ETPL, owner of the EasyHeals website and app (“Website” / “App” respectively), respects your privacy, and seeks to comply with applicable legal requirements, including the Information Technology Act, 2000, in respect of data collection, processing and transfer.
1. What is Personal Information?
Personal information is that information which can be used to directly or indirectly identify you. It includes de-identified data that, when linked to other information available to us, would enable us to identify you. Personal data does not include data that has been irreversibly anonymised or aggregated so that we cannot identify you through it, even in conjugation conjunction with other information.
“Sensitive Personal Data or Information” means personal information of any individual relating to password; financial information such as bank account or credit card or debit card or other payment instrument details; physical, physiological and mental health condition; sexual orientation; health information such as medical records and history; biometric information; any detail relating to the above as provided to or received by us for processing or storage. However, any data / information relating to an individual that is freely available or accessible in public domain or furnished under the Right to Information Act,2005 or any other law shall not qualify as Sensitive Personal Data or Information.
2. What types of data do we collect?
The Website/App, like many other websites uses “Cookies”. Cookies are small data files that a website stores on your web browser. These are used for the purpose of storing your preferences, previous activities browsing activities, profiling and tracking behaviour on this Website. By visiting the App or Website, you acknowledge, accept and expressly authorize the placement of cookies on your web browser. We recommend that you clear the cookies stored on your browser from time to time.
When you sign up or register on the App or Website to use our Services, and during the course of actual usage of our Services, the types of information that will be collected by us include the following:
- Contact information: Name, Address, Contact details, Email ID, Phone Number;
- Your geo-location information to effectively provide you with the nearest Health Service Provider
- Data regarding your usage of the Services such as search history and history of the appointments made by you through the use of Services;
- Financial information such as bank account or credit card or debit card or other payment instrument details and billing information;
- Your browsing history including the URL of the site that you visited prior to visiting the Website as well as the Internet Protocol (IP) address of your computer (or the proxy server you used to access the World Wide Web),your computer operating system and type of web browser you are using, the name of your ISP;
- Any additional information that you provide to us during the use of the Services, through any mode of communication or during any interaction with our employees, doctors, technicians, consultants,etc.,of or any other entity in the EasyHeals Group including while availing its services;
- Health information such as your medical records and history which you voluntarily provide or is generated on usage of any of the services availed by you
- Information regarding your insurance coverage (such as your insurance carrier and insurance plan) which you voluntarily provide or is generated on availing any of the Services;
- Information regarding your physical, physiological and mental health condition which you voluntarily provide or is generated on usage of the Services including information such as (i) inpatient and emergency department data; (ii) outpatient registration, scheduling, and encounter data;(iii)laboratory data;(iv)radiology data;(v)pharmacy orders data;(vi)e-prescribing data;(vii) pharmacy dispensing data; (vii) medical administration data; (ix) administrative and operational data; (x) transaction data;
- Any other information that is collected or generated in the course of availing the Services;
- Any other detail relating to the above as voluntarily provided to us by you, for providing value added service; and
3. Where do we collect your data from?
For end users:
- Any information that you voluntarily choose to provide to us through App, Website, email, during interaction with us on call or chat and other modes of communication;
- Information that we collect from healthcare service providers (“HSPs”) such as doctors, hospitals, diagnostic centres, chemists etc. in the EasyHeals Group, to whom you have permitted the sharing of your personal information;
- Data you have provided to any group company of the Company, affiliates, associates, subsidiary, holding company of the Company, associates and subsidiaries of holding company of the Company, to whom you have given consent for sharing of such information.
- Before on boarding you, we may request information regarding your qualifications, experience, public profile, and representations made by you to us;
- During your usage of the App /Website, we may collect information based on your use of the Services;
- We may collect other information that you voluntarily choose to provide to us through App, Website, email, during interaction with us on call or chat and other modes of communication;
- We may collect information from any group company, affiliates, associates, subsidiary, holding company of the Company, associates and subsidiaries of holding company of the Company to whom you have given consent for sharing of information for availing value added service.
4. How do we use your data?
We use your personal information for purposes that include the following:
General (end users and HSPs):
- Your registration for the purpose of receiving our Services, identification, communication, notification and for fulfilment of the Terms and Conditions [https: //easyheals.com/terms];
- Offering you personalized Services and targeted advertisements of various healthcare and wellness plans and offering you customised health insights;
- Addressing your requests, queries and complaints, if any, pertaining to our Services; taking feedback, assisting you with completion of transactions or other issues relating to the use of Services and other customer care related activities;
- Leveraging services from EasyHeals group companies and customising suggestions for appropriate medical products and services;
- Creating insights for corporate / business strategy and marketing operations of EasyHeals group companies;
- Developing machine learning algorithms and tools to improve targeting of services, diagnostics and treatment protocols and other products and services;
- Contacting you to provide information on new Services, features, products, special promotions or offers, both of the EasyHeals group entities and affiliates as well as
- third-party offers or products with whom we have a tie-up and which are relevant to use of the Services;
- Technical administration and customization of Website, and other general administrative and business purposes;
- Research and analysis for the development and improvement of products and services;
- Disclosure as required to government authorities in compliance with applicable law;
- Carrying out our obligations in relation to any agreement with affiliate companies, EasyHeals group companies, our business partners or contractors;
- Investigating, enforcing and resolving any disputes or grievances; and
- Any other purpose required by applicable law.
