In order to have access to all the features, benefits and services on or through our Platform. A User is required to create an account on Our Platform in order to avail Service(s) of the Platform. To create an account, a User is required to provide the following information, which such User recognizes and expressly acknowledges is personal information allowing others, including Us, to identify the User: name, username/log-in particulars, gender, country, address, ZIP/postal code, age, email, and phone number. In addition, at the time of a registered User availing of the Services on or through the Platform, the User is required to provide certain sensitive personal information which includes its bank account or card details for undertaking transactions on the Platform for availing the Services. Further, in respect of the Users availing services of any Doctor/ Practitioner enlisted on our Platform, such Users may be additionally asked to provide the details about previous medical history, medical and health records and prescriptions for the medications that have been issued to such User by any registered medical practitioner/ Doctor.
- “Doctor/ Practitioner” shall mean a ‘registered medical practitioner’ with the Medical Council of India or concerned State Medical Council who are registered with or on the Platform.
- “Personal Information” shall have the same meaning as given in Rule 2(1)(i) of the SPI Rules.
- “Intermediaries Guidelines” shall mean the Information Technology (Intermediaries Guidelines) Rules, 2011.
- “SPI Rules” means the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
- “Sensitive Personal Data or Information” shall have the same meaning as given in Rule 3 of the SPI Rules which will also include and the health and medical data submitted/ provided on the Platform by the Doctor/ Practitioner relating to any concerned person in respect of which the Doctor/ Practitioner has obtained prior consent of such concerned person for collecting, storing and transmitting such health and medical data with the third parties.
- “Platform” shall collectively mean ‘Website (www.medtrail.in)’, ‘WebPortal (arya.io)’, ‘Mobile Application’ (MedTrail and Myhealthbook) collectively and severally.
- “We”, “Our”, “Company”, “MedTrail” and “Us” shall mean and refer to MedTrail Technologies Private Limited.
- “You”, “Your”, “Yourself” and “User” shall mean and refer to all natural persons and legal entities/ companies through their authorised representatives who visit access or use the Platform/ Medtrail’s Services and also. include individuals who avail services of any registered medical practitioner/ hospital/ clinics (registered with Medtrail in accordance with the Terms of Service) and submits their information and details to such registered medical practitioner/ hospital/ clinics (registered with Medtrail in accordance with the Terms of Service).
- “Services” shall mean the healthcare system and facilitation services provided on or through the Platform or any hardware provided by MedTrail and contextual information transmitted to/ received from Users via various communication channels including but not limited to SMS, WhatsApp.
- “User Information” shall mean, collectively, all information that a User submits/ provides/ publishes on the Platform so as to enable or use the Services and includes Personal Information, Sensitive Personal Data or Information.
- “Website” shall mean and refer to www.medtrail.in, the “Application” shall refer to MedTrail app and ‘Myhealthbook’ available on Android Play Store or iOS App Store and “Web Portal” shall refer to arya.io.
- “Terms of Service” shall mean the terms and conditions of Platform for its use, access and/ or availing of the Services as provided on the Platform and which can be accessed at this link.
- Section 43A of the Information Technology Act, 2000;
- Regulation 4 of the SPI Rules; and
- Regulation 3(1) of the Intermediaries Guidelines.
- The type of information collected from the Users, including Sensitive Personal Data or Information;
- The purpose, means and modes of usage of such information; and
- How and to whom we will disclose such information
- This document is an electronic record in terms of Information Technology Act, 2000 and rules there under as applicable and the amended provisions pertaining to electronic records in various statutes as amended by the Information Technology Act, 2000. This electronic record is generated by a computer system and does not require any physical or digital signatures. Further, this document is published in accordance with the provisions of the SPI Rules and Intermediaries Guidelines.
- The terms “Party” and “Parties” shall respectively be used to refer to the User and the Company individually and collectively, as the context so requires.
4. Collection and handling of personal information
Privacy of the Parties is of prime importance to MedTrail and all services are strictly designed within the jurisdiction of laws defined by the Government of India.
