We only onboard 15 clinics per month. 4 slots remaining.
Log into Clinic
Legal & Compliance

Privacy Policy

Last Updated: March 2026

Our Core Promise: 100% Data Ownership

VEDA ERP operates strictly as a Data Processor. The Clinic (Data Controller) retains 100% ownership of all patient records, financial data, and medical histories. We do not sell, rent, or mine patient data for cross-selling, advertising, or aggregator services. Your patients remain your patients.

1. Introduction

Welcome to VEDA ERP ("we", "our", "us"). We provide cloud-based Hospital Management Software specifically engineered for Ayurvedic and Wellness clinics. We are deeply committed to protecting the privacy and security of our clients (the Clinics) and their End-Users (the Patients).

2. Information We Collect

We collect information in two primary categories:

  • Clinic Data: Information required to manage your SaaS subscription, including clinic name, owner details, contact emails, billing details, and GST identifiers.
  • Patient Data (Processed on your behalf): Information entered into the system by your clinic staff or directly by patients via the AI Prakriti assessment. This includes names, phone numbers, Vata-Pitta-Kapha ratios, medical history, digital prescriptions, and billing records.

3. How We Use the Information

VEDA ERP uses the collected data solely to provide, maintain, and improve our Ayurvedic hospital management system. We use this data to facilitate your clinic's operations, such as processing digital EMRs, managing pharmacy POS inventory, tracking God Mode audit logs, and enabling your telecallers to follow up with patients.

4. Third-Party Integrations

To provide our seamless automated services, VEDA ERP integrates with highly secure, industry-standard third-party providers. Data is only shared to the extent necessary to perform the requested function:

  • WhatsApp / Meta API: Used strictly for sending automated appointment reminders, diet charts, and digital prescriptions to your patients.
  • Twilio: Used to power our embedded cloud dialer and log call history within your CRM.
  • Cloud Hosting Providers: Our databases are hosted on highly secure, ISO 27001-certified servers to ensure maximum uptime and data protection.

5. Security & Medical Compliance

We implement bank-grade 256-bit encryption for all data at rest and in transit. Our architecture is designed with the Ayushman Bharat Digital Mission (ABDM) and HIPAA data standards in mind. Furthermore, our proprietary "God Mode" audit trail permanently logs all data access, modifications, and deletions (including the user ID and IP address) to protect your clinic against internal data breaches and theft.

6. Data Retention & Deletion

As long as your subscription is active, your data is securely retained. If you choose to cancel your subscription, you are provided a 30-day window to utilize our 1-Click CSV Export tool to download your entire database. After 30 days, your data is permanently and securely scrubbed from our active servers.

7. Contact Us

If you have any questions regarding this Privacy Policy or how we handle your clinic's data, please contact our Data Protection team at: privacy@vedaerp.com.