If you have any questions about this Privacy Policy, please contact us at:
docifyonline@gmail.com
1. Introduction
The Docify.online (“we,” “us,” or “our”) is committed to protecting the privacy of its users (“you” or “your”). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit and use our website, docify.online (the “Site”), and the services we offer, including online medical consultations and issuance of online medical certificates. This policy is drafted in compliance with the Information Technology Act, 2000 (as amended, including the Information Technology (Reasonable Security Practices and Sensitive Personal Data or Information) Rules, 2011), the Indian Medical Council (Professional Conduct, Etiquette and Ethics) Regulations, 2002, the Digital Information Security in Healthcare Act (DISHA), 2017 (when applicable and as implemented), and other applicable Indian laws and regulations related to data privacy, medical information, and electronic health records.
2. Information We Collect
We collect several types of information from and about users of our Site, including:
Personal Information: This includes information that can be used to identify you, such as:
Name
Contact information (email address, phone number, postal address)
Date of birth
Gender
Unique identification information (e.g., Aadhaar, if voluntarily provided and legally permissible, with appropriate safeguards and consent)
Medical history and information (including symptoms, diagnoses, medications, allergies, past treatments, lab results, imaging reports, and other health-related data)
Information provided during online consultations (including audio/video recordings, if applicable, with explicit consent)
Information required for issuing medical certificates (as per applicable legal requirements and guidelines issued by the relevant State Medical Council)
Biometric data (if collected, only with explicit consent and in compliance with applicable laws)
Technical Information: This includes information about your device and internet connection, such as:
IP address
Browser type and version
Operating system
Referring website
Pages visited on our Site
Time and date of access
Payment Information: If you use our paid services, we collect payment information, such as credit card details or other payment method information. However, we use secure third-party payment processors compliant with PCI DSS standards, and we do not store your complete payment card details on our servers.
Cookies and Tracking Technologies: We use cookies and other tracking technologies to collect information about your activity on our Site. This information helps us personalize your experience and improve our services. You can control cookies through your browser settings, but disabling cookies may limit some functionalities of the Site. We comply with the applicable cookie consent requirements.
3. How We Use Your Information
We use your information for the following purposes:
Providing Services: To provide you with online medical consultations, issue medical certificates (in accordance with applicable regulations and professional guidelines), process payments, and manage your account.
Communication: To communicate with you about your consultations, appointments, prescriptions, lab results, and other important information related to our services.
Improving Services: To analyze user behavior and feedback to improve the functionality and user experience of our Site and services.
Legal Compliance: To comply with applicable laws and regulations, including those related to medical record keeping, privacy, data security, and telemedicine guidelines issued by the Government of India and the National Medical Commission.
Research and Analytics: For internal research and analytics purposes to understand usage patterns and improve healthcare outcomes. This data will be anonymized and aggregated where possible, and all research will be conducted ethically and in compliance with relevant guidelines.
Marketing (with explicit consent): We may use your contact information to send you promotional materials about our services or related healthcare information, but only if you have given us your explicit and informed consent to do so. You can withdraw your consent at any time.
4. Disclosure of Your Information
We may disclose your information to the following third parties:
Doctors and Medical Professionals: We share your medical information with the doctors and medical professionals who provide consultations through our platform. This is essential for providing you with appropriate medical care. These medical professionals are bound by professional ethics, confidentiality obligations under the IMC Regulations, and data privacy requirements.
Authorized Personnel: Access to your information is granted on a need-to-know basis to our authorized personnel involved in providing the services.
Service Providers: We may share your information with third-party service providers who assist us with payment processing, data storage (complying with data localization requirements as applicable), website hosting, IT support, and other services. We ensure that these providers are bound by appropriate confidentiality agreements and data processing agreements that comply with Indian law.
Legal Authorities: We may disclose your information to legal authorities if required by law, court order, or government request, including requests from the Medical Council of India or other regulatory bodies. We may also disclose your information to protect our rights or the rights of others, or to prevent fraud or other illegal activity.
Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will ensure that the acquiring entity is bound by similar privacy obligations.
Health Information Exchanges (HIEs): We may participate in HIEs as permitted by law and with your consent, to facilitate coordinated care.
Aggregated and Anonymized Data: We may share aggregated and anonymized data with third parties for research, marketing, or other purposes. This data will not identify you personally.
5. Data Security
We implement reasonable security practices and procedures as per the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Sensitive Personal Data or Information) Rules, 2011, to protect your information from unauthorized access, use, or disclosure. These measures include:
Encryption: We use industry-standard encryption (e.g., TLS/SSL) to protect your information during transmission and storage.
Access Controls: We implement strict access control measures, including role-based access, to limit access to your information to authorized personnel only.
Regular Security Assessments: We conduct regular security assessments and penetration testing to identify and address potential vulnerabilities.
Data Backup and Recovery: We maintain regular backups of your data and have a disaster recovery plan in place.
Compliance with Standards: We strive to comply with relevant industry standards and best practices for data security.
We acknowledge that no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. We will notify you as required by law in the event of a data breach.
6. Data Retention
We will retain your personal information for as long as necessary to provide you with our services, comply with legal obligations (including record retention requirements for medical records as per the IMC Regulations and state medical council guidelines), resolve disputes, and enforce our agreements. We will securely dispose of your data when it is no longer needed.
7. Your Rights
You have the following rights regarding your personal information:
Access: You have the right to access the personal information we hold about you.
Correction: You have the right to request that we correct any inaccurate or incomplete personal information.
Deletion: You have the right to request that we delete your personal information, subject to legal limitations, including requirements to maintain medical records.
Data Portability: You may have the right to receive your personal information in a structured, commonly used, and machine-readable format.
Objection: You have the right to object to the processing of your personal information in certain circumstances.
Withdraw Consent: You have the right to withdraw your consent to the processing of your personal information at any time, if processing is based on consent.
To exercise these rights, please contact us at [Insert Contact Information]. We will respond to your request within a reasonable timeframe and in accordance with applicable law.
8. Children’s Privacy
Our Site and services are not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child under 18 has provided us with personal information, please contact us.
9. Cross-Border Data Transfer
If we transfer your data outside of India, we will ensure that such transfers are in compliance with applicable Indian laws and regulations, including ensuring an adequate level of data protection and obtaining your consent where required.
10. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. We will post any changes on this page and notify you if the changes are significant. Your continued use of the Site following the posting of such changes constitutes your acceptance of the revised Privacy Policy.
11. Grievance Officer
In accordance with the IT Act, we have designated a Grievance Officer to address any concerns or complaints regarding the processing of your personal information. The contact details of the Grievance Officer are:
6267015830
12. Contact Us
If you have any questions about this Privacy Policy, please contact us at:
docifyonline@gmail.com