Privacy Policy

Below is a refreshed full Privacy Policy draft for Medinzy Health Services, aligned to India’s Digital Personal Data Protection Act, 2023 (DPDP Act). The DPDP Act applies to the processing of digital personal data and sets out notice, consent, data principal rights, security, grievance, breach, and deletion obligations.



Privacy Policy – Medinzy Health Services 

  • Medinzy Health Services (“Medinzy”, “we”, “us”, or “our”) is committed to protecting the privacy and confidentiality of our patients, clients, caregivers, website visitors, and other individuals whose personal data we process. This Privacy Policy explains how we collect, use, disclose, store, and protect personal data in connection with our home healthcare, nursing, and related support services. By using our website, mobile application, or services, or by otherwise providing your personal data to us, you acknowledge that you have read and understood this Privacy Policy. Where required under applicable law, we will obtain your consent before processing your personal data. The policy is intended to be read together with any service terms, consent forms, and notices we provide to you.


1. Scope 

  • This Privacy Policy applies to personal data processed by Medinzy in digital form, including data collected through our website, mobile application, online forms, call records that are digitized, messaging platforms, email, and other digital systems used to deliver or support our services. The DPDP Act governs digital personal data processed in India, and this policy is designed to reflect those requirements. 


 2. Data We Collect     

  • We may collect the following categories of personal data, depending on how you interact with us and the services you request: • Full name. • Mobile number. • Email address. • Residential address and service location. • Patient age and gender. • Medical history, health conditions, prescriptions, diagnostic reports, and care notes. • Emergency contact information.  • Payment and billing details, where applicable. • IP address, device type, browser type, operating system, and usage data. • Approximate location from IP address, and GPS location only if you enable it in a mobile application. We collect only such personal data as is necessary for lawful and service-related purposes, and we will not use sensitive information beyond what is required for care delivery, administration, legal compliance, and related legitimate purposes under applicable law. 


3. How We Use Data 

  • We use personal data for the following purposes: • To provide home healthcare, nursing, caregiver, and medical support services. • To schedule appointments and assign appropriate caregivers or clinicians. • To contact you about bookings, care updates, service changes, and follow-up support. • To process invoices, payments, refunds, and accounting records. • To maintain patient, service, and operational records. • To improve service quality, website performance, and user experience. • To perform analytics, troubleshooting, and fraud or misuse prevention. • To comply with legal, regulatory, contractual, and record-keeping obligations. • To respond to emergencies, complaints, and customer support requests. Where consent is the legal basis for processing, you may withdraw that consent at any time, subject to legal and contractual limitations and the time needed to process your request.               


 4. Consent and Notice 

  • Before or at the time of collecting personal data, we will provide a clear notice describing the purpose of processing, the personal data collected, and the manner in which you can exercise your rights. Where required by law, we will seek your free, specific, informed, unconditional, and unambiguous consent for processing. You may withdraw consent at any time by contacting us using the details provided below. Withdrawal of consent will not affect processing already carried out lawfully before the withdrawal, and certain data may still be retained or processed where required by law, for medical record-keeping, dispute resolution, fraud prevention, or other lawful purposes. 


  5. Legal Grounds for Processing       

  • We may process personal data when: • You have given consent for one or more specified purposes. • Processing is necessary for the performance of a service request or contract with you. • Processing is necessary to comply with legal obligations. • Processing is necessary to protect vital interests in an emergency. • Processing is otherwise permitted under applicable law, including certain legitimate uses recognized under the DPDP Act.    


6. Data Sharing

  •   We do not sell, rent, or trade your personal data. We may share personal data only when necessary and on a need-to-know basis with: • Doctors, nurses, caregivers, and other professionals involved in your care. • Payment processors, IT vendors, cloud hosts, analytics providers, and other service providers acting on our behalf. • Legal, regulatory, or law enforcement authorities when required by law, court order, or valid request. • Emergency responders or other relevant persons where necessary to protect life, health, or safety. • Third parties with your explicit consent or as otherwise permitted by law. All third parties that process personal data on our behalf are expected to maintain appropriate confidentiality and security safeguards. 


7. Cookies and Tracking 

  • Our website may use cookies and similar technologies to improve navigation, remember preferences, understand site usage, and support analytics. Cookies do not store medical records or payment card details unless explicitly needed for secure payment or session handling through a trusted provider. You can disable cookies through your browser settings, but some website features may not function properly if you do so. If required by law, we will present a cookie notice or obtain consent for non-essential cookies.


 8. Data Security    

  • We use reasonable technical, administrative, and physical safeguards to protect personal data from unauthorized access, loss, misuse, alteration, disclosure, or destruction. These measures may include secure servers, encryption in transit, access controls, password protection, logging, monitoring, and staff confidentiality obligations. No system is fully secure, but we review our safeguards regularly and take appropriate steps to reduce risks in line with the nature of the data we process.


9. Retention 

  • We retain personal data only for as long as necessary for the purposes for which it was collected, including providing services, maintaining records, resolving disputes, meeting legal obligations, and enforcing agreements. When data is no longer required, we will securely delete, anonymize, or archive it as appropriate under applicable law and our internal retention policies.


10. Data Principal Rights 

  • Subject to applicable law, you have the right to: • Access information about your personal data and how it is processed. • Request correction, completion, updating, or erasure of your personal data. • Withdraw consent, where processing is based on consent. • Raise a grievance and request redressal. • Nominate another individual to exercise your rights in the event of death or incapacity, where permitted by law. We will respond to requests within a reasonable time and in accordance with applicable legal requirements.


11. Children’s Data 

  •  Our services may involve pediatric patients only with the consent of a parent or legal guardian, where required by law. We do not knowingly process a child’s personal data without appropriate authorization. Where child-related processing is required for healthcare delivery, we will take additional care to obtain valid consent and apply appropriate safeguards.          


12. Cross-Border Processing

  • If any personal data is processed or stored outside India by a service provider or infrastructure partner, we will take appropriate contractual and technical safeguards, and we will do so only in accordance with applicable law and any government restrictions in force at the time.


 13. Grievance Redressal        

  • If you have questions, complaints, or requests about this Privacy Policy or our processing of personal data, you may contact our grievance officer or designated privacy contact at the details below. We aim to acknowledge and resolve complaints in a timely manner, and in any event in accordance with applicable law and internal grievance procedures. 

 

14. Third-Party Links   

  • Our website may contain links to third-party websites or services. We are not responsible for the privacy practices, content, or security of those third parties. We encourage you to review their privacy policies before providing them with personal data.


15. Changes to This Policy 

  •  We may update this Privacy Policy from time to time to reflect changes in our practices, technology, services, or legal obligations. Any updated version will be posted on our website with a revised effective date. Continued use of our services after an update means you acknowledge the revised policy, subject to any additional consent requirements under law.



  16. Contact Us        

Medinzy Health Services

Website: www.medinzy.com

Email: info@medinzy.com 

Phone: +91 90246 56303 

Address: Chhattarpur, New Delhi, India