DORUS HEALTH PRIVATE LIMITED (“us”, “we”, or “Medilife Hospitals”, which also includes its affiliates) is the author and publisher of the internet resource www.ezhealth.in (“Website”) on the world wide web as well as the software and applications provided by MEDILIFE HOSPITALS, including but not limited to the mobile applications, and the software and applications of the brand name ‘MEDILIFE HOSPITALS ’, ‘DORUS HEALTH’ content (together with the Website, referred to as the “Services”).
- Section 43A of the Information Technology Act, 2000;
- Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the “SPI Rules”);
- Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011.
- The type of information collected from the Users, including Personal Information (as defined in paragraph 2 below) and Sensitive Personal Data or Information (as defined in paragraph 2 below) relating to an individual;
- The purpose, means and modes of collection, usage, processing, retention and destruction of such information; and
- How and to whom DORUS HEALTH will disclose such information.
- COLLECTION OF PERSONAL INFORMATION
Generally some of the Services require us to know who you are so that we can best meet your needs. When you access the Services, or through any interaction with us via emails, telephone calls or other correspondence, we may ask you to voluntarily provide us with certain information that personally identifies you or could be used to personally identify you. You hereby consent to the collection of such information by DORUS HEALTH. Without prejudice to the generality of the above, information collected by us from you may include (but is not limited to) the following:
- contact data (such as your email address and phone number);
- demographic data (such as your gender, your date of birth and your pin code);
- data regarding your usage of the services and history of the appointments, lab orders made by or with you through the use of Services;
- other information that you voluntarily choose to provide to us (such as information shared by you with us through emails or letters.
The information collected from you by MEDILIFE HOSPITALS / DORUS HEALTH may constitute ‘personal information’ or ‘sensitive personal data or information’ under the SPI Rules.
“Personal Information” is defined under the SPI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available to a body corporate, is capable of identifying such person.
The SPI Rules further define “Sensitive Personal Data or Information” of a person to mean personal information about that person relating to:
- financial information such as bank accounts, credit and debit card details or other payment instrument details;
- physical, physiological and mental health condition;
- sexual orientation;
- medical records and history;
- biometric information;
- information received by body corporate under lawful contract or otherwise;
- visitor details as provided at the time of registration or thereafter; and
- call data records.
MEDILIFE HOSPITALS will be free to use, collect and disclose information that is freely available in the public domain without your consent.
- PRIVACY STATEMENTS
- 1 ALL USERS NOTE:
This section applies to all users.
- 1.3 All the information provided to MEDILIFE HOSPITALS by a User, including Personal Information or any Sensitive Personal Data or Information, is voluntary. You understand that MEDILIFE HOSPITALS may use certain information of yours, which has been designated as Personal Information or ‘Sensitive Personal Data or Information’ under the SPI Rules, (a) for the purpose of providing you the Services, (b) for commercial purposes and in an aggregated or non-personally identifiable form for research, statistical analysis and business intelligence purposes, (c) for sale or transfer of such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates (d) for communication purpose so as to provide You a better way of booking appointments and for obtaining feedback in relation to the Providers and their practice, (e) debugging customer support related issues.. MEDILIFE HOSPITALS also reserves the right to use information provided by or about the End-User for the following purposes:
- Publishing such information on the Website.
- Contacting End-Users for offering new products or services.
- Contacting End-Users for taking product and Service feedback.
- Analyzing software usage patterns for improving product design and utility.
- Analyzing anonymized practice information for commercial use.
If you have voluntarily provided your Personal Information to MEDILIFE HOSPITALS for any of the purposes stated above, you hereby consent to such collection and use of such information by MEDILIFE HOSPITALS. However, MEDILIFE HOSPITALS shall not contact You on Your telephone number(s) for any purpose including those mentioned in this sub-section 4.1(iii), if such telephone number is registered with the Do Not Call registry (“DND Registry”) under the PDPA without your express, clear and un-ambiguous written consent.
