Effective Date: Apr 15 2025
At CareScribe, your privacy and the security of your personal and health-related information are of utmost importance to us. This Privacy Policy explains how we collect, use, store, and share information when you use our healthcare SaaS platform and related services. We are committed to complying with all applicable Indian data protection laws, including the Information Technology Act, 2000, and the Sensitive Personal Data or Information (SPDI) Rules, 2011.
1. Information We Collect
We collect different types of information to provide you with our services effectively and securely.
1.1 Personal Information
When you register or use our platform, we may collect:
- Your full name, email address, phone number, professional details, and login credentials.
- Identification information, such as government-issued IDs when required for verification.
1.2 Health-Related Information
As a healthcare SaaS provider, we may receive and process:
- Medical records, treatment history, prescriptions, diagnostic data, and other sensitive health information submitted by healthcare professionals or patients through the platform.
- Data related to appointments, clinical notes, and patient outcomes.
1.3 Usage Data and Cookies
- We automatically collect information on how you use our website and platform, including IP addresses, browser type, pages visited, and session duration.
- Cookies and similar technologies are used to enhance your experience and collect analytics data.
2. How We Use Your Information
Your data is used solely to deliver and improve our services responsibly and in compliance with applicable laws.
- To create and manage your account and provide customer support.
- To facilitate healthcare-related workflows, such as appointment scheduling, record keeping, and communication between healthcare providers and patients.
- To send you important updates, service notifications, and reminders.
- To conduct data analysis and improve our platform’s functionality and security.
- To comply with legal obligations, resolve disputes, and enforce our policies.
- To personalize your experience by showing relevant content and features.
3. Legal Basis for Processing
In accordance with Indian data protection law, we process your data based on:
- Your explicit consent where applicable.
- The necessity to perform a contract or provide services you requested.
- Compliance with legal and regulatory obligations.
- Legitimate interests in maintaining security and improving services.
4. Information Sharing and Disclosure
We respect the confidentiality of your data and do not sell or rent your information.
- Third-Party Service Providers: We engage trusted vendors (e.g., cloud hosting, analytics, email, and SMS providers) who assist us in operating our platform. These providers are contractually bound to safeguard your information and use it only for specified purposes.
- Legal Compliance: We may disclose information when required by law, regulation, or government authority, or to protect rights and safety.
- Business Transfers: In case of mergers, acquisitions, or asset sales, user data may be transferred as part of the business assets with appropriate safeguards.
5. Cookies and Tracking Technologies
Our website and platform use cookies to improve usability and gather analytics data:
- Types of Cookies: Session cookies, persistent cookies, and third-party cookies (e.g., Google Analytics).
- Purpose: Authentication, user preferences, performance analytics, and targeted content.
- Managing Cookies: You can control cookie settings through your browser preferences. Blocking cookies may affect some functionalities.
6. Data Security
We implement comprehensive security measures to protect your information:
- Encryption of data at rest and in transit using industry-standard protocols.
- Access controls limiting data access to authorized personnel only.
- Regular security audits, vulnerability assessments, and compliance checks.
- Secure backup and disaster recovery procedures.
Despite these measures, no online system is completely secure; users are encouraged to use strong passwords and keep their credentials confidential.
7. Data Retention
We retain your personal and health data only as long as necessary to provide our services and fulfill legal requirements. When data is no longer needed, it is securely deleted or anonymized.
8. Your Rights
Under Indian laws, you have the following rights regarding your personal data:
- Access: You can request access to the information we hold about you.
- Correction: You can request correction of inaccurate or incomplete data.
- Deletion: Where legally permissible, you can request deletion of your data.
- Consent Withdrawal: You may withdraw consent for processing at any time, subject to legal or contractual restrictions.
- Objection and Restriction: You can object to or request restriction of certain types of processing.
To exercise your rights or for any privacy-related inquiries, please contact us at [email protected].
9. Children's Privacy
Our services are intended for healthcare professionals and individuals aged 18 or above. We do not knowingly collect personal data from children under 18.
10. International Data Transfers
If data is transferred outside India (for example, to cloud providers in other countries), we ensure adequate protections as required by applicable laws.
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically. Any material changes will be communicated via email or platform notifications and posted here with an updated effective date.
12. Contact Us
If you have questions or concerns about this Privacy Policy or your data, please contact:
CareScribe
Email: [email protected]
Phone: +91-8072371564
Address: MITTAI, Plot. 2, Shanmuga Nagar, Mahalakshmi Main Road,Chitlapakkam, Tambaram – 600064, Tamil Nadu, India.
