Privacy Policy

Medisattva Solutions Private Limited (“Medisattva Solutions” / “Us” / “We” / “Our”), the owner and operator of Medisattva (Mobile Application) on iOS & Google Play Store (“Platform”) and its subsidiaries and affiliates, provide their services and information contained on the Platform to Users (“Users” / “You” / “Your”) subject to this privacy policy, terms and conditions and any other relevant terms and conditions, policies and notices which may be applicable to a specific section or module of the Platform. Medisattva Solutions and its affiliates respect your privacy and value the trust you place in us, hence, we insist upon the highest standards for secure transactions and customer information privacy. This Privacy Policy (“Policy”) describes in brief the manner in which your data is collected, used, and shared by the Platform. You are advised to please read the Policy carefully to learn about our information gathering and dissemination practices. By accessing the Platform, You agree to the collection and use of Your data by Us in the manner provided in this Policy. Our Privacy Policy is subject to change at any time without notice. To make sure you are aware of any changes, please review this Policy periodically. By visiting the Platform or using our Services, you agree to be bound by the terms and conditions of this Privacy Policy. If you do not agree please do not use or access our Platform. By mere use of the Platform, you expressly consent to our use and disclosure of your personal information in accordance with this Privacy Policy. This Privacy Policy is incorporated into and subject to the Terms of Use. This Policy applies only to our and only our Services. We encourage you to review the privacy policies of those other Platforms or services so that you can understand how they collect, use, and share your information.

1. Personal Information

Personal information is information which can be used to directly or indirectly to identify you. It includes de-identified data that, when linked to other information available to us, would enable us to identify you. Personal data does not include data that has been irreversibly anonymised or aggregated so that we cannot identify you through it, even in conjugation conjunction with other information. “Sensitive Personal Data or Information” means personal information of any individual relating to password; financial information such as bank account or credit card or debit card or other payment instrument details; physical, physiological, and mental health condition; sexual orientation; health information such as medical records and history; biometric information; any detail relating to the above as provided to or received by us for processing or storage (hereinafter collectively referred to as “Data”). However, any data / information relating to an individual that is freely available or accessible in public domain or furnished under the Right to Information Act,2005 or Digital Personal Data Protection Act, 2023 or any other law shall not qualify as Sensitive Personal Data or Information. By signing up on the Platform using our Services you represent that you voluntarily provide us with personal information including medical and financial information and consent to their collection, use and disclosure in accordance with this Privacy Policy. You also represent that you are duly authorised by any third party (including a child or an employee) whose information you share with us. We shall act as per your representation of authority and shall not make any independent enquiries to ascertain the veracity of your authorisation. In the event you do not have sufficient authorisation you shall be solely responsible for your acts and omissions including sharing of information with us by you and the consequential processing and actions taken by us in accordance with this Privacy Policy.

2. Collection of Personally Identifiable Information and other Information

When you use our Platform, we collect and store your personal information which is provided by you from time to time such as your name, age, gender, email address, residential address, telephone/mobile number, blood group, medical case and other relevant information as may be required. Our primary goal in doing so is to provide you a safe, efficient, smooth, and customized experience. This allows us to provide services and features that most likely meet your needs, and to customize our Platform to make your experience safer and easier. More importantly, while doing so we collect personal information from you that we consider necessary for achieving this purpose. In general, you can browse the Platform without telling us who you are or revealing any personal information about yourself. Once you give us your personal information, you are not anonymous to us. Where possible, we indicate which fields are required and which fields are optional. You always have the option to not provide information by choosing not to use a particular service or feature on the Platform. We may automatically track certain information about you based upon your behaviouron our Platform. We use this information to do internal research on our users’ demographics, interests, and behaviour to better understand, protect and serve our users. This information is compiled and analyzed on an aggregated basis. This information may include your IP address. If you transact with us, we collect some additional information, such as a billing address, a credit/debit card number, and a credit / debit card expiration date and/ or other payment instrument details and tracking information from money orders. If you choose to post messages on our message boards, chat rooms, or other message areas or leave feedback, we will collect that information you provide to us. We retain this information as necessary to resolve disputes, provide customer support and troubleshoot problems as permitted by law. If you send us personal correspondence, such as emails or letters, or if other users or third parties send us correspondence about your activities or postings on the Platform, we may collect such information into a file specific to you.

