Privacy Policy

Last updated: February 03, 2026

At Sujiva Atlas, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our healthcare CRM and cloud report storage services.

1. Information We Collect

Personal Information

We collect information that you provide directly to us, including:

  • Name, email address, and contact information
  • Professional credentials and healthcare facility information
  • Account login credentials
  • Payment and billing information

Health Information

As a healthcare service provider, we collect and store Protected Health Information (PHI) including:

  • Patient medical reports and diagnostic results
  • Clinical notes and interpretations
  • Medical imaging and test results

Usage Information

We automatically collect certain information about your device and how you interact with our services:

  • Device information (IP address, browser type, operating system)
  • Usage patterns and feature interactions
  • Log data and error reports

2. How We Use Your Information

We use the collected information for the following purposes:

  • Providing and maintaining our CRM and cloud storage services
  • Processing and storing patient reports securely
  • Enabling report interpretation and analysis features
  • Communicating with you about service updates and support
  • Improving our services and developing new features
  • Ensuring compliance with healthcare regulations (HIPAA, HITECH)
  • Detecting and preventing fraud or security breaches

3. HIPAA Compliance

Sujiva Atlas is fully compliant with the Health Insurance Portability and Accountability Act (HIPAA). We implement appropriate administrative, physical, and technical safeguards to protect PHI:

  • End-to-end encryption for data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security audits and risk assessments
  • Business Associate Agreements (BAA) with covered entities
  • Employee training on HIPAA compliance

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • With Your Consent: When you explicitly authorize us to share information
  • Service Providers: With trusted third-party vendors who assist in operating our services (under strict confidentiality agreements)
  • Legal Requirements: When required by law, court order, or government regulation
  • Healthcare Operations: With authorized healthcare providers for treatment, payment, and operations
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement industry-leading security measures to protect your information:

  • 256-bit AES encryption for stored data
  • TLS 1.3 encryption for data transmission
  • Multi-factor authentication (MFA)
  • Regular security penetration testing
  • Automated backup and disaster recovery systems
  • 24/7 security monitoring and incident response

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • Patient reports: Retained according to applicable medical record retention laws (typically 7-10 years)
  • Account information: Retained while your account is active and for a reasonable period thereafter
  • Usage data: Retained for up to 2 years for analytics and service improvement

7. Your Rights

You have the following rights regarding your information:

  • Access: Request access to your personal and health information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your information (subject to legal retention requirements)
  • Portability: Request a copy of your data in a portable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing of your information

8. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

  • Essential cookies for authentication and security
  • Analytics cookies to understand usage patterns
  • Preference cookies to remember your settings

You can control cookie preferences through your browser settings.

9. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children without parental consent.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through our service. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

  • Email: privacy@sujiva-atlas.com
  • Phone: +91 8866209701
  • Address: 130, Magnus Shopping center, Althan Canal Rd, Althan, Surat, GJ 395017