MedFast.AI

Trust & Compliance

How we handle your medical data

We built MedFast.AI around four principles, each with concrete engineering choices behind them. This page is the public record of what we've done, when it was last reviewed, and where to ask questions.

We don't give medical advice

The AI is configured as an explainer only. It cannot diagnose, prescribe, or instruct action — every result tells you to consult your doctor.

Your medical data stays on your device

Reports, family vault, notes, passport, medications, photos, trends — all in your browser. Never transmitted to our servers.

DPDP-compliant by design

India's Digital Personal Data Protection Act, 2023. Consent recorded with version + timestamp; rights of access, correction, erasure honoured.

AI can be wrong — we say so

Every user must acknowledge a 3-checkbox safety notice before first use. Every result page repeats the reminder.

What we've done — and where to verify it

AreaWhat we've doneWhere
Privacy PolicyLive, versioned. Last updated: 2026-05-28 (v2).Open
Terms of ServiceLive, versioned. Last updated: 2026-05-28 (v1).Open
Grievance OfficerNamed in privacy policy + footer. 48-hour acknowledgement, 30-day resolution.Contact
Right of access (DPDP §11)One-click JSON download of everything we hold on you. Account info, every AI call, audit events — no medical content, because we don't have any.Account → Your data
Right of erasure (DPDP §12)Self-service account deletion. Removed within 7 days.Account → Delete
Proof of consentPrivacy policy version + timestamp recorded per user at signup. Safety-notice acknowledgement recorded with version + timestamp on first launch.Server-side audit trail
Adult-only accountsAccount holders must be 18+. Server-enforced. Children added to the Family Vault stay local-only on the parent's device.Enforced at /signup
Guardian consentWhen adding a person to the Family Vault, account holder acknowledges consent / lawful guardianship./family
Data minimisationOur database stores only: account row, salted IP hash, per-analysis usage row (no content), admin audit events. Medical content never reaches our server.Architectural
Cross-border transfersDisclosed: Vercel (USA), Neon (USA/EU), Google Gemini (USA), OpenRouter/Anthropic (USA), Resend (USA). Permitted under current DPDP rules.Privacy §13
Breach notification72-hour DPBI + affected-user notification runbook, including templates and contact tree.Internal: docs/breach-runbook.md
Data Protection Impact AssessmentDocumented risks, mitigations, and residual risks. Reviewed every 6 months.Internal: docs/dpia.md
Security baselinebcrypt password hashing, HttpOnly JWT cookies, HTTPS + HSTS, CSP, salted IP hashing, defence-in-depth prompt-injection filtering, parameterised SQL via Drizzle.Privacy §10
AI safety promptsEvery AI route is configured as an information-only explainer. Explicit rules forbid diagnosis, prescription, and imperative instructions.lib/prompts.ts and others
First-launch safety gate3-checkbox forced acknowledgement before any use. Cannot be dismissed without ticking.In-app, all routes
Right to withdraw marketing consentSeparate, optional opt-in at signup. Withdrawn by emailing the Grievance Officer.Email us
No advertising, no third-party trackersWe do not show ads. We do not embed third-party analytics or trackers. Cookies used only for authentication.Architectural

What MedFast.AI is NOT

  • Not a medical device within the meaning of the Drugs & Cosmetics Act / CDSCO regulations. We do not diagnose.
  • Not telemedicine under the Telemedicine Practice Guidelines 2020. We do not advise; we translate.
  • Not an emergency service. In a medical emergency, call 112 (India) — do not rely on this app.
  • Not always right. AI explanations can be wrong. Confirm with a qualified medical professional before acting on anything.

The architectural promise

The strongest privacy guarantee is one a server cannot break — because the data never reaches the server. MedFast.AI stores all of your medical content (reports, family vault, notes, passport, medications, photos, trends, vaccinations, lifestyle profile) in your browser's local storage and IndexedDB. The only thing that briefly leaves your device is the text or image you upload to be analysed — passed through to the AI for one inference, then discarded. No logs, no caches, no model training.

Switch browsers, clear your cache, or delete the app — your medical data goes with it. We never had a copy.

Questions, audits, or partnership conversations

For DPDP grievances, security reports, audit requests, or B2B partnership conversations (hospital, lab, insurer), write to hslamba95@gmail.com. The Grievance Officer / Data Protection contact is Harkirat Singh Lamba, India.

This page is a living summary. Last reviewed alongside the privacy policy on 2026-05-28 (v2).