Information Collected While Accessing or Interacting with Services

  • The name of your internet service provider;
  • The IP address of the device you use to access our Services;
  • The operating system you are using;
  • The date and time you access our Services;
  • The Platform address, if any, that linked you to our Services;
  • Search engine, search terms and advertising clicks/actions;
  • Survey’s responses to the extent you do not include Personal Information;
  • The manufacturer and model of your mobile device;
  • Your mobile operating system;
  • The type of mobile internet browsers you are using;
  • Your geo-location;
  • Information about how you interact with our Platform, such as how many times you use a specific part of the Platform over a given time period, the amount of time you spend using the Platform, how often you use the Platform, actions you take in the Platform and how you engage with the Platform;
  • Information to allow us to personalize the services and content available through the Platform.

3. Use of Demographic / Profile Data / Your Information

We use personal information to provide the services you request. To the extent we use your personal information to market to you, we will provide you the ability to opt-out of such uses. We use your personal information to resolve disputes; troubleshoot problems; help promote a safe service; collect money; measure consumer interest in our services, inform you about online and offline offers, services, and updates; customize your experience; detect and protect us against error, fraud, and other criminal activity; enforce our terms and conditions; and as otherwise described to you at the time of collection. In our efforts to continually improve our service offerings, we collect and analyze demographic and profile data about our user’s activity on our Platform. We identify and use your IP address to help diagnose problems with our server, and to administer our Platform. Your IP address is also used to help identify you and to gather broad demographic information. We will occasionally ask you to complete optional online surveys. These surveys may ask you for contact information and demographic information (like zip code, age, or income level).

Use of Demographic / Profile Data / Your Information

  • Provide you Services as requested by you;
  • Help us provide personalized features;
  • To send you information about our new initiatives or other relevant information that we think you might find useful or interesting;
  • To provide you with feedback, newsletters and for other marketing activities;
  • Tailor our sites to your interest;
  • To get in touch with you when necessary;
  • To preserve social history as governed by existing law or policy.

4. Cookies

A “Cookie” is a small piece of information stored by a web server by usage of the Platform so it can be later read back from that Platform. Cookies are useful for enabling the Platform to remember information specific to a given user. We place both permanent and temporary cookies in your device’s hard drive. The cookies do not contain any of your personally identifiable information. We use data collection devices such as “cookies” on certain pages of the Platform to help analyze our flow, measure promotional effectiveness, and promote trust and safety. “Cookies” are small files placed on your hard drive that assist us in providing our services. We offer certain features that are only available through the use of a “cookie”. We also use cookies to allow you to enter your password less frequently during a session. Cookies can also help us provide information that is targeted to your interests. Most cookies are “session cookies,” meaning that they are automatically deleted from your hard drive at the end of a session. You are always free to decline our cookies if your browser permits, although in that case you may not be able to use certain features on the Platform and you may be required to re-enter your password more frequently during a session. Additionally, you may encounter “cookies” or other similar devices on certain pages of the Platform that are placed by third parties. We do not control the use of cookies by third parties..

5. Communication from User’s End

We strive to make sure that our user’s experience exceeds expectations. There are many ways to reach us i.e., via e-mail, chat, and other social media channels. Once you initiate a communication from your end, to help improve our Service etiquettes to you, we may catalogue your contact information and correspondence details for later references. This eventually will also enable us to track the responses you provide to us as feedback for our e-mails and also the number of visits that you as a User make to our Platform. This methodology will help us to improve our Services from a customer delight stand point.

6. Sharing Personal Information

We may share personal information with our other corporate entities and affiliates. These entities and affiliates may market to you as a result of such sharing unless you explicitly opt-out. We do not disclose your personal information to third parties for their marketing and advertising purposes without your explicit consent. Such third parties do not have any right to use the Personal Information we share with them beyond what is necessary to assist us to provide the Services and we take reasonable steps to ensure that these third parties are obligated to protect the Personal Information in the same manner as contemplated herein. We may disclose personal information if required to do so by law or in the good faith belief that such disclosure is reasonably necessary to respond to subpoenas, court orders, or other legal process. We may disclose personal information to law enforcement offices, third party rights owners, or others in the good faith belief that such disclosure is reasonably necessary to: enforce our Terms or Privacy Policy; respond to claims that an advertisement, posting, or other content violates the rights of a third party; or protect the rights, property or personal safety of our users or the general public.