- 1.5 MEDILIFE HOSPITALS does not control or endorse the content, messages or information found in any Services and, therefore, MEDILIFE HOSPITALS specifically disclaims any liability with regard to the Services and any actions resulting from your participation in any Services, and you agree that you waive any claims against MEDILIFE HOSPITALS relating to same, and to the extent such waiver may be ineffective, you agree to release any claims against MEDILIFE HOSPITALS relating to the same.
- 1.6 You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information provided as part of account registration. If your personal information changes, you may correct, delete inaccuracies, or amend information by making the change on our member information page or by contacting us through firstname.lastname@example.org. We will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable. If you provide any information that is untrue, inaccurate, out of date or incomplete (or becomes untrue, inaccurate, out of date or incomplete), or MEDILIFE HOSPITALS has reasonable grounds to suspect that the information provided by you is untrue, inaccurate, out of date or incomplete, MEDILIFE HOSPITALS may, at its sole discretion, discontinue the provision of the Services to you. There may be circumstances where MEDILIFE HOSPITALS will not correct, delete or update your Personal Data, including (a) where the Personal Data is opinion data that is kept solely for evaluative purpose; and (b) the Personal Data is in documents related to a prosecution if all proceedings relating to the prosecution have not been completed.
- 1.7 If you wish to cancel your account or request that we no longer use your information to provide you Services, contact us through email@example.com . We will retain your information for as long as your account with the Services is active and as needed to provide you the Services. We shall not retain such information for longer than is required for the purposes for which the information may lawfully be used or is otherwise required under any other law for the time being in force. After a period of time, your data may be anonymized and aggregated, and then may be held by us as long as necessary for us to provide our Services effectively, but our use of the anonymized data will be solely for analytic purposes. Please note that your withdrawal of consent, or cancellation of account may result in MEDILIFE HOSPITALS being unable to provide you with its Services or to terminate any existing relationship MEDILIFE HOSPITALS may have with you.
- 1.8 If you wish to opt-out of receiving non-essential communications such as promotional and marketing-related information regarding the Services, please send us an email at firstname.lastname@example.org .
- 1.9 MEDILIFE HOSPITALS may require the User to pay with a credit card, wire transfer, debit card or cheque for Services for which subscription amount(s) is/are payable. MEDILIFE HOSPITALS will collect such User’s credit card number and/or other financial institution information such as bank account numbers and will use that information for the billing and payment processes, including but not limited to the use and disclosure of such credit card number and information to third parties as necessary to complete such billing operation. Verification of credit information, however, is accomplished solely by the User through the authentication process. User’s credit-card/debit card details are transacted upon secure sites of approved payment gateways which are digitally under encryption, thereby providing the highest possible degree of care as per current technology. However, MEDILIFE HOSPITALS provides you an option not to save your payment details. User is advised, however, that internet technology is not full proof safe and User should exercise discretion on using the same.
- 1.10 Due to the communications standards on the Internet, when a User or the End-User or anyone who visits the Website, MEDILIFE HOSPITALS automatically receives the URL of the site from which anyone visits. MEDILIFE HOSPITALS also receives the Internet Protocol (IP) address of each User’s computer (or the proxy server a User used to access the World Wide Web), User’s computer operating system and type of web browser the User is using, email patterns, as well as the name of User’s ISP. This information is used to analyze overall trends to help MEDILIFE HOSPITALS improve its Service. The linkage between User’s IP address and User’s personally identifiable information is not shared with or disclosed to third parties. Notwithstanding the above, MEDILIFE HOSPITALS may share and/or disclose some of the aggregate findings (not the specific data) in anonymized form (i.e., non-personally identifiable) with advertisers, sponsors, investors, strategic partners, and others in order to help grow its business.
