Trust & Compliance
How we handle your medical data
We built MedFast.AI around four principles, each with concrete engineering choices behind them. This page is the public record of what we've done, when it was last reviewed, and where to ask questions.
We don't give medical advice
The AI is configured as an explainer only. It cannot diagnose, prescribe, or instruct action — every result tells you to consult your doctor.
Your medical data stays on your device
Reports, family vault, notes, passport, medications, photos, trends — all in your browser. Never transmitted to our servers.
DPDP-compliant by design
India's Digital Personal Data Protection Act, 2023. Consent recorded with version + timestamp; rights of access, correction, erasure honoured.
AI can be wrong — we say so
Every user must acknowledge a 3-checkbox safety notice before first use. Every result page repeats the reminder.
What we've done — and where to verify it
| Area | What we've done | Where |
|---|---|---|
| Privacy Policy | Live, versioned. Last updated: 2026-05-28 (v2). | Open |
| Terms of Service | Live, versioned. Last updated: 2026-05-28 (v1). | Open |
| Grievance Officer | Named in privacy policy + footer. 48-hour acknowledgement, 30-day resolution. | Contact |
| Right of access (DPDP §11) | One-click JSON download of everything we hold on you. Account info, every AI call, audit events — no medical content, because we don't have any. | Account → Your data |
| Right of erasure (DPDP §12) | Self-service account deletion. Removed within 7 days. | Account → Delete |
| Proof of consent | Privacy policy version + timestamp recorded per user at signup. Safety-notice acknowledgement recorded with version + timestamp on first launch. | Server-side audit trail |
| Adult-only accounts | Account holders must be 18+. Server-enforced. Children added to the Family Vault stay local-only on the parent's device. | Enforced at /signup |
| Guardian consent | When adding a person to the Family Vault, account holder acknowledges consent / lawful guardianship. | /family |
| Data minimisation | Our database stores only: account row, salted IP hash, per-analysis usage row (no content), admin audit events. Medical content never reaches our server. | Architectural |
| Cross-border transfers | Disclosed: Vercel (USA), Neon (USA/EU), Google Gemini (USA), OpenRouter/Anthropic (USA), Resend (USA). Permitted under current DPDP rules. | Privacy §13 |
| Breach notification | 72-hour DPBI + affected-user notification runbook, including templates and contact tree. | Internal: docs/breach-runbook.md |
| Data Protection Impact Assessment | Documented risks, mitigations, and residual risks. Reviewed every 6 months. | Internal: docs/dpia.md |
| Security baseline | bcrypt password hashing, HttpOnly JWT cookies, HTTPS + HSTS, CSP, salted IP hashing, defence-in-depth prompt-injection filtering, parameterised SQL via Drizzle. | Privacy §10 |
| AI safety prompts | Every AI route is configured as an information-only explainer. Explicit rules forbid diagnosis, prescription, and imperative instructions. | lib/prompts.ts and others |
| First-launch safety gate | 3-checkbox forced acknowledgement before any use. Cannot be dismissed without ticking. | In-app, all routes |
| Right to withdraw marketing consent | Separate, optional opt-in at signup. Withdrawn by emailing the Grievance Officer. | Email us |
| No advertising, no third-party trackers | We do not show ads. We do not embed third-party analytics or trackers. Cookies used only for authentication. | Architectural |
What MedFast.AI is NOT
- Not a medical device within the meaning of the Drugs & Cosmetics Act / CDSCO regulations. We do not diagnose.
- Not telemedicine under the Telemedicine Practice Guidelines 2020. We do not advise; we translate.
- Not an emergency service. In a medical emergency, call 112 (India) — do not rely on this app.
- Not always right. AI explanations can be wrong. Confirm with a qualified medical professional before acting on anything.
The architectural promise
The strongest privacy guarantee is one a server cannot break — because the data never reaches the server. MedFast.AI stores all of your medical content (reports, family vault, notes, passport, medications, photos, trends, vaccinations, lifestyle profile) in your browser's local storage and IndexedDB. The only thing that briefly leaves your device is the text or image you upload to be analysed — passed through to the AI for one inference, then discarded. No logs, no caches, no model training.
Switch browsers, clear your cache, or delete the app — your medical data goes with it. We never had a copy.
Questions, audits, or partnership conversations
For DPDP grievances, security reports, audit requests, or B2B partnership conversations (hospital, lab, insurer), write to hslamba95@gmail.com. The Grievance Officer / Data Protection contact is Harkirat Singh Lamba, India.
This page is a living summary. Last reviewed alongside the privacy policy on 2026-05-28 (v2).