We may, however, disclose your Personal Information under the following circumstances:

  • To respond to court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims; or
  • If we believe it is necessary to share information in order to investigate, prevent, or act regarding illegal activities, suspected fraud, situationsinvolving potential threats to the physical safety of any person, violations of our terms of use, or as otherwise required by law. In due course of time, we might use your Personal Information for any new and unanticipated reason not expressly mentioned in this Policy. We will obtain your consent in such cases as may be required by law. We and our affiliates will share your anonymized data with another business entity should we (or our assets) plan to merge with, or be acquired by that business entity, or reorganization, amalgamation, restructuring of business. Should such a transaction occur that other business entity (or the new combined entity) will be required to follow this privacy policy with respect to your personal information. Disclosure policy in compliance with rule 6 of the IT Rules 2011. The Personal Information may be disclosed to any person, if such disclosure is required for a lawful purpose connected with a function or activity of Platform. The Personal Information may be disclosed, where the disclosure is necessary for compliance of a legal obligation. We do not rent, sell, publish, or share your personally identifiable information unless:
  • We have your permission; or
  • To help investigate, prevent, or take action regarding unlawful and illegal activities, suspected fraud, including cyber incidents potential threat, punishment of offences and to the safety or security of any person, violations of Medisattva Solution’s terms of use or to defend against legal claims; or
  • Special circumstances such as compliance with subpoenas, court orders, requests/orders from legal authorities or law enforcement agencies requiring such disclosure.

7. Retaining your Data

We store your personal information in accordance with applicable laws, which means we keep your data for as long as necessary to provide you with our Services or as may be required under any law. We shall store your personal information for lawful purposes only. We keep de-identified data for research and statistical purposes for a longer period. If you close your account, we have no obligation to retain your data, and we may delete any or all of your data without liability. However, we may retain data related to you if we believe it may be necessary to prevent fraud or future abuse, or if required by law, or for other legitimate purposes. We may continue to store your data in anonymised or de-identified form for analytical, research or other purposes for which your information is collected as previously indicated.

8. Disclosure and Transfer of your Data

We may share, disclose and in some cases transfer your personal information to such entities as required to provide Services to you, improve our Services, and to provide value added services or other third-party products and services, to the extent permitted by applicable law. These entities may be located outside India, which you hereby consent to. We require such entities to protect your information through equivalent security measures as what we would adopt.

An indicative list of entities we may disclose or transfer information to, are provided below:

  • Service Providers: We share personal information with companies that provide Services on our behalf, such as Platform hosting, data storage, software services, email services, marketing, fulfilling customer orders, providing payment related services including payment aggregation, data analytics, data mining, providing customer services, and conducting surveys, as permitted by applicable law. These companies may be located within or outside India, but in any case, are obligated to protect your data.
  • Business Affiliates: We may disclose or transfer some of your information to entities in the group companies, affiliates, associates, subsidiary, holding company of the Company, associates, and subsidiary of holding company of the Company including foreign entities, and in particular group companies and affiliates who are involved in the provision of products and services, to the extent permitted by applicable law. In the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, asset sale, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer any and all personal information to the relevant third party with the same rights of access and use
  • Law Enforcement Agencies: We may share information with law enforcement agencies pursuant to lawful requests for information, and otherwise as required under any law applicable at the given time, both in India and outside India.
  • Third-Parties: We may also disclose personal information if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users. Further, we may disclose personal information to any third party if necessary to provide or improve our Services, fulfil any lawful contractual obligation we are bound by, and any other activity related to the purposes identified in this privacy policy and the terms and conditions you agree to when you use our Services.

9. Security Procedures to Protect Information

To protect against the loss, misuse, and alteration of the information under our control, and to comply with Rule 8 of IT Rules, 2011 (Reasonable security practices and procedures and sensitive personal data or information), we have in place appropriate physical, electronic, technical, operational, and managerial procedures. Our Platform has stringent security measures in place to protect the loss, misuse, and alteration of the information under our control. Whenever you change or access your account information, we offer the use of a secure server. Once your information is in our possession we adhere to strict security guidelines, protecting it against unauthorized access. Our servers are accessible only to authorized personnel and your information is shared with respective personnel to complete the transaction and to provide the Services requested by you. Although we will endeavour to safeguard the confidentiality of your sensitive personal identifiable information, transmissions made by means of the Internet cannot be made absolutely secure. No such measures are competent enough to safeguard your Personal Information in a complete 100% way. Hence, you are also encouraged to take steps to prevent your Personal Information from being misused by logging off after using a shared computer, choosing a robust password , not sharing the password with anyone, and changing it periodically. We in no way can or are to be held responsible for the unauthorized use of your Personal Information or for any suspicious activity on your account. By using our Platform, you agree that we will have no liability for disclosure of your information due to errors in transmission or unauthorized acts of third parties.

