Privacy policy
Last updated: 30 April 2026. This policy describes how Pratyaksh handles personal data under the Digital Personal Data Protection Act 2023 (DPDP) and the data-residency expectations of MeitY and Cert-In.
1. Data fiduciary
Pratyaksh is operated by Cognoshift Private Limited (DPIIT-recognised startup), acting as Data Processor on behalf of the Department of Ex-Servicemen Welfare (DESW) and the empanelling authorities of the schemes it surveys (ECHS, CGHS, AB-PMJAY). The Data Fiduciary is the relevant Government scheme owner. Cognoshift acts strictly on documented instructions and is bound by Data Processing Agreements with each Fiduciary.
2. What we collect
Beneficiary identifiers reach Pratyaksh only as SHA-256 hashes plus last-four digits of Aadhaar / PAN. We do not retain raw Aadhaar numbers, PAN numbers or biometrics. Claim line items, hospital empanelment data, polyclinic referrals and tele-audit outcomes are stored for the lifetime of the case plus 24 months for non-flagged claims, indefinitely for flagged claims per CAG / CBI evidentiary requirements.
3. What we do NOT collect
We do not collect: PHI beyond what is in the BPA submission; audio from bedside calls (visual only, and only with documented consent under Sec. 6 DPDP); beneficiary contact information beyond the smart-card number; any data from E-SeHAT, CGHS HMIS or NABH inspection systems.
4. Lawful basis
Processing is grounded in Sec. 7(b) DPDP — performance of a function under Indian law (CAG audit authority under Article 149, ECHS DESW orders, the Aug-2025 punitive-action centralisation order) — and Sec. 7(g) for prevention and investigation of fraud against public funds.
5. Data principal rights
Beneficiaries identified in our system retain Sec. 11–14 DPDP rights: access, correction, erasure where applicable, grievance redressal. Erasure requests intersecting an active fraud inquiry are held until the Channel of Inquiry concludes, per Sec. 17(1)(c) exceptions.
6. Sovereign hosting
All compute and storage is in Indian regions. Encryption keys are held in a managed HSM service (FIPS 140-2 Level 3 target). Backups are restricted to Indian regions and encrypted at rest.
7. Sub-processors
Supabase (managed Postgres + auth) — under DPA. Vercel (compute) — under DPA, Mumbai region. Resend (transactional email) — only for sign-in links; no claim or beneficiary data routed via email. Each sub-processor is engaged under a written contract that flows down DPDP and CERT-In Directive 70(3)/2022 obligations.
8. Data Protection Officer
DPO is appointed within Cognoshift Private Limited. Contact: dpo@cognoshift.in. Grievance window: 7 working days. Escalation route: Data Protection Board of India under DPDP Sec. 13.
9. Data breach notification
Material breaches are reported to Cert-In within 6 hours and to the Data Protection Board and affected Data Fiduciaries as required by DPDP Sec. 8(6). Breach playbook is published in /security.