For end users only:
- Creation and maintenance of health records in electronic form in the Personal Health Record (PHR) database for use by us and the EasyHeals group companies, affiliates, etc., to provide relevant services;
- Create your unified profile with analytics and insights generated through processing your personal information;
- For sharing with your chosen HSP in the EasyHeals Group like doctors, hospitals, diagnostic centres, chemists who may provide you services under the App or Website;
- Processing any orders/requests you may place using our Services.
- For verifying your professional credentials and any representations you have made to us;
- For processing any payments made to you;
- For providing recommendations to end users based on your expertise and specialisations ;
- For providing any other service to you.
5. How long will we retain your data?
We store your personal information in accordance with applicable laws, which means we keep your data for as long as necessary to provide you with our Services or as may be required under any law. We shall store your personal information for lawful purposes only. We keep de-identified data for research and statistical purposes for a longer period.
If you close your account, we have no obligation to retain your data, and we may delete any or all of your data without liability. However, we may retain data related to you if we believe it may be necessary to prevent fraud or future abuse, or if required by law, or for other legitimate purposes. We may continue to store your data in anonymised or de-identified form for analytical, research or other purposes for which your information is collected as previously indicated.
6. Disclosure and transfer of your data
We may share, disclose and in some cases transfer your personal information to such entities as required to provide Services to you, improve our Services, and to provide value added services or other third party products and services, to the extent permitted by applicable law. These entities may be located outside India, which you hereby consent to. We require such entities to protect your information through equivalent security measures as what we would adopt. An indicative list of entities we may disclose or transfer information to, are provided below:
a. Service Providers:
We share personal information with companies that provide Services on our behalf, such as website hosting, data storage, software services, email services, marketing, fulfilling customer orders, providing payment related services including payment aggregation, data analytics, data mining, providing customer services, and conducting surveys, as permitted by applicable law. These companies may be located within or outside India, but in any case are obligated to protect your data.
We may also share information with employees, data processors, consultants, business partners and technology partners on a need to know basis. Such entities would be contractually obligated to maintain confidentiality in relation to your data.
If you are an end user, your personal information will also be shared with your chosen HSPs.
b. Business Affiliates:
We may disclose or transfer some of your information to entities in the EasyHeals, affiliates, associates, subsidiary, holding company of the Company, associates and subsidiary of holding company of the Company including foreign entities, and in particular group companies and affiliates who are involved in the provision of products and services, to the extent permitted by applicable law.
In the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, asset sale, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer any and all personal information to the relevant third party with the same rights of access and use.
c. Law Enforcement Agencies:
We may share information with law enforcement agencies pursuant to lawful requests for information, and otherwise as required under any law applicable at the given time, both in India and outside India.
d. Other Third Parties:
We may also disclose personal information if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users.
Anonymised, aggregated data may be shared with advertisers, research firms and other partners.
7. How do we protect your data?
We are committed towards maintaining the privacy of the information uploaded by you on the Website and complying with the industry standard security safeguards for the purpose of securing the Website and the information provided / uploaded by you.
We use reasonable technical, administrative, and physical security measures for the purpose of safeguarding all data you share with us. We also have comprehensive internal policies in place to prevent unauthorized access to your data. We take adequate steps to ensure that third parties we share data with also adopt reasonable level of security practices and procedures to ensure the privacy and security of your information.
However, we are not responsible for any loss, unauthorised access, safety issue or any harm caused to you by any misuse of your personal information, unless it is a direct and foreseeable consequence of negligence and non-compliance on our part only. You hereby acknowledge that we are not responsible, in particular, for any third party action or action on your part leading to loss, damage or harm to you or any other person.
For any data loss or theft due to unauthorized access to your electronic devices through which you avail our Services, Company shall not be held liable for any loss whatsoever incurred by you. Further, you are liable to indemnify the Company as per the Terms of Service.
8. What are your rights?
We take reasonable steps to ensure that your personal information is accurate, complete, and up to date. However, you have the sole responsibility of ensuring that you review the accuracy of information provided by you and contact us in case of discrepancies, or in case you wish to discontinue the use of our Services. You have the following rights with regard to your personal information:
You have the right to access your personal information, and request updation, correction and deletion. If your personal information changes, you may correct, delete inaccuracies, or amend information by making the change on our member information page or by contacting us through [firstname.lastname@example.org].We will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable. If you provide any information that is untrue, inaccurate, out of date or incomplete (or subsequently becomes untrue, inaccurate, out of date or incomplete), or we have reasonable grounds to suspect that the information provided by you is untrue, inaccurate, out of date or incomplete, we may, at our sole discretion, discontinue the provision of the Services to you. There may be circumstances where we will not correct, delete or update your personal information, including (a) where the personal information is opinion data that is kept solely for evaluative purpose; (b) the personal information is in documents related to a prosecution if all proceedings relating to the prosecution have not been completed; and(c) where your information has already been processed in de-identified form.
You are free to not to share any medical or other information that you consider confidential and withdraw consent for us to use data that you have already provided. In the event that you refuse to share any information or withdraw consent to process information that you have previously given to us, we reserve the right to restrict or deny the provision of our Services for which we consider such information to be necessary.
You may contact email@example.com for any questions or for exercise of these rights. We will respond to your request within a reasonable time.
9. Third Party Websites and Services
Our Website and App may contain links to third party services, and give you the ability to access such third-party websites, products, and services. Please note that you may proceed to the use of such third party website or service at your own risk and the Company will not be held liable for any outcome or harm arising as a result of your use of such third party websites or services. Please read the privacy policies of any third party before proceeding to use their websites, products, or services.