Legal · OneKinAI India Private Limited
This Privacy Notice should be read together with any agreement between OneKinAI and its hospital customers, including applicable Data Processing Agreements.
Important: Naadi Health is a software platform provided to hospitals and healthcare institutions. Where applicable under the Digital Personal Data Protection Act, 2023 ("DPDP Act"), hospitals are the Data Fiduciary in relation to patient personal data. OneKinAI India Private Limited generally acts as a data processor or service provider on behalf of hospitals and under their instructions. Nothing in this Privacy Notice creates any contractual rights beyond those provided by applicable law or your written agreement with us.
OneKinAI India Private Limited ("OneKinAI", "we", "us", "our") develops and operates Naadi Health, a clinical documentation and hospital management software platform. We are a technology company incorporated under the Companies Act, 2013. We provide software — we do not provide healthcare, medical advice, or clinical services. Hospitals and licensed healthcare professionals provide healthcare.
AI-generated outputs within the Naadi platform are intended solely as decision-support tools for licensed healthcare professionals and must be independently assessed by the treating healthcare professional before being relied upon in clinical care. OneKinAI does not determine the medical necessity, accuracy, diagnosis, treatment, or appropriateness of clinical decisions recorded within the platform.
OneKinAI India Private Limited
1158, Paduvana Road, 2nd Cross, TK Layout, Ramakrishna Nagar
Mysore, Karnataka 570022, India
CIN: U62099KA2026PTC218387
Grievance Officer: Dhanya Tatachar
Email: dafanetilabs@onekinai.com
Phone: +91 78920 28791
Generally available Monday to Friday, 10 AM – 6 PM IST
Where applicable under the DPDP Act, hospitals are the Data Fiduciary for patient personal data. OneKinAI generally acts as a data processor or service provider, processing patient information primarily and in accordance with the instructions of hospitals.
Hospitals are responsible for:
If you are a patient with questions about how your health records are managed, please contact your hospital directly.
This Privacy Notice applies to patients whose health information is processed through the Naadi platform on behalf of hospitals, hospital staff and administrators who use the platform, and visitors to naadi-health.com. Website visitors generally provide only limited information such as contact form submissions and limited technical information.
We process patient and clinical information primarily to deliver the Naadi platform on behalf of hospitals — enabling clinical documentation, care coordination, administrative workflows, and patient communication where authorised by the hospital. We process personal information only for purposes compatible with those instructed by the hospital or otherwise permitted under applicable law.
We do not sell patient data, use it for advertising, share it across hospitals without authorisation, or use it to train general-purpose AI models except where expressly authorised by the hospital with appropriate legal basis and consent where required by law. We do not disclose personal data to third parties except as described in this Notice or unless required by applicable law.
OneKinAI does not determine the medical necessity, accuracy, diagnosis, treatment, or appropriateness of any clinical decision recorded within the platform.
Data is primarily stored in secure cloud infrastructure located in India unless otherwise agreed with the customer or required for lawful processing. Certain service providers we engage may access or process data outside India under appropriate contractual, technical and organisational safeguards, including providers of cloud infrastructure, AI processing, and monitoring services.
We retain information only for as long as reasonably necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Patient clinical records are retained in accordance with applicable law, contractual obligations, and hospital instructions. Staff and system logs are retained for security and compliance purposes. We will delete or anonymise data upon contract termination in accordance with our agreement with the hospital.
We engage carefully selected third-party service providers who are contractually required to process data only as instructed by us and under appropriate confidentiality and data protection obligations. These include providers of:
We implement industry-standard administrative, technical, and organisational safeguards to protect the information we process, including encryption, role-based access controls, audit logging, authentication controls, monitoring, and secure software development practices. Our security controls are continually reviewed and improved. While we implement reasonable and appropriate safeguards, no electronic system can be guaranteed to be completely secure. In the event of a breach affecting patient data, we will notify the relevant hospital promptly in accordance with our Data Processing Agreement and applicable law.
As hospitals are generally the Data Fiduciary for patient health records, patients should contact their hospital directly to exercise rights of access, correction, deletion, or portability of their health records. Hospitals manage these requests in accordance with their obligations under applicable Indian law. OneKinAI will support hospitals in fulfilling such requests within the capabilities of the platform.
The Naadi clinical platform uses only essential session cookies required for authentication and platform operation. We do not use advertising, tracking, or analytics cookies on the clinical platform. Our public website (naadi-health.com) may use basic analytics to understand site traffic.
Naadi Health processes clinical records for patients of all ages in the course of healthcare delivery. For patients under 18, hospitals are responsible for ensuring that appropriate parental or guardian consent is obtained in accordance with applicable law.
If OneKinAI undergoes a merger, acquisition, restructuring, financing, sale of assets, or similar corporate transaction, personal information may be transferred to the acquiring or successor entity as part of that transaction, subject to applicable law and appropriate confidentiality obligations.
We may update this Privacy Notice from time to time to reflect changes in our practices or applicable law. We will update the effective date and notify hospital administrators of material changes. We encourage you to review this Notice periodically to stay informed of any updates.
This Privacy Notice shall be governed by the laws of India. Any disputes arising in connection with this Notice shall be subject to the jurisdiction of the courts having competent jurisdiction at Mysuru, Karnataka.
For privacy-related questions, complaints, or to exercise any rights under applicable law, please contact our Grievance Officer:
Dhanya Tatachar — Grievance Officer
OneKinAI India Private Limited
1158, Paduvana Road, 2nd Cross, TK Layout, Ramakrishna Nagar
Mysore, Karnataka 570022, India
Email: dafanetilabs@onekinai.com
Phone: +91 78920 28791
We will endeavour to respond to all privacy-related queries and complaints in a timely manner.