- 1.11 The Website uses temporary cookies to store certain (that is not sensitive personal data or information) that is used by MEDILIFE HOSPITALS and its service providers for the technical administration of the Website, research and development, and for User administration. In the course of serving advertisements or optimizing services to its Users, MEDILIFE HOSPITALS may allow authorized third parties to place or recognize a unique cookie on the User’s browser. The cookies however, do not store any Personal Information of the User. You may adjust your internet browser to disable cookies. If cookies are disabled you may still use the Website, but the Website may be limited in the use of some of the features.
- 1.12 A User may have limited access to the Website without creating an account on the Website. Unregistered Users can make appointments with the doctors by providing their name and phone number. In order to have access to all the features and benefits on our Website, a User must first create an account on our Website. To create an account, a User is required to provide the following information, which such User recognizes and expressly acknowledges is Personal Information allowing others, including MEDILIFE HOSPITALS, to identify the User: name, User ID, email address, country, ZIP/postal code, age, phone number, password chosen by the User and valid financial account information. Other information requested on the registration page, including the ability to receive promotional offers from MEDILIFE HOSPITALS, is optional. MEDILIFE HOSPITALS may, in future, include other optional requests for information from the User to help MEDILIFE HOSPITALS to customize the Website to deliver personalized information to the User.
- 1.14 The Website may enable User to communicate with other Users or to post information to be accessed by others, whereupon other Users may collect such data. Such Users, including any moderators or administrators, are not authorized MEDILIFE HOSPITALS representatives or agents, and their opinions or statements do not necessarily reflect those of MEDILIFE HOSPITALS, and they are not authorized to bind MEDILIFE HOSPITALS to any contract. MEDILIFE HOSPITALS hereby expressly disclaims any liability for any reliance or misuse of such information that is made available by Users or visitors in such a manner.
- 1.16 MEDILIFE HOSPITALS maintains a strict “No-Spam” policy, which means that MEDILIFE HOSPITALS does not intend to sell, rent or otherwise give your e-mail address to a third party without your consent.
- 1.17 MEDILIFE HOSPITALS has implemented best international market practices and security policies, rules and technical measures to protect the personal data that it has under its control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. However, for any data loss or theft due to unauthorized access to the User’s electronic devices through which the User avails the Services, MEDILIFE HOSPITALS shall not be held liable for any loss whatsoever incurred by the User.
- 1.18 MEDILIFE HOSPITALS implements reasonable security practices and procedures and has a comprehensive documented information security programme and information security policies that contain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of MEDILIFE HOSPITALS’s business.
- 2 PROVIDERS NOTE:
This section applies to all Providers.
- 2.1 As part of the registration as well as the application creation and submission process that is available to Providers on MEDILIFE HOSPITALS, certain information, including Personal Information or Sensitive Personal Data or Information is collected from the Providers.
- 2.3 Providers’ personally identifiable information, which they choose to provide to MEDILIFE HOSPITALS, is used to help the Providers describe and identify themselves. This information is exclusively owned by MEDILIFE HOSPITALS You will be the owner of your information and you consent to MEDILIFE HOSPITALS collecting, using, processing and/or disclosing this information for the purposes hereinafter stated . MEDILIFE HOSPITALS may use such information for commercial purposes and in an aggregated or non-personally identifiable form for research, statistical analysis and business intelligence purposes, and may sell or otherwise transfer such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates. MEDILIFE HOSPITALS also reserves the right to use information provided by or about the Provider for the following purposes:
- Publishing such information on the Website.
- Contacting Providers for offering new products or services subject to the telephone number registered with the DNC Registry.
- Contacting Providers for taking product feedback.
- Analyzing software usage patterns for improving product design and utility.
- Analyzing anonymized practice information including financial, and inventory information for commercial use.