Generally, the Services require us to know who you are so that we can best meet your needs. When you access the Services, we may ask you to voluntarily provide us with certain information that personally identifies you or could be used to personally identify you. Without prejudice to the generality of the above, information collected by us from you may include (but is not limited to) the following:
- Contact data (such as your email address and phone number);
- Username and passwords;
- Demographic data (such as your gender, age, your date of birth and your pin code);
- Data regarding your usage of the Services and history of the appointments and other transactions made by or with you through the use of Services;
- Health or medical data (such as your past medical history and conditions which shall include past and present diseases, allergies, previous treatments, diagnostic reports, prescriptions and medication history, or other information uploaded/published by the User voluntarily on MedTrail);
- Location information, including Your GPS location;
- Any other information that you voluntarily choose to provide to us (such as information shared by you with us through emails or letters, your work details, your family details).
The information collected from you by MedTrail shall constitute ‘Personal Information’ or ‘Sensitive Personal Data Information’ under the SPI Rules.
“Personal Information” is defined under the SPI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available to a body corporate, is capable of identifying such a person.
The SPI Rules further define “Sensitive Personal Data or Information” of a person to mean Personal Information about that person relating to:
- financial information such as bank accounts, credit and debit card details or other payment instrument details;
- physical, physiological and mental health condition;
- sexual orientation;
- medical records and history;
- biometric information;
- information received by body corporate under lawful contract or otherwise;
- visitor details as provided at the time of registration or thereafter; and
- call data records.
5. Privacy Statements
- The User expressly agrees and acknowledges:
- Information that is freely available in the public domain or accessible under the Right to Information Act, 2005 or any other law will not be considered as ‘Personal Information’ or ‘Sensitive Personal Data or Information’.
- About awareness that the Company shall automatically track information about the User based on the User’s IP address and the User’s behaviour on MedTrail, and the User expressly consents to the same. The User is aware and consents that this information may be used for market research, product development and also to do internal research on user demographics, interests, and behaviour, to enable the Company to better understand, and cater to the interests of the Users. Further, the User is expressly made aware that such information may include the User’s computer & web browser information, the User’s IP address, mobile device details etc. The linkage between User’s IP address and User’s personally identifiable information is not shared with or disclosed to third parties. Notwithstanding the above, MedTrail may share and/or disclose some of the aggregate findings (not the specific data) in anonymized form (i.e., non-personally identifiable) for market research and new feature development.
- About awareness that any and all information pertaining to the User collected by the Company, whether or not directly provided by the User to the Company, including but not limited to personal correspondence such as emails or letters or SMS or WhatsApp, feedback from other users or third parties regarding the User’s activities or postings on MedTrail, etc., may be collected and compiled by the Company into a file/folder specifically created for/allotted to the User, and the User hereby expressly consents to the same.
- About awareness that the contact information provided to the Company may be used to send the User offers and promotions, whether or not based on the User’s previous interests, and the User hereby expressly consents to receiving the same. The User may choose to unsubscribe from promotional communications by clicking on the ‘unsubscribe’ link provided at the end of every such promotional communication.
- About awareness that the Company may occasionally request the User to complete optional online surveys. These surveys may require the User to provide contact information and demographic information (like zip code, age, income bracket, sex, etc.). The User is aware that this information is used to improve/customise MedTrail for the benefit of the User, and providing all users of MedTrail with services that the Company believes they might be interested in availing of.
- About awareness that the Company may keep records of electronic communications and telephone calls received and made for support or other purposes for the purpose of administration of Services, customer support, research and development and for better assistance to Users.
- About awareness that the Company may occasionally request the User to write reviews for services availed of by the User from the Website/Application/ Web Portal. The User is aware that such reviews will help potential users of MedTrail from availing of the Services, and the User hereby expressly authorizes the Company to publish any and all reviews written by the User on the Website/Application/Web Portal.
- Nothing contained herein shall be deemed to compel the Company to store, upload, publish, or display in any manner content/reviews/surveys/feedback submitted by the User, and the User hereby expressly authorizes the Company to remove from MedTrail any such content, review, survey, or feedback submitted by the User, without cause or being required to notify the User of the same.
