Legal
Privacy Policy
Last updated: 14 June 2026
HeDesk is a clinic-management platform used by doctors, receptionists, and clinic owners across India. We take privacy seriously — this page explains, in plain English, what we collect, why we collect it, how long we keep it, and your rights.
1. Who we are
HeDesk is operated by hemba., with its registered office at sabantongba awang leikai,thoubal Manipur -795138. For any privacy-related question or request, write to privacy@hedesk.help.
2. What we collect
HeDesk handles two distinct categories of data:
- Account data (about you — the clinic staff): name, email, phone, role, password hash, login timestamps, IP address, browser/device fingerprint.
- Clinic data (about your patients — entered by you): patient name, age, gender, phone, optional Aadhar (encrypted-in-transit), address, blood group, appointments, prescriptions, invoices, and uploaded files (e.g. lab reports).
We are a data processor for clinic data, and your clinic is the data controller. We only access clinic data to operate, secure, and improve the service.
3. Why we collect it
- To run your clinic dashboard — appointments, prescriptions, billing, reports.
- To send transactional emails (password resets, invoice receipts) via Resend.
- To process payments through Razorpay and Stripe (we never store full card numbers).
- To detect abuse, prevent fraud, and protect your account (audit logs, rate limits).
- To improve HeDesk through aggregate, anonymised usage metrics.
4. Who we share it with
We only share data with third parties strictly necessary to run the service:
- Razorpay & Stripe — payment processing (PCI-compliant).
- Resend — transactional email delivery.
- MongoDB Atlas — primary database hosting (servers in India where available).
- Cloudflare — DNS, CDN, and DDoS protection.
- Government & legal authorities — only when compelled by a valid legal order under Indian law.
We never sell your clinic data, your patient data, or your staff data to anyone. Ever.
5. Where data is stored
Clinic and patient data is stored in MongoDB Atlas clusters located in Asia (Mumbai / Singapore). Backups are retained for 14 days and then permanently destroyed.
6. How long we keep it
- Active accounts: as long as your subscription is active.
- Cancelled accounts: 90 days, after which all clinic and patient data is permanently deleted. You can request immediate deletion at any time.
- Audit logs: 180 days, then permanently deleted.
- Billing records: 8 years, as required by Indian tax law.
7. Your rights
You can, at any time:
- Access all the data we hold about you.
- Correct inaccurate data via the Settings page.
- Export your full data archive in JSON + CSV (Settings → Export).
- Delete your account & all associated data within 24 hours of a verified request.
- Opt out of all non-essential email communication.
To exercise any right, email privacy@hedesk.help from the email address on your account.
8. Security
- All traffic is encrypted via TLS 1.2+ (HTTPS).
- Passwords are hashed with bcrypt; we never see or store the plain-text password.
- Role-based access controls separate doctor / receptionist / admin permissions.
- Every public-API call is rate-limited and audit-logged.
- Razorpay signatures are HMAC-verified server-side before a booking is created.
9. Children
Patient data may include children entered by their parent or guardian via the clinic. HeDesk staff accounts must be 18+. We do not knowingly create staff accounts for minors.
10. Cookies
HeDesk uses essential cookies for authentication and session security. We do not use third-party advertising or behavioural tracking cookies. Analytics, when enabled, is aggregate and anonymised.
11. Changes to this policy
If we materially change this policy we will email the primary contact on every active clinic account at least 14 days before the change takes effect.