Ayu Health
Hero background

PRIVACY POLICY

This privacy policy describes how Ayu, also can be referred as (”We”,” “Our,”, ”Ayu App” or “us”), is a privacy focused app and platform to maintain and access patient’s(”you”, “your”, “user”) health history and records easily and efficiently.

Users who access the features, services or resources provided are collectively known as (“services”). You also refer to the user of Services whether you are a website visitor, customer, representative of the company with whom we shall/do the business or another individual whose information is collected pursuant to this privacy policy.

The privacy and the security of your personal information are of utmost importance to us. This Privacy Policy outlines how we collect, use, and protect your information. By accepting the privacy policies for accessing and using our app, website, or web portal, you agree to the terms of this Privacy Policy & Terms of Use. For any further queries, kindly reach us on privacy@ayuapp.com

Changes in Privacy Policy

We may modify this Privacy policy from time to time, in which the ‘Last Updated’ date will be updated. If there is change in the use or disclosure of the information we collect, process or provide Service, we will use channels like(notifying with email address provided by you while registering with us or by other means consistent with applicable law ) to notify the user and take additional steps required by the applicable law. If you wish not to agree with the Privacy policy stated, please do not proceed further or use the services.

Last Updated: May 9, 2026

Scope of the Privacy Policy

This Privacy Policy applies to all users (current and former) and visitors of Ayu’s platforms. It governs the personal and non-personal information collected through our website, app, and web portal, including third-party services integrated into these platforms. By using Ayu’s services, you acknowledge and consent to the practices described herein.

Consent By User

  1. We suggest you please carefully read this document before sharing any personal information with us. This will help you understand types of personal data collected, how we protect and process the information collected, to whom we transfer it and rights of users which can be used for use of personal data.
  2. By using Ayu’s services, you agree to the terms of this Privacy Policy, including the collection, use, processing, and transfer of your personal data as outlined.
  3. You may revoke your consent at any time you wish.

Some features of our Services may require you to provide certain personal information. While you have the option to withhold this information, doing so may limit your access to specific features.

Collection and Use of user information

We collect personal information (also referred to as sensitive data by law) directly provided by you, indirectly collected through third-party integrations, or a combination both while using the services provided. This information may include:

  1. General Information: Name, Address, Email, Phone Number, Date of birth, Gender, Location, Profile Photo(if synced with Google or Apple account), also referred as (“contact information”). This information is used to provide services, features and communicate with you.
  2. Medical Data: Prescription, medical records, history, physical and/or psychological, and/or mental health conditions.
  3. Usage Information: Feedback, reviews, and activity on the platform.

If the information of the user collected is between 18 years and less and or 50 years and above, the user uploading and/or sharing the details shall be parent, child, blood relation or legal guardian of the user. Ayu will not be responsible to check and verify the authenticity of the relations between users if any user adds a family account or multiple users.

You may also avail to sync with the third party email account or services provided by them(Gmail, WhatsApp etc.) to access the documents. If you choose to sync your Google account with our Services, we access and disclose information from your account strictly in accordance with the Google API Services User Data Policy, including its Limited Use requirements.

In pursuit of our legitimate interests, we may de-identify or anonymize your information to ensure it cannot reasonably be linked to you or used to infer personal details (“Deidentified Information”, “anonymized information”). We may use such Deidentified Information for any purpose. If we process or retain de-identified information, we will maintain its anonymized state and will not attempt to re-identify it, except as necessary to verify compliance with legal de-identification requirements.

Everything is collected only after the user’s consent. We follow guidelines laid under Digital Personal Data Protection Act, 2023.

Ayu is not responsible for the verification of the information provided by the user. We will not be responsible for checking the authenticity/fraud/misinterpretation/accuracy etc directly collected from you or indirectly collected from the third party integrations. This information should be explicitly provided by you, ensuring that the information given is correct and true.

Non-Personal Information

We may collect non-personal information automatically without any explicit consent and other technologies to make sure your journey with us is seamless and hassle free, including:

We also ask for permission to use the device camera and microphone for capturing and storing the medical records through camera and access the Ayu Chatbot respectively. We ask for permission if the user wants to share the medical records with the doctor(while scanning the QR code) for a limited time(not more than 30 minutes) or permanently. We ask consent to read and/or write on external storage. No other file apart from documents scanned/uploaded by the user is accessed when the action is performed by the user.

Data Upload to Servers

When you upload a document or use any feature that processes your data, your information is transmitted to and stored on servers hosted on Google Cloud Platform (GCP) in Mumbai, India. Your data remains within India in compliance with applicable data localisation requirements. All data in transit is encrypted using TLS/HTTPS and at rest using AES-256 bit encryption.

