i. Section 43A of the Information Technology Act, 2000;
ii. Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the “SPI Rules”);
iii. Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011.
iv. The type of information collected from the Users, including Personal Information (as defined in paragraph 2 below) and Sensitive Personal Data or Information (as defined in paragraph 2 below) relating to an individual;
v. The purpose, means and modes of collection, usage, processing, retention and destruction of such information; and
vi. How and to whom HealthAssure will disclose such information.
Generally some of the Services require us to know who you are so that we can best meet your needs. When you access the Services, or through any interaction with us via emails, telephone calls or other correspondence, we may ask you to voluntarily provide us with certain information that personally identifies you or could be used to personally identify you. You hereby consent to the collection of such information by HealthAssure. Without prejudice to the generality of the above, information collected by us from you may include (but is not limited to) the following:
i. contact data (such as your email address and phone number);
ii. demographic data (such as your gender,your date of birth and your pin code);
iii. data regarding your usage of the services and history of the appointments made by or with you through the use of Services;
iv. insurance data (such as your insurance carrier and insurance plan);
v. other information that you voluntarily choose to provide to us (such as information shared by you with us through emails or letters.
The information collected from you by HealthAssure may constitute "personal information‟ or "sensitive personal data or information‟ under the SPI Rules.
“Personal Information” is defined under the SPI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available to a body corporate, is capable of identifying such person.
The SPI Rules further define “Sensitive Personal Data or Information” of a person to mean personal information about that person relating to:
vii. financial information such as bank accounts, credit and debit card details or other payment instrument details;
viii. physical, physiological and mental health condition;
ix. sexual orientation;
x. medical records and history;
xi. biometric information;
xii. information received by body corporate under lawful contractor otherwise;
xiii. visitor details as provided at the time of registration or thereafter; and
xiv. call data records.
HealthAssure will be free to use, collect and disclose information that is freely available in the public domain without your consent.
3.1 ALL USERS NOTE:
This section applies to all users.
3.1.3 All the information provided to HealthAssure by a User, including Personal Information or any Sensitive Personal Data or Information, is voluntary. You understand that HealthAssure may use certain information of yours, which has been designated as Personal Information or "Sensitive Personal Data or Information‟ under the SPI Rules,
(a) for the purpose of providing you the Services,
(b) for commercial purposes and in an aggregated or non- personally identifiable form for research, statistical analysis and business intelligence purposes,
(c) for sale or transfer of such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates
(d) for communication purpose so as to provide You a better way of booking appointments and for obtaining feedback in relation to the Practitioners and their practice,
(e) debugging customer support related issues.
(f) for the purpose of contacting you to complete any transaction if you do not complete a transaction after having provided us with your contact information in the course of completing such steps that are designed for completion of the transaction. HealthAssure also reserves the right to use information provided by or about the End- User for the following purposes:
i. Publishing such information on the Website.
ii. Contacting End-Users for offering new products or services.
iii. Contacting End-Users for taking product and Service feedback.
iv. Analyzing software usage patterns for improving product design and utility.
v. Analyzing anonymized practice information for commercial use.
vi. Processing payment instructions including those through independent third party service providers such as payment gateways, banking and financial institutions, prepaid instrument and wallet providers for processing of payment transaction or deferral of payment facilities.
If you have voluntarily provided your Personal Information to HealthAssure for any of the purposes stated above, you hereby consent to such collection and use of such information by HealthAssure. However, HealthAssure shall not contact You on Your telephone number(s) for any purpose including those mentioned in this sub-section 4.1(iii), if such telephone number is registered with the Do Not Call registry (“DNC Registry”) under the PDPA without your express, clear and unambiguous written consent.
3.1.5 HealthAssure does not control or endorse the content, messages or information found in any Services and, therefore, HealthAssure specifically disclaims any liability with regard to the Services and any actions resulting from your participation in any Services, and you agree that you waive any claims against HealthAssure relating to same, and to the extent such waiver may be ineffective, you agree to release any claims against HealthAssure relating to the same.
3.1.6 You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information provided as part of account registration. If your personal information changes, you may correct,delete inaccuracies, or amend information by making the change on our member information page or by contacting us through firstname.lastname@example.org. We will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable. If you provide any information that is untrue, inaccurate, out of date or incomplete (or becomes untrue, inaccurate, out of date or incomplete), or HealthAssure has reasonable grounds to suspect that the information provided by you is untrue, inaccurate,out of date or incomplete, HealthAssure may, at its sole discretion, discontinue the provision of the Services to you.There may be circumstances where HealthAssure will not correct, delete or update your Personal Data, including (a) where the Personal Data is opinion data that is kept solely for evaluative purpose;and (b) the Personal Data is in documents related to a prosecution if all proceedings relating to the prosecution have not been completed.