- 2.4 MEDILIFE HOSPITALS automatically enables the listing of Providers’ information on its Website for every ‘Doctor’ or ‘Clinic’ added to a Practice using its software. The Provider information listed on Website is displayed when End-Users search for doctors on Website, and the Provider information listed on Website is used by End-Users to request for TagIt Appointments. Any personally identifiable information of the Providers listed on the Website is not generated by MEDILIFE HOSPITALS and is provided to MEDILIFE HOSPITALS by Providers who wish to enlist themselves on the Website, or is collected by MEDILIFE HOSPITALS from the public domain. MEDILIFE HOSPITALS displays such information on its Website on an as-is basis making no representation or warranty on the accuracy or completeness of the information. As such, we strongly encourage Providers to check the accuracy and completeness of their information from time to time, and inform us immediately of any discrepancies, changes or updates to such information. MEDILIFE HOSPITALS will, however, take reasonable steps to ensure the accuracy and completeness of this information.
- 2.5 MEDILIFE HOSPITALS may also display information for Providers who have not signed up or registered for the Services, provided that the Providers have consented to MEDILIFE HOSPITALS collecting, processing and/or disclosing their information on the Website. Such Providers are verified by MEDILIFE HOSPITALS or its associates, and MEDILIFE HOSPITALS makes every effort to capture accurate information for such Providers. However, MEDILIFE HOSPITALS does not undertake any liability for any incorrect or incomplete information appearing on the Website for such Providers.
- 3 END-USERS NOTE:
This section applies to all End-Users.
- 3.1 As part of the registration/application creation and submission process that is available to End-Users on this Website, certain information, including Personal Information or Sensitive Personal Data or Information is collected from the End-Users.
- 3.3 If you have inadvertently submitted any such information to MEDILIFE HOSPITALS prior to reading the privacy statements set out herein, and you do not agree with the manner in which such information is collected, processed, stored, used or disclosed, then you may access, modify and delete such information by using options provided on the Website. In addition, you can, by sending an email to email@example.com, inquire whether MEDILIFE HOSPITALS is in possession of your personal data, and you may also require MEDILIFE HOSPITALS to delete and destroy all such information.
- 3.4 End-Users’ personally identifiable information, which they choose to provide on the Website is used to help the End-Users describe/identify themselves. Other information that does not personally identify the End-Users as an individual, is collected by MEDILIFE HOSPITALS from End-Users (such as, patterns of utilization described above) and is exclusively owned by MEDILIFE HOSPITALS. MEDILIFE HOSPITALS may also use such information in an aggregated or non-personally identifiable form for research, statistical analysis and business intelligence purposes, and may sell or otherwise transfer such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates. In particular, MEDILIFE HOSPITALS reserves with it the right to use anonymized End-User demographics information and anonymized End-User health information for the following purposes:
- Analyzing software usage patterns for improving product design and utility.
- Analyzing such information for research and development of new technologies.
- Using analysis of such information in other commercial product offerings of MEDILIFE HOSPITALS.
- Sharing analysis of such information with third parties for commercial use.
- 3.5 MEDILIFE HOSPITALS will communicate with the End-Users through email, phone and notices posted on the Website or through other means available through the service, including text and other forms of messaging. The End-Users can change their e-mail and contact preferences at any time by logging into their “Account” at www.ezhealth.in and changing the account settings.
- 3.6 At times, MEDILIFE HOSPITALS conducts a User survey to collect information about End-Users’ preferences. These surveys are optional and if End-Users choose to respond, their responses will be kept anonymous. Similarly, MEDILIFE HOSPITALS may offer contests to qualifying End-Users in which we ask for contact and demographic information such as name, email address and mailing address. The demographic information that MEDILIFE HOSPITALS collects in the registration process and through surveys is used to help MEDILIFE HOSPITALS improve its Services to meet the needs and preferences of End-Users.
- 3.7 MEDILIFE HOSPITALS may keep records of electronic communications and telephone calls received and made for making appointments or other purposes for the purpose of administration of Services, customer support, research and development and for better listing of Providers.
