GoMeds AI - Intelligent Healthcare Infrastructure

Privacy Policy

Last updated: 15 March 2026

This Privacy Policy describes how GoMeds AI, a product platform of APPIT Software Solutions Pvt. Ltd. ("APPIT Software," "we," "us," or "our"), collects, uses, discloses, and protects your information when you visit our website at gomeds.com ("Website") or use our software products, mobile applications, and related services (collectively, the "Services").

We are committed to protecting your privacy and handling your data responsibly. By using our Services, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Information You Provide

We collect information you voluntarily provide when you:

  • Register for an account or subscribe to our Services
  • Fill out contact forms, demo request forms, or inquiry forms
  • Communicate with our sales, support, or customer success teams
  • Provide business information during implementation and onboarding
  • Submit feedback, reviews, or participate in surveys

This information may include:

  • Full name, email address, phone number
  • Business name, type, and address
  • Drug License numbers and regulatory identifiers
  • GST identification numbers
  • Billing and payment information
  • Product interest, number of locations, and preferred demo timing
  • Any other information you choose to provide

1.2 Information Collected Through Our Services

When you use our software products, we may collect:

  • Patient records and health information (as a data processor on your behalf)
  • Inventory, product, and medicine data
  • Billing and transaction records
  • Appointment and scheduling data
  • Laboratory test results and reports
  • Usage analytics and feature interaction data

1.3 Information Collected Automatically

When you visit our Website, we may automatically collect:

  • IP address and geographic location (city/country level)
  • Browser type, operating system, and device information
  • Pages visited, time spent, and navigation patterns
  • Referral source and search terms used
  • Cookies and similar tracking technologies

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Process transactions and manage subscriptions
  • Respond to your inquiries and demo requests
  • Provide customer support and technical assistance
  • Personalise your experience and provide relevant recommendations
  • Train and improve our AI and machine learning models (using anonymised and aggregated data only)
  • Send important service communications, updates, and security alerts
  • Send marketing communications (with your consent)
  • Analyse website traffic and usage patterns to improve our products
  • Prevent spam, fraud, and unauthorised access
  • Comply with legal obligations and regulatory requirements

3. Healthcare Data and Patient Information

When our customers use GoMeds software products to manage patient records, prescriptions, lab results, and other health information, we act as a data processor on behalf of the healthcare provider (the data controller). We understand the sensitive nature of healthcare data and apply the highest standards of protection:

  • Patient data is encrypted at rest (AES-256) and in transit (TLS 1.3)
  • Access to patient data is controlled by role-based permissions set by the healthcare provider
  • We do not sell, share, or use patient data for marketing purposes
  • Patient data is stored on secure servers located in India, managed by APPIT Software
  • AI model training uses only anonymised and aggregated data, never identifiable patient records
  • Healthcare providers retain full ownership and control of their patient data
  • Data can be exported or deleted upon request by the healthcare provider

3A. Software Hosting and Data Custody

All software developed by APPIT Software for its clients is hosted and maintained exclusively on servers owned or managed by APPIT Software. As a result:

  • All client business data, including patient records, inventory data, billing records, and operational data, resides on our managed servers
  • We maintain physical and logical custody of the servers and infrastructure on which your data is stored
  • Access to the underlying server infrastructure is restricted to authorised APPIT Software personnel only
  • We implement strict access controls and monitoring to ensure that your data is accessed only for the purposes of providing and maintaining the Services
  • Your business data remains your property at all times, and you may request data export in standard formats as described in our Terms of Service
  • Upon termination of services, you are responsible for exporting your data before the end of your paid subscription period. After termination, data may be permanently deleted as server resources are reallocated to other clients

4. Data Storage and Security

We implement comprehensive security measures to protect your data:

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Role-based access control (RBAC) with principle of least privilege
  • Multi-factor authentication (MFA) support
  • Comprehensive audit trails and activity logging
  • Regular security audits and penetration testing
  • Secure cloud infrastructure hosted in India
  • Automated backups with disaster recovery capabilities
  • Employee security training and access controls
  • Incident response procedures and breach notification protocols

While we take all reasonable steps to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your information.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information with:

  • APPIT Software: As our parent company, for business operations and service delivery purposes.
  • Service Providers: Trusted third-party vendors who assist us in operating our Services (cloud hosting, payment processing, email delivery, analytics) under strict confidentiality agreements and data processing agreements.
  • Legal Requirements: When required by law, court order, or government regulation.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate privacy protections.
  • With Your Consent: When you explicitly authorise us to share information.
  • Aggregated Data: We may share anonymised, aggregated data for research and industry benchmarking that cannot identify any individual or organisation.

6. Cookies and Tracking Technologies

Our Website uses cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for the Website to function properly (session management, security).
  • Analytics Cookies: Help us understand how visitors interact with the Website (e.g., Google Analytics).
  • Marketing Cookies: Used to deliver relevant advertisements and measure campaign effectiveness (e.g., Meta Pixel, LinkedIn Insight Tag). Only with your consent.

You can control cookie preferences through your browser settings. Disabling essential cookies may affect website functionality.

7. Your Rights

Under applicable Indian data protection laws, including the Digital Personal Data Protection Act (DPDPA) 2023, you have the right to:

  • Access: Request a copy of your personal data held by us
  • Correction: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data (subject to legal retention requirements)
  • Portability: Request your data in a machine-readable format
  • Withdraw Consent: Withdraw your consent for data processing at any time
  • Object: Object to processing of your personal data for certain purposes
  • Grievance Redressal: Lodge a complaint with our Data Protection Officer or relevant authority

To exercise any of these rights, please contact us at contact@appitsoftware.com.

8. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law:

  • Account data: Retained while your account is active; deleted after subscription ends and server resources are reallocated
  • Lead and inquiry data: Retained for 24 months from the date of submission
  • Transaction records: Retained for 8 years as required by Indian tax and commercial laws
  • Website analytics data: Retained for 26 months
  • Marketing consent records: Retained for the duration of consent plus 3 years
  • Support communications: Retained for 3 years after last interaction

9. Children's Privacy

Our Website and Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. International Data Transfers

Your data is stored and processed in India. If any data transfer outside India is necessary (e.g., for using global cloud services), we ensure appropriate safeguards are in place as required by applicable laws.

11. Third-Party Links

Our Website and Services may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Any changes will be posted on this page with an updated "Last updated" date. We will notify you of significant changes via email or through a notice on our Website.

13. Contact Us

If you have questions about this Privacy Policy, please contact us:

For data protection inquiries, please write to us at contact@appitsoftware.com with "Data Protection Inquiry" in the subject line.