3.1.7 If you wish to cancel your account or request that we no longer use your information to provide you Services, contact us through email@example.com. We will retain your information for as long as your account with the Services is active and as needed to provide you the Services. We shall not retain such information for longer than is required for the purposes for which the information may lawfully be used or is otherwise required under any other law for the time being in force. After a period of time, your data maybe anonymized and aggregated, and then may be held by us as long as necessary for us to provide our Services effectively, but our use of the anonymized data will be solely for analytic purposes. Please note that your withdrawal of consent, or cancellation of account may result in HealthAssure being unable to provide you with its Services or to terminate any existing relationship HealthAssure may have with you.
3.1.8 If you wish to opt-out of receiving non-essential communications such as promotional and marketing-related information regarding the Services,please send us an email at firstname.lastname@example.org.
3.1.9 HealthAssure may require the User to pay with a credit card, wire transfer, debit card or cheque for Services for which subscription amount(s) is/are payable. HealthAssure will collect such User's credit card number and/or other financial institution information such as bank account numbers and will use that information for the billing and payment processes, including but not limited to the use and disclosure of such credit card number and information to third parties as necessary to complete such billing operation. Verification of credit information, however, is accomplished solely by the User through the authentication process. User's credit-card/debit card details are transacted upon secure sites of approved payment gateways which are digitally under encryption, thereby providing the highest possible degree of care as per current technology. However, HealthAssure provides you an option not to save your payment details. User is advised, however, that internet technology is not foolproof safe and User should exercise discretion on using the same.
3.1.10 Due to the communications standards on the Internet, when a User or the End-User or anyone who visits the Website, HealthAssure automatically receives the URL of the site from which anyone visits. HealthAssure also receives the Internet Protocol (IP) address of each User's computer (or the proxy server a User used to access the World Wide Web), User's computer operating system and type of web browser the User is using, email patterns, as well as the name of User‟s ISP. This information is used to analyze overall trends to help HealthAssure improve its Service. The linkage between User's IP address and User's personally identifiable information is not shared with or disclosed to third parties. Notwithstanding the above, HealthAssure may share and/or disclose some of the aggregate findings (not the specific data) in anonymized form (i.e., non-personally identifiable) with advertisers, sponsors, investors, strategic partners, and others in order to help grow its business.
3.1.11 The Website uses temporary cookies to store certain (that is not sensitive personal data or information) that is used by HealthAssure and its service providers for the technical administration of the Website, research and development, and for User administration.In the course of serving advertisements or optimizing services to its Users, HealthAssure may allow authorized third parties to place or recognize a unique cookie on the User's browser.The cookies however, do not store any Personal Information of the User. You may adjust your internet browser to disable cookies. If cookies are disabled you may still use the Website, but the Website may be limited in the use of some of the features.
3.1.12 A User may have limited access to the Website without creating an account on the Website. Unregistered Users can make appointments with the doctors by providing their name and phone number. In order to have access to all the features and benefits on our Website, a User must first create an account on our Website. To create an account, a User is required to provide the following information, which such User recognizes and expressly acknowledges is Personal Information allowing others, including HealthAssure, to identify the User: name, User ID, email address,country, ZIP/postal code, age, phone number, password chosen by the User and valid financial account information. Other information requested on the registration page, including the ability to receive promotional offers from HealthAssure, is optional. HealthAssure may, in future, include other optional requests for information from the User to help HealthAssure to customize the Website to deliver personalized information to the User.
3.1.14 The Website may enable User to communicate with other Users or to post information to be accessed by others, whereupon other Users may collect such data. Such Users, including any moderators or administrators, are not authorized HealthAssure representatives or agents, and their opinions or statements do not necessarily reflect those of HealthAssure, and they are not authorized to bind HealthAssure to any contract. HealthAssure hereby expressly disclaims any liability for any reliance or misuse of such information that is made available by Users or visitors in such a manner.
3.1.16 HealthAssure maintains a strict "No-Spam" policy, which means that HealthAssure does not intend to sell, rent or otherwise give your e-mail address to a third party without your consent.
3.1.17 HealthAssure has implemented best international market practices and security policies, rules and technical measures to protect the personal data that it has under its control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. However,for any data loss or theft due to unauthorized access to the User's electronic devices through which the User avails the Services, HealthAssure shall not be held liable for any loss whatsoever incurred by the User.