- 3.8 All MEDILIFE HOSPITALS employees and data processors, who have access to, and are associated with the processing of sensitive personal data or information, are obliged to respect the confidentiality of every End-Users’ Personal Information or Sensitive Personal Data and Information. MEDILIFE HOSPITALS has put in place procedures and technologies as per good industry practices and in accordance with the applicable laws, to maintain security of all personal data from the point of collection to the point of destruction. Any third-party data processor to which MEDILIFE HOSPITALS transfers Personal Data shall have to agree to comply with those procedures and policies, or put in place adequate measures on their own.
- 3.10 To the extent necessary to provide End-Users with the Services, MEDILIFE HOSPITALS may provide their Personal Information to third party contractors who work on behalf of or with MEDILIFE HOSPITALS to provide End-Users with such Services, to help MEDILIFE HOSPITALS communicate with End-Users or to maintain the Website. Generally these contractors do not have any independent right to share this information, however certain contractors who provide services on the Website, including the providers of online communications services, may use and disclose the personal information collected in connection with the provision of these Services in accordance with their own privacy policies. In such circumstances, you consent to us disclosing your Personal Information to contractors, solely for the intended purposes only.
- 4 CASUAL VISITORS NOTE:
- 4.1 No sensitive personal data or information is automatically collected by MEDILIFE HOSPITALS from any casual visitors of this website, who are merely perusing the Website.
- 4.3 If you, as a casual visitor, have inadvertently browsed any other page of this Website prior to reading the privacy statements set out herein, and you do not agree with the manner in which such information is obtained, collected, processed, stored, used, disclosed or retained, merely quitting this browser application should ordinarily clear all temporary cookies installed by MEDILIFE HOSPITALS. All visitors, however, are encouraged to use the “clear cookies” functionality of their browsers to ensure such clearing / deletion, as MEDILIFE HOSPITALS cannot guarantee, predict or provide for the behaviour of the equipment of all the visitors of the Website.
- CONFIDENTIALITY AND SECURITY
- 1 Your Personal Information is maintained by MEDILIFE HOSPITALS in electronic form on its equipment, and on the equipment of its employees. Such information may also be converted to physical form from time to time. MEDILIFE HOSPITALS takes all necessary precautions to protect your personal information both online and off-line, and implements reasonable security practices and measures including certain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of MEDILIFE HOSPITALS’s business.
- 2 No administrator at MEDILIFE HOSPITALS will have knowledge of your password. It is important for you to protect against unauthorized access to your password, your computer and your mobile phone. Be sure to log off from the Website when finished. MEDILIFE HOSPITALS does not undertake any liability for any unauthorized use of your account and password. If you suspect any unauthorized use of your account, you must immediately notify MEDILIFE HOSPITALS by sending an email to firstname.lastname@example.org. You shall be liable to indemnify MEDILIFE HOSPITALS due to any loss suffered by it due to such unauthorized use of your account and password.
- 3 MEDILIFE HOSPITALS makes all User information accessible to its employees, agents or partners and third parties only on a need-to-know basis, and binds only its employees to strict confidentiality obligations.
- 4 Part of the functionality of MEDILIFE HOSPITALS is assisting the doctors to maintain and organize such information. MEDILIFE HOSPITALS may, therefore, retain and submit all such records to the appropriate authorities, or to doctors who request access to such information.
- 5 Part of the functionality of the MEDILIFE HOSPITALS is assisting the Members to access information relating to them. MEDILIFE HOSPITALS may, therefore, retain and submit all such records to the relevant Members, or to their doctors.
- 6 Notwithstanding the above, MEDILIFE HOSPITALS is not responsible for the confidentiality, security or distribution of your Personal Information by our partners and third parties outside the scope of our agreement with such partners and third parties. Further, MEDILIFE HOSPITALS shall not be responsible for any breach of security or for any actions of any third parties or events that are beyond the reasonable control of MEDILIFE HOSPITALS including but not limited to, acts of government, computer hacking, unauthorised access to computer data and storage device, computer crashes, breach of security and encryption, poor quality of Internet service or telephone service of the User etc.