Google and Third Party API Integration

Our app requires read-only access to sync user data, such as medical records, adhering strictly to the Google API Services User Data Policy, including Limited Use requirements.

Use of Personal Information

By using Ayu, you consent to the use of your personal information for the following purposes:

  1. Providing and improving services, including medical records management.
  2. Customizing user experience and personalizing recommendations.
  3. Responding to queries, feedback, or complaints.
  4. Ensuring security and preventing fraud.
  5. Complying with legal requirements and law enforcement requests.
  6. Preventing health or safety threats.
  7. Facilitating service-related communications.

When you use AI-powered features (such as document digitization and AI analysis), your documents and typed queries are transmitted to our AI providers for real-time processing. You will be shown a consent prompt before your data is sent to any AI provider. We may also de-identify or anonymize your data to improve AI model performance over time. See the Third-Party AI Services section for details on which providers we use.

Non-personal information may be used without consent for analytics, improving services, and enhancing user experience.

Disclosure of Information

Your information may be shared with:

  1. Contractors, service providers, and third-party partners providing us with the services who adhere to confidentiality obligations.
  2. We may disclose your information as required to comply with applicable laws, legal obligations, law enforcement requests, judicial orders, or regulatory inquiries. Additionally, we may share information to enforce our terms of service and safeguard the security of our business, employees, and users.
  3. Successor entities in the event of mergers, acquisitions, or restructuring.
  4. Professional Advisors(auditors, law firms or accounting firms) as and when necessary ensuring confidentiality and security.
  5. Other disclosed purposes with your explicit consent.

We do not “sell” or “share” any of the user's personal sensitive information.

Ayu is not responsible for verifying the authenticity of information provided by users and is not liable for fraud, misrepresentation, or negligence.

Third-Party AI Services

Izendai Papers uses the following third-party AI services to power features like document digitization and intelligent document analysis. When you use these features, relevant data (such as document images or typed queries) is transmitted to the respective provider for processing:

You will be asked for explicit consent before your data is sent to any of these providers. You may withdraw consent at any time via Settings → Privacy, which will disable AI-powered features but will not affect your stored documents.

Each AI provider used by Izendai Papers is bound by data processing agreements that ensure GDPR/DPDP-equivalent protections for your data.

Social features

Services included in the app may redirect you and initiate interactions between services and the third party services and platforms such as LinkedIn, X(formerly Twitter) , Instagram, Facebook, our own website and other social networks(“Social Features”). Social Features include features that allow you to access our pages on third-party platforms allowing users to “like”, “share”, “comment” on our content. Use of social features services may allow the third party to collect and/or use your information. If a user uses social features, information posted by you or made accessible may be publicly displayed by the third party services. In all of the above mentioned ways, Ayu will not be responsible to protect or maintain privacy with the third party applications.

Security Measures

We implement robust methodology safeguards to protect your data, including:

  1. Encryption of data at rest and in transit.
  2. Role-based access to sensitive data.
  3. Regular vulnerability assessments and penetration testing.
  4. We use AES-256 bit encryption to avoid MIM(Man in the Middle) attacks.
  5. We authenticate the phone number with OTP, linking with email address which makes sure easy account recovery.
  6. We host on VPC GCP which is compliant with GCP Well Architected Framework
  7. Our APIs are continuously monitored and reported using Threat hunting services for any security issues.
  8. We use HTTPS security protocol that encrypts data sent between a web browser and a website.

Despite our best efforts, Ayu is not liable for unauthorized access, data breaches, or errors beyond our control.

If the documents are forwarded to a human reviewer(in case of Handwritten prescription), we ask the user for their consent. The personal information given in prescription is anonymized before forwarding for human intervention. We make sure pharmacies associated with us maintain confidentiality and  are legally certified by the government.

User Rights

As a user, you have the right to:

  1. Access, modify, or correct your personal information.
  2. Revoke consent for data processing (some features may become inaccessible).
  3. Opt-out of promotional communications.
  4. Delete your account from Ayu (this may affect the features offered by us)
  5. Withdrawal of consent(lead to no access to the services provided by Ayu)
  6. Opt out of AI-powered features at any time via Settings → Privacy. This will disable AI features (e.g. document digitization, AI analysis) but will not affect your stored documents.

For exercising these rights, contact om@ayuapp.com

Amendments

This Privacy Policy may be updated periodically. Continued use of Ayu’s services constitutes acceptance of any changes. Please review the policy regularly.

Responsible Disclosure

We value your feedback on our privacy practices. If you discover vulnerabilities or have security concerns, contact us immediately. We will address legitimate issues promptly.

Thank you for trusting Ayu with your personal and healthcare data. We are committed to safeguarding your privacy and delivering a secure and user-centric experience.

How Can I Digitize Medical Records? Ayu AI App for Indian Families