CFF, ECG, BP, vitals, history data |
| Appointment scheduling and management | Booking data, availability |
| Processing subscription payments | Plan and payment data |
| App performance monitoring and bug fixes | Technical/device data |
| Regulatory compliance | All relevant data |
We do not use your data or your patients' data for advertising, marketing profiling, or sale to third parties.
5. Sensitive Personal Data
Patient health records, vitals, diagnoses, prescriptions, and test results constitute Sensitive Personal Data or Information (SPDI) under applicable Indian law. We handle this data with heightened security measures, including:
- Encrypted transmission (HTTPS/TLS)
- Access restricted to authenticated and authorised users
- No sharing with third parties except as required for payment processing or legal compliance
6. Data Sharing
We do not sell or rent your data. We may share data only in the following limited circumstances:
- Payment Gateway: Transaction data is shared with our payment processor (e.g., Razorpay) solely to complete subscription payments. Their use of your data is governed by their own privacy policy.
- Legal Obligations: If required by law, court order, or government authority.
- Business Transfer: In the event of a merger, acquisition, or sale of assets, data may be transferred to the successor entity, subject to the same privacy commitments.
7. Data Retention
- Doctor account data is retained for the duration of your active account and for a minimum of 3 years after account closure, as may be required by applicable health records regulations.
- Patient medical data is retained for a minimum of 7 years from the date of last record entry, in accordance with Indian medical records standards.
- You may request deletion of your account; however, certain data may be retained as required by law.
8. Data Security
We implement reasonable security practices including:
- HTTPS encryption for all data in transit
- Hashed and salted storage of passwords (never stored in plain text)
- Token-based authentication with local secure storage
- Role-based access controls on the backend
No method of transmission or storage is 100% secure. In the event of a data breach that affects your rights, we will notify affected users as required by applicable law.
9. Your Rights
Under the Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable Indian law, you have the right to:
- Access the personal data we hold about you
- Correction of inaccurate or incomplete data
- Erasure of your data (subject to legal retention requirements)
- Grievance redressal through our designated contact
To exercise any of these rights, contact us at the email below. We will respond within 30 days.
10. Children's Data
The App is not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors. Patient records for minor patients may be entered by doctors under the professional responsibility of the treating physician.
11. Third-Party Services
The App may display Terms & Conditions and other legal pages hosted at avtelemed.com. Those pages are subject to the security practices of that website.
12. Changes to This Policy
We may update this Privacy Policy from time to time. The updated version will be reflected in the "Last updated" date at the top of this page. Continued use of the App after changes constitutes acceptance of the revised policy.
14. Contact Us
For privacy-related queries, data requests, or grievances:
AV TeleMed
Website: avtelemed.com
Email: info@avtelemed.com
Effective Date: June 3, 2026