10. User Rights

We take reasonable steps to ensure that your personal information is accurate, complete, and up to date. However, you have the sole responsibility of ensuring that you review the accuracy of information provided by you and contact us in case of discrepancies, or in case you wish to discontinue the use of our Services.

You have the following rights with regard to your personal information:

  • You have the right to access your personal information, and request updating, correction and deletion. If your personal information changes, you may correct, delete inaccuracies, or amend information by making the change on our member information page or by contacting us. We will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable. If you provide any information that is untrue, inaccurate, out of date or incomplete (or subsequently becomes untrue, inaccurate, out of date or incomplete), or we have reasonable grounds to suspect that the information provided by you is untrue, inaccurate, out of date or incomplete, we may, at our sole discretion, discontinue the provision of the Services to you. There may be circumstances where we will not correct, delete, or update your personal information, including (a) where the personal information is opinion data that is kept solely for evaluative purpose; (b) the personal information is in documents related to a prosecution if all proceedings relating to the prosecution have not been completed; and (c) where your information has already been processed in de-identified form.
  • You are free to not to share any medical or other information that you consider confidential and withdraw consent for us to use data that you have already provided. In the event that you refuse to share any information or withdraw consent to process information that you have previously given to us, we reserve the right to restrict or deny the provision of our Services for which we consider such information to be necessary.

11. Advertisement

We use third-party advertising companies to serve ads when you visit our Platform. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other Platforms in order to provide advertisements about goods and services of interest to you.

12. Digital Personal Data Protection Act Compliance

In compliance with the Digital Personal Data Protection Act 2023 (hereinafter referred to as “Act”), we hereby request the user to kindly take note of the following:

a. As enumerated in Section 5 of the Act, through this Privacy Policy, we hereby give Notice to you (“Data Principal”) that we, Medisattva Solutions (“Data Fiduciary”) shall collect and process your Data, anonymously, for the purpose and in manner as mentioned hereinabove and by accepting the terms and conditions of this Policy, you hereby give your free, specific, informed, and unconditional Consent to process your Data, in consonance with the applicable provisions of the Act. Further, you hereby acknowledge you’re your acceptance of the terms and conditions as mentioned in this Policy shall be construed as the clear and specific Notice given by Medisattva Solutions, for processing your Data, as per the provisions of the Act.

b. If the Platform is used by a Minor under the guidance of his/her Parent and/or Legal Guardian, then in such situation, You (Parent and/or Legal Guardian) hereby confirms that the Notice, as required under the Act is hereby given and you are providing the necessary free, specific, informed, and unconditional Consent to process the Data for the purpose and in manner as mentioned hereinabove, on behalf of the minor using the Platform, as required under the Act.

c. During your usage of the Platform or thereafter, if you wish to correct, complete, and/or update your Data, or wish to withdraw your Consent regarding collection and/or processing of your Data and/or wish to erase the Data, shall write to our Data Protection Officer on the coordinates mentioned hereinbelow, specifically mentioning your request and the same shall be processed within reasonable time period, in accordance with the applicable provisions of the Act.

d. It may be noted that upon being in receipt of consent withdrawal application, we, Medisattva Solutions (Data Fiduciary), shall process such request within reasonable time and shall refrain from processing your Data within reasonable time.

e. During the usage of the Platform, if you, on individually or on behalf of the minor using the Platform, wishes to access and/or review the Data shared, you shall write to our Data Protection Officer on the below mentioned coordinates, and such request shall be processed within reasonable time in accordance with the provision of the Act.

f. It may be noted that any and all request(s) made such as withdrawal of consent, correction, amendments to data etc. shall be denied if the said requests so made falls under the Exemptions laid down in Section 17 of the Act.

g. For any grievance, complaints, withdrawal of consent etc. regarding to your Data being collected and processed, such communication shall be done to our email address – info@medisattva.com

Privacy Policy