If a User uses the Services or accesses the Website after a notice of changes has been sent to such User or published on the Website, such User hereby provides his/her/its consent to the changed terms.
- CHILDREN’S AND MINOR’S PRIVACY
MEDILIFE HOSPITALS strongly encourages parents and guardians to supervise the online activities of their minor children and consider using parental control tools available from online services and software manufacturers to help provide a child-friendly online environment. These tools also can prevent minors from disclosing their name, address, and other personally identifiable information online without parental permission. Although the MEDILIFE HOSPITALS Website and Services are not intended for use by minors, MEDILIFE HOSPITALS respects the privacy of minors who may inadvertently use the internet or the mobile application.
- CONSENT TO THIS POLICY
- ADDRESS FOR PRIVACY QUESTIONS
Indicative List of Information by Nature of Service
- End-Users using the Website by registering for an account on the Website or ‘MEDILIFE HOSPITALS’ mobile application:
You can create an account by giving us information regarding your [name, mobile number, email address], and such other information as requested on the End-User registration page. This is to enable us to provide you with the facility to use the account to book your appointments and store other health related information.
- End-Users using the Website without registering for an account on the Website or ‘MEDILIFE HOSPITALS’ mobile application (i.e., ‘Guest’ End-User):
You can use the Website without registering for an account, but to book an appointment, you may be asked certain information (including your [mobile number], and such other information as requested when you choose to use the Services without registration) to confirm the appointment.
- Diagnostic labs availing of the free listing service on the Website or ‘MEDILIFE HOSPITALS’ mobile application by registering for an account:
As a Medilife Hospitals Partner, you may be required to provide us with information regarding your [name, mobile number, email address], and such other information as requested on the Partner registration page to create an account. MEDILIFE HOSPITALS may send email and/or SMS confirmations or other communications to End-Users in connection with their bookings, appointments or other interactions with you, if such interactions have been facilitated by MEDILIFE HOSPITALS.
- Medilife Hospitals Partner availing of the free listing service on the Website or ‘MEDILIFE HOSPITALS’ mobile application without registering for an account:
As a Medilife Hospitals Partner, you may avail of the listing service without registering for an account by providing information regarding your [name, mobile number, email address], and such other information as requested by any of MEDILIFE HOSPITALS’s employees or agents who contact you in person or by telephone. In such event, MEDILIFE HOSPITALS will maintain this information if and until you choose to register for an account, for which MEDILIFE HOSPITALS may contact you from time to time. MEDILIFE HOSPITALS will, after such information is collected from you, send you a confirmation email confirming the information provided and the fact that you will be listed on the Website. In the event you do not wish to be so listed on the Website, please inform MEDILIFE HOSPITALS immediately at email@example.com
- Medilife Hospitals Partner using the ‘’ and/or ‘Tab’ products:
You will be required to create an account and may be required to provide MEDILIFE HOSPITALS with information regarding your [name, mobile number, email address], and such other information as requested by MEDILIFE HOSPITALS on the and/or Tab Partner registration page, in order to complete your registration.
Upon registration, MEDILIFE HOSPITALS will access non-personally identifiable information of your Members from your patient records. You agree to make your Members fully aware of such access.
MEDILIFE HOSPITALS reserves the right to extend and withdraw ‘ABS’ (also known as Instant) functionality to you at its sole discretion, based on the number of End-User appointments being honoured by you. The extension or withdrawal of such facility shall be intimated to you by MEDILIFE HOSPITALS.
You have an option under these products to switch on ‘End-User Feedback’. This will mean that you are giving one or more Members’ contact details to MEDILIFE HOSPITALS’s feedback system. End-Users may choose to send feedback anonymously too, in which case you agree that you have no objection to such anonymous feedback. The feedback system will then send an SMS and email to the patient(s) asking for feedback which may then be published on the Website. You agree to make your Members fully aware of the possibility of their receiving such feedback queries.