Legal

Privacy Policy

Last updated 7 July 2026

Your trust matters. This policy explains what data Dorays collects, how we use and protect it, and the choices you have.

01Overview

This Privacy Policy explains how Dorays Pathology Pvt. Ltd. ("Dorays", "we", "us") collects, uses, shares and protects information when you use the Dorays software and related services (the "Service").

We act as a processor of the patient and lab data you enter, and as a controller of the account and usage data we collect to run and improve the Service.

02Information we collect

We collect the following categories of information:

  • Account details you provide at sign-up, such as lab name, contact name, phone number and email.
  • Lab data you enter, such as patient records, test results and reports ("Your Data").
  • Usage and device data, such as log-in times, feature usage, browser and IP address, collected to keep the Service secure and reliable.
  • Communications you send us, such as support requests and demo enquiries.

03How we use information

We use information to:

  • Provide, maintain and secure the Service and your account.
  • Process and deliver reports through channels you enable, such as WhatsApp, email and the patient portal.
  • Provide support, respond to enquiries and send service updates.
  • Improve reliability, performance and features, including AI-assisted tools.
  • Meet legal, regulatory and audit obligations.

04Patient and health data

Your Data may include sensitive health information. You remain responsible for obtaining the consents required to collect and process patient data. We process Your Data only on your instructions to provide the Service, and we do not sell it or use it for advertising.

05How we share information

We do not sell your information. We share it only in limited circumstances:

  • With trusted service providers (such as cloud hosting and messaging) who process data on our behalf under confidentiality obligations.
  • With people you authorise, such as your team members, referral partners and the patients you send reports to.
  • Where required by law, regulation or valid legal process.
  • In connection with a business transfer, subject to this Policy.

06Security

We use technical and organisational measures to protect information, including encryption in transit and at rest, role-based access controls, secure authentication and automated daily backups. No system is perfectly secure, so we also encourage you to protect your login credentials and use least-privilege access.

07Data retention

We retain Your Data for as long as your account is active or as needed to provide the Service and meet legal and audit requirements. On termination you can request an export for a limited period, after which data may be deleted or anonymised in line with our retention practices.

08Your rights

Subject to applicable law, you may request access to, correction of, or deletion of your personal data, and you may object to or restrict certain processing. To make a request, contact us using the details below. Because much of the data is controlled by your lab, we may direct certain requests to the relevant lab.

09International processing

Dorays serves labs across multiple countries, and information may be processed in locations where we or our service providers operate. Where required, we apply appropriate safeguards for cross-border transfers.

10Changes and contact

We may update this Policy from time to time. Material changes will be notified through the Service or by email. For privacy questions or requests, contact us at support@dorays.com or write to Plot No. 24, Sector 62, Noida, Uttar Pradesh 201309, India.

This page is a general template provided for information and is not legal advice. Please have it reviewed by qualified legal counsel before relying on it. Questions? Write to us at support@dorays.com.