Skip to main content

Security

Your health data is sacred

We built Zelnoo with security as a first principle — not an afterthought. Here's exactly how we protect your data.

End-to-End Encryption

All health data is encrypted at rest (AES-256) and in transit (TLS 1.3). Your reports are never stored in plain text.

Consent-First Access

You control who can see your records. Sharing a report with a doctor requires an explicit consent action from you — every single time.

Built for India's DPDP Act

We're building toward India's Digital Personal Data Protection Act, 2023. Data is stored on servers within India and processed under strict data minimisation principles.

Secure Infrastructure

Hosted on AWS ap-south-1 (Mumbai) with multi-AZ redundancy, automated backups, and network isolation via private VPCs.

Zero Data Selling

We do not sell, rent, or trade your personal or health data to any third party. Your data is never used to train external AI models.

Breach Notification

In the unlikely event of a security incident, we commit to notifying affected users within 72 hours.

Certifications & Compliance

NABL-accredited partner labs onlyActive
DPDP Act, 2023 alignmentIn progress
AWS infrastructure (ap-south-1)Active
SOC 2 Type IIIn progress
ISO 27001Planned Q3 2026
HIPAA alignmentPlanned Q4 2026