Welcome to the web site(s) (the "Site" or "Sites") or Chrome Extension (the "App") of Zonov.ai ("Company", "we", "us" and/or "our"). This Site is operated by Zonov.ai and has been created to provide information about our Company and our hospital registration assistance services, Chrome extension and related products and services (together with the Sites and/or the App, the "Services") to our Service visitors and users ("you", "your"). This Privacy Policy sets forth the Company's policy with respect to information, including personally identifiable data ("Personal Data") and other information that is collected from visitors to the Site and users of the Services. The Services are intended for use by authorised hospital staff and administrators only.
This Privacy Policy covers our collection, use and disclosure of information about identifiable individuals and information which can be used to identify an individual ("Personal Data"). Personal Data does not include "aggregate" information which we aggregate from information (including Personal Data) you provide to us. Personal Data may be collected about our customers, prospective customers, visitors to the Website, and end users of the Services. You can choose not to provide us with certain information, but by doing so, you may not be able to take advantage of many of the features and functionality of our Services.
The Services are intended for use by health care providers and hospital staff ("Customers"). Our Customers are responsible for maintaining their own privacy policies governing the collection, use and disclosure of Personal Data and for obtaining the necessary authorisations and consents before any Personal Data are made available to us for use in accordance with this Privacy Policy.
When you interact with us through the Services, we may collect Personal Data about you and your patients, and other information from you, as further described below:
Hospital Staff Users: The Company makes its Website and the Services available to hospitals and medical practices. In order to provide the Services to our hospital clients ("Hospital Users"), the Company collects certain Personal Data such as contact and registration information from the Hospital User employee signing up on behalf of the Hospital User.
Patient Data (via Extension): When hospital staff use the Extension to register patients, basic demographic and contact information may be extracted from government-issued identity documents to assist in completing the hospital's registration form. This data is submitted directly into the hospital's own secure, locally-hosted HIMS system and remains under the exclusive control of the hospital. Zonov.ai does not store, process, or have access to this patient information — it passes through the Extension only to populate the hospital's registration form.
Biometric Data: If the Return Patient Recognition feature is used, a compact mathematical face descriptor (not a photograph) is generated on-device and stored. The original camera image is never uploaded or stored. Hospitals are responsible for obtaining explicit patient consent before enabling this feature.
Voice Data: When Voice Fill is activated, audio is captured and sent for transcription. The audio is processed transiently and discarded immediately after the transcript is returned. No audio recordings are stored.
The Company uses the Personal Data you provide in a manner that is consistent with this Privacy Policy. Specifically, the Company uses Personal Data to:
The Company takes reasonable steps to protect the Personal Data provided via the Services from loss, misuse, and unauthorised access, disclosure, alteration, or destruction. All network communication uses HTTPS/TLS encryption. Hospital data is logically isolated — one hospital's staff cannot access another hospital's patient records. API credentials for third-party services are stored server-side only and are never exposed in the Extension code.
Face recognition model inference runs entirely on-device. No photographs are ever uploaded or stored — only a compact numerical descriptor is transmitted for storage. Voice recordings are discarded immediately after transcription and no audio files are written to disk by Zonov.ai.
The Company is not in the business of selling your information. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:
Technology Service Providers: We work with trusted technology service providers to power certain features of the Extension. These providers process data only to the extent necessary to deliver the requested functionality and do not retain or use submitted data for any other purpose. All communication with these providers is routed through our secure backend infrastructure, and no provider credentials or identifiers are ever exposed to end users or embedded in the Extension.
Legal Requirements: The Company may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend the rights or property of the Company, or protect against legal liability.
The Extension does not transmit data to any advertising network, analytics or user-tracking service, social media platform, data broker, or any government service.
We will keep Personal Data for as long as it remains necessary for the identified purpose or as required by law. Patient identity records and face biometric descriptors are retained until deleted by the hospital administrator. Voice recordings, ID card images, and voice transcripts are never stored — they are discarded immediately after processing. Staff session tokens expire automatically and are cleared when the Extension is uninstalled.
Under India's Digital Personal Data Protection Act 2023 (DPDP Act) and GDPR (where applicable), patients have the right to access, correct, or request deletion of their stored data, including face biometric descriptors. These rights should be exercised by contacting the hospital where the data was registered. Hospital administrators can fulfil deletion requests via the Zonov.ai dashboard. For technical assistance, contact arvind@zonov.ai.
The Company does not knowingly collect Personal Data from children under the age of 13. The Extension is a tool used exclusively by authorised hospital staff, and any patient registration — regardless of age — is carried out by trained hospital personnel under the hospital's own consent framework and data protection policies. The hospital, as the data controller, is solely responsible for obtaining appropriate consents and ensuring compliance with applicable regulations for all patients it registers.
The Services and our business may change from time to time. As a result, at times it may be necessary for the Company to make changes to this Privacy Policy. The Company reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any Personal Data. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.
To keep your Personal Data accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Data in our possession that you have previously submitted via the Services.
Please also feel free to contact us if you have any questions about the Company's Privacy Policy or the information practices of the Services.
You may contact us as follows: arvind@zonov.ai