3.1.18 HealthAssure implements reasonable security practices and procedures and has a comprehensive documented information security programme and information security policies that contain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of HealthAssure's business.
4.1 Your Personal Information is maintained by HealthAssure in electronic form on its equipment, and on the equipment of its employees. Such information may also be converted to physical form from time to time. HealthAssure takes all necessary precautions to protect your personal information both online and off-line, and implements reasonable security practices and measures including certain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of HealthAssure's business.
4.2 No administrator at HealthAssure will have knowledge of your password. It is important for you to protect against unauthorized access to your password, your computer and your mobile phone. Be sure to log off from the Website when finished. HealthAssure does not undertake any liability for any unauthorised use of your account and password. If you suspect any unauthorized use of your account, you must immediately notify HealthAssure by sending an email to email@example.com You shall be liable to indemnify HealthAssure due to any loss suffered by it due to such unauthorized use of your account and password.
4.3 HealthAssure makes all User information accessible to its employees, agents or partners and third parties only on a need-to-know basis,and binds only its employees to strict confidentiality obligations.
4.4 Part of the functionality of HealthAssure is assisting the doctors to maintain and organise such information. HealthAssure may, therefore, retain and submit all such records to the appropriate authorities, or to doctors who request access to such information.
4.5 Part of the functionality of the HealthAssure is assisting the patients to access information relating to them. HealthAssure may, therefore, retain and submit all such records to the relevant patients, or to their doctors.
4.6 Notwithstanding the above, HealthAssure is not responsible for the confidentiality, security or distribution of your Personal Information by our partners and third parties outside the scope of our agreement with such partners and third parties. Further, HealthAssure shall not be responsible for any breach of security or for any actions of any third parties or events that are beyond the reasonable control of HealthAssure including but not limited to,acts of government, computer hacking, unauthorised access to computer data and storage device, computer crashes, breach of security and encryption, poor quality of Internet service or telephone service of the User etc.
Collection and Delivery are dependent on various technical and quality parameters. HealthAssure assumes no liability towards any time delay caused on account of the above factors necessary for review, analysis reporting and third-party service delay outside of our control. HealthAssure does not provide medical advice and services offered must not be considered as a substitute for professional medical advice, diagnosis or treatment. Do not disregard, delay or avoid obtaining medical advice from a qualified medical and health care professional. Please correlate clinically.
HealthAssure shall not be responsible in any manner for the authenticity of the personal information or sensitive personal data or information supplied by the User to HealthAssure or any other person acting on behalf of HealthAssure.
TheUser is responsible for maintaining the confidentiality of the User's account access information and password and restricting any unauthorised access and use of Services through the Website.The User shall be responsible for all uses of the User's account and password, whether or not authorized by the User. The User shall immediately notify HealthAssure of any actual or suspected unauthorized use of the User's account or password.
If a User provides any information that is false, inaccurate, not current or incomplete (or becomes false, inaccurate, not current or incomplete), or HealthAssure has reasonable grounds to suspect that such information is false, inaccurate, not current or incomplete, HealthAssure has the right to suspend or terminate such account at its sole discretion.
Users do hereby authorise HealthAssure and its officials to collect the electronic copy of the report from the Diagnostic centre/ Labs and provide the same to the Users.
HealthAssure reserves the right to reschedule or cancel an appointment without any prior notice. The time provided for consultation or conducting testis indicative and actual time for availing the Services may change depending on the availability of the phlebotomists. The user/customer can reschedule or cancel the service.
In case of cancellation or non-confirmation of the appointment by HealthAssure due to any reason, the user/customer may ask for rescheduling the appointment within 15 (fifteen) days and if user/customer fails to reschedule the appointment with 15 (fifteen) days then such user/customer will not be entitled for any refund or cancellation of the payment as may be made to HealthAssure.
No refund will be given after 15 (fifteen) days from the day the payment is made to the company. However, in case a written request for refund reaches the company within 15 (fifteen) days, the entire amount paid (without interest - subject to a deduction of INR 150/- (Indian Rupees One Hundred and Fifty) towards administrative charges) will be credited for any further purchase of similar or exceeding amount within a maximum of 30 (thirty)days from date of cancellation.
The stated amount due for refund shall be processed within 15 (fifteen) business working days from the date of the cancellation, subject to all terms and conditions being met successfully. In case of cash payment, the money will be transferred through Bank a/c NEFT or Cheque.
HealthAssure shall not be responsible in any manner for any inconvenience or loss caused to the user as a result of such rescheduling or cancellation. Further HealthAssure reserves the right to refuse Service at any time without providing any reasons.