Security at Nutrolis
Last updated 15 July 2026
Doctors trust us with the most sensitive conversations that exist. This page explains — in plain language — exactly how that trust is protected, what we store, what we never store, and who else touches the data.
The headline: consultation audio is never stored
When a doctor records a consultation, the audio travels once, over an encrypted connection, to our servers. It is held in memory only, transcribed, and discarded. It is never written to disk, never placed in cloud storage, and never retained. There is no archive of recordings — not for us, not for an attacker, not for anyone. This was a deliberate architecture decision, and it cost us conveniences like re-processing old audio. We consider the trade obviously worth it.
Encryption
- In transit: all traffic is encrypted with TLS 1.2+.
- At rest: all stored data (transcripts, notes, account details) is encrypted at rest by our database provider using AES-256.
Data isolation, enforced by the database
Every consultation record is bound to the treating doctor's account through row-level security policies enforced by the database itself — not merely by application code. A defect in our web application cannot expose one doctor's records to another, because the database refuses the query. Nutrolis staff do not browse consultation content.
Authentication
Sign-in is handled by Supabase Auth with secure, httpOnly session cookies. Google Sign-In is available via OAuth; we never see or store Google passwords. Sessions can be revoked by signing out on any device.
Who else processes data
We name our subprocessors rather than hide them. Each receives only what it needs, and none may train models on your data.
| Provider | Purpose | Receives |
|---|---|---|
| Supabase | Database & authentication | Account details, transcripts, notes |
| Deepgram | Speech recognition | Consultation audio (transient), returns text |
| Anthropic | Note drafting | Text transcript, returns draft note |
| Resend | Email delivery | Recipient address & PDF, only when you send |
| Netlify | Hosting | Application traffic |
The clinician stays in control
Nutrolis drafts; the doctor approves. Every note requires explicit clinical review before it can be shared, uncertain content is flagged, and missing information is marked “not documented” rather than invented. Nutrolis is a documentation assistant — it is not a medical device and does not diagnose, treat, or prevent any condition.
Data deletion
Doctors can delete any consultation from History at any time, and can request full account deletion at privacy@nutrolis.com. Deletion from the live database is immediate; encrypted backups rotate out within 30 days. See the Privacy Policy for full detail.
Regulatory posture
- India: built around the Digital Personal Data Protection Act, 2023 — the doctor is the Data Fiduciary for patient information; Nutrolis acts as Data Processor on the doctor's instructions.
- Architecture: designed to align with GDPR principles (data minimisation, purpose limitation, deletion rights) for doctors outside India.
- Roadmap: ABDM (Ayushman Bharat Digital Mission) alignment is an active workstream. We will publish certifications here as they are earned — and we will not claim any before they are.
Reporting a vulnerability
If you believe you have found a security issue, email security@nutrolis.com. We commit to acknowledging reports within 72 hours, and we will not pursue good-faith researchers.