Our Core Commitment
At CaseIndex (a product of Discrete Log Technologies Pvt Ltd), we build modern practice management software that respects user ownership. We do not own, store on our servers, or sell your patients' clinical documents, photos, or medical history. Your data lives in your own Google Workspace account (Google Calendar, Drive, and Sheets). Our platform acts as a secure lens that helps you and your team access, search, and manage it seamlessly.
Google Workspace Data Sovereignty
Because all clinic files are stored inside your own Google Drive and Google Calendar accounts, you maintain complete data sovereignty. If you ever stop using CaseIndex, you retain 100% of your records, documents, and schedules directly in your Google Account.
1. Information Collected & Used
To provide practice management services, CaseIndex interacts with two categories of data:
- Account Information: We store your clinic name, contact details, user logins, receptionists' credentials, and app configuration settings (e.g. clinic hours, doctor names) on our secure servers to enable multi-tenant access.
- Google Account Data (via OAuth 2.0 API Scopes): When you link your Google Workspace
account, our application requests permissions to perform actions strictly on your behalf:
- Google Calendar: To display, create, and modify appointments on your clinic's schedules.
- Google Drive: To create clinical folders, upload scanned medical documents or patient photos, and organize case records.
- Google Sheets: To log bookings and generate analytics for your clinic's performance.
2. How We Access Google User Data
CaseIndex accesses Google APIs using industry-standard **OAuth 2.0** secure authorization protocols. The tokens generated during authorization are stored securely using encryption. Our servers only interact with these APIs to carry out actions explicitly initiated by you or your patients (such as scheduling a slot or uploading a case image from the mobile app).
3. Data Sharing & Third-Party Disclosure
We do not share, lease, sell, or distribute patient medical records or Google User Data with any third parties. Google API data is used exclusively to display practice information back to you inside the secure CaseIndex dashboard and app.
4. Patient Communications (WhatsApp & SMS)
When a patient books an appointment, CaseIndex transmits confirmation details (like patient name, doctor, and time slot) to Meta's WhatsApp Business API or our transactional SMS gateway providers solely to deliver booking alerts, notifications, and reminders. No clinical records or diagnostic notes are ever transmitted over these communication channels.
5. Data Security & Storage
We take security very seriously. All communications between our client apps and backend servers are encrypted using Transport Layer Security (TLS/SSL). Any local application data stored on our servers is protected behind modern firewall networks and restricted access policies. Google Workspace data is fully protected by Google's world-class physical and logical cloud security frameworks.
6. Changes to This Policy
We may update our Privacy Policy from time to time as we add new integrations. We will notify you of any major changes by updating the policy page or posting notifications in the app dashboard.
7. Geographic Availability (Exclusively for India)
CaseIndex is built and operated by an Indian company, and our services are designed and hosted exclusively for medical practices and clinics operating within the Republic of India.
We do not solicit business, offer services, or target clinical users located in other international regions (such as the European Union or the United States). By keeping our focus entirely local, we ensure our workflows fit the daily needs of Indian healthcare professionals and comply with local standards.
8. Your Data Rights & Controls
We believe you should have complete control over your account. Even though your clinical files live inside your own Google Drive (and are never copied to our servers), you have the following clear rights regarding the basic clinic account info we store on our servers:
- View Your Info: You can ask us for a summary of the clinic details, staff logins, and configuration details stored in your account.
- Update or Correct: You can edit or correct any outdated clinic details, receptionist names, or scheduling rules at any time through the app.
- Request Deletion: If you choose to close your CaseIndex account, you can request that we permanently delete your clinic registration and staff credentials from our servers. Since your patient folders and calendars are hosted in your own Google account, they will remain completely untouched and fully owned by you.
- Withdraw Consent: You can stop using our integration services at any time. (Please note that doing so will deactivate the sync tools, as we need basic account credentials to run them).
9. Questions, Feedback & Grievance Support
If you have any questions, feedback, or compliance queries about how CaseIndex handles your account info, you can reach out directly to our team member in charge of privacy coordination:
- Contact Person: Sachin Doshi (Director)
- Company: Discrete Log Technologies Pvt Ltd
- Email: sachin@discretelog.com
- Location: Pune, Maharashtra, India.
Last updated: May 28, 2026