ClinicPmsClinicPms

Legal

Privacy policy

We treat clinic and patient data as sacred. This page is a plain-language summary of how we protect it.

Last updated: 1 January 2026.

1. Who we are

ClinicPms Technologies (“ClinicPms”, “we”) is the operator of the ClinicPms clinic management platform. We're registered in India and our office is in Bengaluru, Karnataka.

2. What data we collect

  • Clinic data you enter into the product — patient records, appointments, prescriptions, invoices, messages, consent forms, inventory, and reports.
  • Account data — your name, email, phone and role within the clinic.
  • Marketing leads — name, phone, email, clinic name and city when you fill a form on this website.
  • Technical telemetry — anonymised crash logs, error traces, browser and device information used to keep the product reliable.

3. Where your data lives

All clinic and patient data is hosted on encrypted servers located in India. Backups are stored within India and encrypted at rest. We never sell, rent or share your patient data with any third party.

4. How we protect it

  • Encryption in transit (TLS 1.2+) and at rest (AES-256).
  • Role-based access control (RBAC) — staff only see what they're permitted to.
  • Every important action is recorded in an immutable audit log.
  • Daily off-site, encrypted backups with point-in-time restore.
  • Strict secret management and least-privilege internal access.

5. Your rights

You can export all your clinic data as CSV/Excel from inside the app at any time. If you cancel your account, we delete your data after a 30-day grace period unless you ask us to delete it sooner.

6. Cookies

We use only essential cookies (e.g. to keep you signed in). We do not use third-party advertising cookies, profiling cookies, or sell any behavioural data.

7. Contact

For any privacy questions, email us at support@clinicpms.com.