Privacy Policy
Trust is the foundation of healthcare. We are committed to protecting your sensitive data with enterprise-grade security.
What data we collect
We collect information to provide better services to all our users. This includes:
- Patient Data: Name, contact details, medical history, lab reports, and prescriptions.
- Doctor Data: Professional credentials, registration details, and clinic locations.
- Sensitive Personal Data (SPD): Health information as per India's SPDI Rules (2011).
How we use the data
Your data is primarily used to:
- Facilitate telemedicine and physical consultations.
- Process payments and manage appointment calendars.
- Maintain digital personal health records (PHR).
- Comply with regulatory requirements like ABHA (Ayushman Bharat Health Account).
Data sharing
We share your data only with your explicit consent with:
1. Healthcare Providers: For providing care.
2. Service Partners: Diagnostic labs, pharmacies, and payment gateways like Razorpay.
We never "sell" your personal health data to third-party marketing companies.
Your Rights
In alignment with modern privacy standards (DPDP Act, GDPR), you have the right to:
• Access and request copies of your health data.
• Correct inaccuracies in your personal profile.
• Withdraw consent and request deletion of your account.
• Download your complete medical history ("Data Portability").
Data Retention
Health records are retained for a minimum period of 3 years (as per medical guidelines) or for as long as your account is active. Upon deletion request, we anonymize your data for research purposes unless specified otherwise.
Data Security
PathyaTech implements ISO 27001-equivalent standards, 256-bit AES encryption for data at rest, and TLS for data in transit. Our infrastructure is hosted on secure cloud providers with multi-factor authentication (MFA).
Questions about privacy?
Our Data Protection Officer (DPO) is here to help you understand your rights and how we handle data.