Dermicea

Privacy Policy

Last Updated: June 26, 2026

At Dermicea, we understand that patient health records, diagnostic charting, and clinic financial data are highly sensitive. We are committed to safeguarding the privacy and security of all data processed through our platform.

This Privacy Policy explains how Dermicea ("we", "us", or "our") collects, uses, stores, and protects information when you use our Dermatology Clinic Management Software, EMR, and related services.

1. Our Role: Data Processor vs. Data Controller

In the context of patient health records (EMR):

  • The Clinic/Doctor is the Data Controller:You own and control your patients' medical histories, diagnostic images, prescriptions, and billing records.
  • Dermicea is the Data Processor: We act solely as a custodian. We host, process, and secure the data strictly on your behalf and in accordance with your instructions. We have no ownership rights over patient files.

2. Information We Collect

We collect information to provide, maintain, and secure our software:

  • Clinic Profile Information: Doctor names, email addresses, phone numbers, clinic addresses, GST details, and medical registration numbers used to set up the account.
  • Patient Data (EMR): Diagnostic notes, clinical photos, medical histories, prescription templates, laser/aesthetic parameters, and transaction records uploaded by your clinic staff.
  • Usage & System Logs: Device details, IP addresses, log files, and browser cookies used exclusively to manage secure logins and prevent unauthorized access.

3. How We Use Your Information

We use collected information solely to operate and improve our clinic workflows:

  • To enable EMR charting, prescription generation, and appointment calendars.
  • To deliver automated GST billing invoices and SMS/WhatsApp reminders directly to your patients on your behalf.
  • To troubleshoot technical issues, run security audits, and provide customer support.
  • To comply with legal obligations under applicable Indian medical regulations and data protection laws.

4. Data Sharing & Zero-Monetization Policy

We do not sell, rent, lease, or monetize your clinic data or patient medical records to anyone. We do not share records with pharmaceutical companies, cosmetic brands, or third-party advertisers.

We only share data with trusted infrastructure providers (like secure cloud hosting services, SMS gateways, and WhatsApp API providers) necessary to deliver our software services, and only under strict confidentiality agreements.

5. Data Security & Storage

We prioritize security above all else to ensure compliance with HIPAA and Indian IT security frameworks:

  • Encryption: All data is encrypted in transit using SSL/TLS protocols and at rest on secure cloud servers.
  • Daily Backups: Automated daily backups are stored in off-site secure locations to prevent data loss.
  • Access Controls: Multi-user permission settings allow you to control which staff members can see EMR notes, invoices, or stock records.

6. Data Retention & Portability (No Lock-In)

Your data belongs to you. If you choose to terminate your subscription with Dermicea, you have the right to request a full export of your patient files and records in standard formats (Excel/CSV).

Upon account termination, we will delete your clinic records from our active databases within 30 days, unless legally required to retain specific transaction logs.

7. Contact Our Data Protection Team

If you have any questions about this Privacy Policy or need help exporting your data, please contact us:

  • Email: info@dermicea.com
  • Phone: +91 79760 12491