The Oushvaa privacy policy is in preparation. Full text will be published before any production customer onboarding completes.
This marketing site (oushvaa.com) collects no personal data from visitors. No signup forms, no analytics tracking beyond Cloudflare's aggregate request logs, no cookies set by our own application. All pages are static HTML served from Cloudflare's edge.
The Oushvaa platform itself — Procure (oushvaa.ai), DrugIQ, MedevIQ, BiologicsIQ — handles institutional customer data under closed-by-default architecture. Every endpoint requires authentication. No anonymous public surfaces. Data processing agreements are available to verified customers under signed NDA.
The platform runs on a deliberately small set of sub-processors: Supabase (Postgres + auth), Cloudflare (CDN, DNS, R2 storage), Vercel (workflow hosting), Resend (transactional email), Anthropic (AI inference), Sentry (error monitoring). The current sub-processor list is detailed on the Trust page.
Oushvaa operates under India's Digital Personal Data Protection Act (DPDPA, 2023) as the primary jurisdiction. Cross-border processing under GDPR (EU customers) and equivalents in target expansion markets is in scope for the published version. SOC 2 Type I audit observation begins Q4 2026; ISO 27001 follows in 2027.
Privacy questions, data subject requests, or specific compliance inquiries: privacy@oushvaa.com. We respond within 24 hours on business days.
Last updated: pending publication of full policy.