logo
Privacy Policy for Shakti Health
Effective date: 6 May 2026

Shakti Health provides a mobile application used for patient registration, clinical documentation, service recording, vaccination tracking, follow-up, and appointment management.

This Privacy Policy explains what information we collect, how we use it, when we share it, and the choices available to users.

1) Scope

This Privacy Policy applies to the Shakti Health Android app and related backend services used to synchronize data.

2) Information We Collect

Depending on how the app is used, we may process the following categories of data:

A. Account and organization data
  • Username/user ID
  • Authentication tokens
  • Branch, sub-branch, and service location details
B. Patient profile data
  • Name, registration number, phone number
  • Date of birth, age, gender, blood group
  • Membership/verification details
  • Patient image (if captured or selected)
C. Health and care data
  • Chief complaints and danger signs
  • Vitals
  • Diagnosis
  • Pathology/lab values
  • Vaccination records and dose dates
  • Pregnancy-related details (if recorded)
  • Referral and follow-up information
  • Appointment details
D. Service and transaction data
  • Service name/category
  • Quantity, price, and total
  • Visit/prescription references and timestamps
E. Technical and app operation data
  • App version and device-related technical info needed for app reliability and sync operations
  • Basic logs for troubleshooting and error diagnosis
3) How We Collect Information

We collect information in these ways:

  • Directly from users when they enter or update records in the app.
  • From connected systems/APIs when syncing authorized data.
  • From local device storage for offline-first operation (local database).
  • From user-initiated file actions (for example import/export/backup files).
4) Why We Use Information

We use information to:

  • Provide healthcare workflow functionality (registration, clinical notes, diagnosis, pathology, vaccines, services, appointments, and follow-up).
  • Enable offline use and subsequent synchronization.
  • Generate operational summaries/reports.
  • Support backup/restore and data migration workflows.
  • Maintain app security, integrity, and performance.
  • Comply with applicable legal, regulatory, and contractual obligations.
5) Data Sharing and Disclosure

We may share data:

  • With authorized backend services and infrastructure providers necessary to operate the app.
  • With authorized healthcare administrators or organizations using the app.
  • When required by law, regulation, legal process, or lawful government request.
  • To protect rights, safety, and security of users, patients, or the service.

We do not sell personal data.

6) Local Storage, Sync, and Transfers
  • The app stores records locally on the device database to support offline use.
  • When network is available and user/session is authorized, selected records may be synced to backend services.
  • Backup/export actions are user-initiated.
  • If data is transferred across regions, we apply reasonable safeguards appropriate to the transfer.
7) Permissions and Device Access

The app may use device/network capabilities for core operations, such as:

  • Internet/network access for login, sync, and API communication.
  • File/media access when the user selects files/images or uses import/export features.
  • Notifications (if enabled) for app reminders/updates.

Permissions are requested and used only as needed for relevant features.

8) Data Retention

We retain data for as long as necessary to:

  • Deliver app services,
  • Maintain healthcare records per organizational/legal requirements,
  • Resolve disputes, enforce agreements, and meet legal obligations.

Retention periods may vary by data type and legal requirements.

9) Data Security

We implement reasonable technical and organizational measures to protect data against unauthorized access, loss, misuse, or alteration. However, no system can be guaranteed 100% secure.

10) User Rights and Choices

Subject to applicable law and organizational policy, users may request to:

  • Access, correct, or update information,
  • Delete data where legally permissible,
  • Restrict certain processing,
  • Export data where supported.

To exercise rights, contact us using the details below.

11) Children

This app is intended for professional healthcare use. It is not directed to children as a consumer app. Patient records for minors are handled by authorized healthcare users according to applicable law and policy.

12) Third-Party Services

The app may rely on third-party SDKs/services for functionality such as networking, notifications, file handling, and sharing/printing. Such providers process data only as needed to provide their service components and under their own privacy terms.

13) Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version with a revised effective date.

14) Contact Us

If you have questions or privacy requests, contact:

  • Organization: Nirupon Limited
  • Email: contact@nirupon.com
  • Address: Flat A8-T1-10-01, Bijoy Rakeen City, Mirpur 15, Dhaka - 1216
  • Data Protection Contact: Md. Giash uddin Sikder, giash@nirupon.com