Skip to main content
Back to Home
Aarogya Assist

Your Data Rights (DPDP)

Last updated: May 31, 2026

1. The rights you have

The Digital Personal Data Protection Act, 2023 (DPDP) gives you specific rights over the personal data we hold about you. This page lists those rights and the canonical way to exercise each one with us. Most actions can be done directly from your account; a few require contacting our Grievance Officer (whose details are in Section 3).

For the broader context — what data we collect, how we use it, retention periods — read our Privacy Policy.

2. How to exercise each right

§11 — Right to access your data

Download a portable copy of everything we hold about you: profile, uploaded reports, AI chat history, audit log entries, billing records.

How to use it: Sign in → Settings → Data Export Request export. We generate a JSON + PDF bundle, encrypt it with a one-time link, and email you when it's ready (typically within 24 hours).

Anonymous users (without an account): email the Grievance Officer with proof of identity and we'll process within the SLA below.

§12 — Right to correction

Fix anything inaccurate — your name, DOB, blood group, emergency contact, etc.

How to use it: Sign in → Settings → Profile. Most fields are directly editable. For fields that need verification (e.g. ABHA number, medical history), file a correction request via Settings → Grievances → Data correction.

§12 — Right to deletion (erasure)

Permanently delete your account and all the data we hold about you (subject to the legal retention windows in Section 4 of our Privacy Policy).

How to use it: Sign in → Settings → Account → Delete account. There's a 30-day cooling-off window — you can cancel the deletion during that period. After the window, all rows in our database that personally identify you are removed; encryption keys for any fields we cannot remove (audit-log entries we're required to keep) are destroyed so the rows become unreadable.

§13 — Right to grievance redressal

File a grievance about any privacy concern — failed correction, slow export, unauthorized use, inappropriate retention.

How to use it: Sign in → Settings → Grievances → Submit grievance. Pick a category, write what happened, and our team responds within 30 days.

Anonymous: contact the Grievance Officer directly via the channels in Section 3 below.

§14 — Right to nominate

Designate someone (a 'nominee') who can exercise these rights on your behalf in the event of your death or incapacity.

How to use it: Currently handled through the Grievance Officer. Send us the nominee's name, relationship to you, and a contact email. We confirm receipt and add the nomination to your account record.

§16 — Right to data portability

Receive your data in a structured, machine-readable format that you can transfer to another service.

How to use it: Same flow as §11 (Settings → Data Export). The generated bundle is JSON-formatted under a documented schema (we'll happily share the schema if you want to import elsewhere).

3. Grievance Officer contact

Per DPDP §10(7), the Grievance Officer is our designated point of contact for any grievance about personal data processing. Response SLA: 30 days.

Name: Shubham Soni

Email: grievance@aarogyaassist.com

Phone: +91-9251187144

Address: Aarogya Assist, Bhilwara, Rajasthan, India

4. Data Protection Officer (DPO)

For broader privacy questions, data-protection-impact assessments, or to request a copy of our security posture documentation: dpo@aarogyaassist.com. The DPO is reachable for general inquiries; for actionable grievances use the Grievance Officer above.

5. If you're not satisfied with our response

You may escalate to the Data Protection Board of India established under DPDP §18. Their public-facing portal handles complaints after a controller fails to resolve a grievance within the statutory window.

For security-incident reports (something more urgent than a standard grievance — e.g. you suspect unauthorized access to your account, or you've discovered a vulnerability):