Security & trust, in plain language.
What we do, what we deliberately don't claim, and how to check us.
Where your data lives
All clinic and patient data is stored in a professional data centre in Mumbai, India (AWS ap-south-1, operated via Supabase). It is not replicated outside India. Connections are encrypted with TLS; storage is encrypted at rest.
Who can see it
Only your clinic's staff, signed in with their own accounts. Isolation between clinics is enforced inside the database engine itself (row-level security), not just in the application — a bug in a screen cannot leak another clinic's records. Foveal's own platform administrators are structurally excluded from reading patient data: the database policies deny it, and our automated test suite proves that denial on every code change.
DPDP, by design
- Consent is captured at patient registration — with timestamp and the staff member who recorded it.
- Every clinically significant action is written to an audit log scoped to your clinic.
- Your full clinic data is exportable as CSV by your clinic owner, anytime — including if you leave, and including during the 30-day money-back window.
- We act as a data processor on your clinic's behalf; your clinic remains the data fiduciary. Our privacy policy says this without fine print.
What we don't claim: there is no such thing as a "DPDP certificate", so we won't wave one at you. We build to the Act's obligations and put the mechanisms above in writing instead.
ABDM / ABHA
ABHA integration is on our roadmap — planned, not yet certified. When Foveal completes ABDM integration it will be announced here; until then we won't call ourselves ABHA-compliant, and we'd encourage you to ask any vendor who does for their certification details.
Backups & the boring discipline
- Automatic daily backups, plus a manual backup before every software change.
- Restore drills actually performed on a schedule — a backup that's never been restored is a rumour, not a backup.
- Error monitoring configured so we usually know about a problem before you message us.
Your notes are sacred
A design rule enforced across the product: nothing you typed is ever silently overwritten. Templates and "mark normal" fill only blank fields. Drafts autosave locally and survive power cuts, and local drafts are wiped when you sign out.
Honest limits
- Foveal needs an internet connection. If yours drops, use paper for the hour and enter later — your stored data is unaffected.
- Foveal is a record-keeping tool. It does not make clinical decisions and never replaces clinical judgment.
- Patient-data encryption where even our infrastructure cannot technically read records (client-side encryption) is on the roadmap, not shipped today. We say "encrypted in transit and at rest" because that is exactly what is true.