MedhaOS is the Governed Enterprise AI Engine—a white-label AI operating layer that enables SaaS companies to embed semantic search, RAG (Retrieval Augmented Generation), and autonomous agents with strict governance and audit trails.

Is MedhaOS secure for regulated industries?

Yes. MedhaOS is designed for finance and legal sectors, offering strict tenant isolation, immutable JSON-based audit logs, and PII redaction to ensure data sovereignty.

Can I white-label MedhaOS?

Yes. MedhaOS is a white-label solution. You can deploy it under your own domain and branding to provide AI capabilities to your customers without building infrastructure from scratch.

LEGAL

Cookies Policy

Last updated: February 23, 2026

1. Introduction

This Cookies Policy explains how Sastra Innovations (OPC) Private Limited ("we," "our," or "us") uses cookies, local storage, and session storage when you use MedhaOS. This policy should be read together with our Privacy Policy.

2. What Are Cookies and Browser Storage?

2.1 Cookies

Cookies are small text files stored on your device by your web browser. They allow websites to remember your preferences and improve your experience.

2.2 Local Storage

Local storage is a browser feature that allows websites to store data on your device that persists even after you close your browser. Unlike cookies, local storage data is not sent to the server with every request.

2.3 Session Storage

Session storage is similar to local storage but is cleared when you close your browser tab or window. It is used for temporary data that should only persist during your current session.

3. How We Use Cookies and Storage

3.1 Essential Cookies

These cookies are necessary for the Service to function properly. They cannot be disabled in our systems.

medha_admin_token

Type: HTTP-only Cookie

Purpose: Authentication token for admin users. This cookie is essential for maintaining your login session and securing access to administrative features.

Duration: Session-based (expires when you log out or after a period of inactivity)

Security: HttpOnly (not accessible via JavaScript), Secure (transmitted only over HTTPS in production), SameSite=Lax

3.2 Preference Storage

We use browser storage to remember your preferences and improve your experience.

medha-theme

Type: Local Storage

Purpose: Stores your theme preference (light or dark mode) so the website remembers your choice across sessions.

Duration: Persistent (remains until you clear browser data or change the preference)

Data Stored: "light" or "dark" (string value)

3.3 Session Storage

We use session storage for temporary data that should only exist during your current browser session.

API Keys and Tenant Information

Type: Session Storage

Keys Used:

medha_api_key_public - Public API key for browser SDK
medha_api_key_secret - Secret API key (shown once during onboarding)
medha_tenant_id - Your tenant identifier

Purpose: Temporarily stores API keys and tenant information during your session to enable service functionality. These are cleared when you close your browser tab.

Duration: Session-only (cleared when browser tab/window is closed)

Security Note: These values are stored in session storage for convenience but should be managed securely. Secret keys should never be exposed in client-side code in production environments.

4. Third-Party Cookies

Currently, MedhaOS does not use third-party cookies for tracking or advertising purposes. If this changes in the future, we will update this policy and provide you with options to manage such cookies.

5. Managing Cookies and Storage

5.1 Cookie Consent

When you first visit our website, you will see a cookie consent banner. You can choose to accept or reject non-essential cookies. Essential cookies are required for the Service to function and cannot be disabled.

5.2 Browser Settings

You can control cookies and storage through your browser settings:

Chrome: Settings → Privacy and security → Cookies and other site data
Firefox: Options → Privacy & Security → Cookies and Site Data
Safari: Preferences → Privacy → Cookies and website data
Edge: Settings → Cookies and site permissions → Cookies and site data

Note: Disabling cookies or storage may affect the functionality of the Service. Essential cookies are required for authentication and cannot be disabled if you wish to use administrative features.

5.3 Clearing Storage

You can clear cookies and storage data at any time through your browser's settings. This will:

Log you out of administrative sessions
Reset your theme preference
Clear temporary API key storage
Require you to re-enter credentials

6. Updates to This Policy

We may update this Cookies Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date.

7. Contact Us

If you have questions about our use of cookies and storage, please contact us:

Sastra Innovations (OPC) Private Limited

Email: support@medhaos.com

Website: https://medhaos.com