ViKavach
shopping_cart
ViKavach
shopping_cart person
ViKavach
Legal & Security Documentation

Privacy Policy

Protocols for data integrity, clinical compliance, and the secure management of UV-C sterilization telemetry within the ViKavach ecosystem.

01 Introduction

ViKavach Hygiene Solutions ("ViKavach", "we", "us", or "our") operates at the intersection of high-frequency UV-C sterilization and advanced data informatics. This Privacy Policy outlines our rigorous standards for handling facility data, operational telemetry, and personnel records as they relate to our sterilization hardware and software platforms.

In clinical environments where precision is paramount, data privacy is treated with the same engineering rigor as our hardware. We ensure that all interactions with our "Digital Twin" technology and IoT arrays are documented, encrypted, and compliant with global healthcare standards.

02 IoT Telemetry Data Collection

Hardware Telemetry

  • check_circleUV-C Lamp Output & Wavelength Stability
  • check_circleCycle Duration & Pathing Analytics
  • check_circleAmbient Temperature & Humidity Levels

Facility Mapping

  • check_circleSpatial LiDAR Point Clouds
  • check_circleRoom Configuration Metadata
  • check_circleCritical Surface Proximity Data

Telemetry data is utilized exclusively for sterilization verification and predictive maintenance. We do not engage in surveillance or behavioral tracking of personnel beyond what is strictly necessary for workplace safety during active UV-C cycles.

03 Digital Twin & Virtual Assets

High-tech interface displaying 3D digital twin of a clinical facility with blue light overlays and data points
model_training

Asset Simulation Privacy

The ViKavach Digital Twin platform creates a virtual replica of your facility to simulate UV-C coverage. All spatial data uploaded to create these twins is classified as Restricted. Virtual assets are siloed by facility ID and are never used to train aggregate models that could expose layout vulnerabilities of sensitive healthcare environments.

04 NABH / ISO / HIPAA Compliance

NABH

Full compliance with Indian National Accreditation Board for Hospitals guidelines for sterilization records.

ISO 27001

Information Security Management System standards applied to all data processing centers.

HIPAA

Strict administrative, physical, and technical safeguards for PHI (Protected Health Information).

encrypted

256-BIT

Military Grade Encryption

Data At Rest & In Transit

Every data packet transmitted from a ViKavach hardware unit to our cloud core is secured using AES-256 encryption. Our proprietary "Secure Link" protocol ensures that sterilization reports cannot be intercepted or spoofed, maintaining the integrity of your facility's safety audit trail. Access to the Digital Twin dashboard requires Multi-Factor Authentication (MFA) as a mandatory security baseline.

06 Personal Data Collection & Processing

While our primary data collection involves IoT telemetry, the operation of the ViKavach platform requires the processing of specific Personal Data (as defined by the DPDP Act, 2023).

Data Collected:

  • Identity & Access Data: Operator Names, Employee IDs, Roles, Email Addresses, and Phone Numbers required for dashboard access.
  • Usage Logs: IP addresses, login timestamps, and session durations tied to specific user accounts for audit trailing.

Purpose of Processing: We process this Personal Data solely for the provision of our services, securing platform access, generating compliance reports (e.g., operator-specific audit logs), and communicating critical system alerts. We do not use Personal Data for targeted advertising.

07 Data Sharing & Sub-Processors

ViKavach does not sell, rent, or trade Personal Data. Data may be shared strictly on a need-to-know basis with:

  • Authorized Sub-Processors: Secure cloud hosting providers (e.g., AWS/Azure) operating under strict data processing agreements.
  • Legal Authorities: If mandated by a valid court order or regulatory requirement under Indian law.

08 Data Retention

Personal Data is retained only for as long as the Customer maintains an active contract with ViKavach, or as required to fulfill legal, accounting, and compliance obligations. Upon termination of the contract, all Personal Data will be securely anonymized or permanently deleted within 60 days, barring data required for legal dispute resolution.

09 Rights of the Data Principal (User Rights)

Under the DPDP Act, 2023, individuals whose data we process have the right to:

  • Information & Access: Request a summary of their Personal Data processed by ViKavach.
  • Correction & Erasure: Request the correction of inaccurate data or the erasure of their data (subject to hospital compliance requirements).
  • Nomination: Nominate an individual to exercise these rights in the event of death or incapacity.

Note: As ViKavach acts as a Data Processor on behalf of the hospital (the Data Fiduciary), users must typically route these requests through their hospital’s IT/HR department.