Skip to main content

Security

Your health data is sacred

We built Zelnoo with security as a first principle — not an afterthought. Here's exactly how we protect your data.

End-to-End Encryption

All health data is encrypted at rest (AES-256) and in transit (TLS 1.3). Your reports are never stored in plain text.

Consent-First Access

You control who can see your records. Sharing a report with a doctor requires an explicit consent action from you — every single time.

PDPB Compliant

We're built for India's Personal Data Protection Bill framework. Data is stored on servers within India and processed under strict data minimisation principles.

Secure Infrastructure

Hosted on AWS ap-south-1 (Mumbai) with multi-AZ redundancy, automated backups, and network isolation via private VPCs.

Zero Data Selling

We do not sell, rent, or trade your personal or health data to any third party. Your data is never used to train external AI models.

Breach Notification

In the unlikely event of a security incident, we commit to notifying affected users within 72 hours — faster than any regulatory requirement.

Certifications & Compliance

NABL-accredited partner labs onlyActive
PDPB framework alignmentActive
AWS infrastructure (ap-south-1)Active
SOC 2 Type IIIn progress
ISO 27001Planned Q3 2026
HIPAA alignmentPlanned Q4 2026