- The User is responsible for ensuring that handwriting is legible and maintaining the accuracy of the information submitted to the Company. The User may correct, delete inaccuracies, or amend information by contacting the Company through email@example.com. The Company will make good faith efforts to make requested changes in the databases as soon as reasonably practicable. If the User provides any information that is untrue, inaccurate, out of date or incomplete (or becomes untrue, inaccurate, out of date or incomplete), or the Company has reasonable grounds to suspect that the information provided by the User is untrue, inaccurate, out of date or incomplete, the Company may, at its sole discretion, discontinue the provision of the Services to you as per the provisions laid down in the Terms. There may be circumstances where MedTrail will not correct, delete or update your Personal Data, including (a) where the Personal Data is opinion data that is kept solely for evaluative purpose; and (b) the Personal Data is in documents related to a prosecution if all proceedings relating to the prosecution have not been completed.
- If the User wishes to delete his/her account or request that the Company no longer uses the User’s Information to provide Services, the User may contact the Company on firstname.lastname@example.org. We shall not retain such information for longer than is required for the purposes for which the information may lawfully be used or is otherwise required under any other law for the time being in force. After a period of time, your data may be anonymized and aggregated, and then may be held by us as long as necessary for us to provide our Services effectively, but our use of the anonymized data will be solely for analytic purposes. Please note that your withdrawal of consent, or cancellation of account may result in MedTrail being unable to provide you with its Services or to terminate any existing relationship MedTrail may have with you.
- If you wish to opt-out of receiving non-essential communications such as promotional and marketing-related information regarding the Services, please send us an email at email@example.com.
- Practitioner’s note (this section is applicable to doctors/practitioners only)
- As part of the registration as well as the application creation and submission process that is available to Doctors/Practitioners on MedTrail, certain information, including Personal Information or Sensitive Personal Data or Information is collected from the Doctors/Practitioners.
- MedTrail automatically enables the listing of Doctor/Practitioners’ information on its Website for any ‘Doctor’ or ‘Clinic’ added to a practice using its software. The Doctor/Practitioner information listed on Website is displayed when Users search for doctors on Website, and the Doctor/Practitioner information listed on Website is used by Users to request for doctor appointments. Any personally identifiable information of the Practitioners listed on the Website is not generated by Us and is provided to Us by Doctors/Practitioners who wish to enlist themselves on the Website, or is collected by Us from the public domain. We display such information on its Website on an as-is basis making no representation or warranty on the accuracy or completeness of the information. As such, we strongly encourage Doctors/Practitioners to check the accuracy and completeness of their information from time to time, and inform us immediately of any discrepancies, changes or updates to such information. We will, however, take reasonable steps to ensure the accuracy and completeness of this information.
- The information and data collected by the Doctor/ Practitioner and provided/ submitted on the Platform also include the health or medical data of any concerned person (such as the past medical history and conditions which shall include past and present diseases, allergies, previous treatments, diagnostic reports, prescriptions and medication history, or other information). Such health and medical data of the concerned person qualify as Personal Information or Sensitive Personal Data or Information of such concerned person. It shall be duty of the Doctor/ Practitioner (i) to inform the concerned person prior to collecting and storing such health and medical data on the Platform about the capturing, storage and transmission of the health and medical data sharing of such health and medical data with third parties; and (ii) to obtain prior express consent of the concerned person in respect of such capturing, storage and transmission of the health and medical data and sharing of such health and medical data with third parties. The Doctor/ Practitioner shall ensure that such collection of the health and medical data of the concerned person and uploading of such health and medical data is not in violation of the ‘Telemedicine Guidelines’ as provided under the Indian Medical Council(Professional conduct, Etiquette and Ethics) Regulations, 2002.
6. Our use of your information
All the information provided to MedTrail by a User, including Personal Information or any Sensitive Personal Data or Information, is voluntary. Such information in its original form will never be shared with any third parties without an explicit consent from the User. You understand that MedTrail may use certain information of yours, which has been designated as Personal Information or ‘Sensitive Personal Data or Information’ under the SPI Rules for the following purposes:
- providing you the Services;
- taking product & Service feedback;
- for offering new products or services;
- for analysing software usage patterns for improving product design and utility;
- for providing the services of generating alerts/reminders/SMS for the medicines and also for internal record.
- for market research, statistical analysis and business intelligence purposes in an aggregated or non-personally identifiable form on commercial basis,
- debugging customer support related issues; and
- for communication purposes so as to provide You a better way of booking appointments and for obtaining feedback in relation to the Practitioners and their practice.
We may use your tracking information such as IP addresses, and or Device ID to help identify you and to gather broad demographic information.
The Users expressly agree and acknowledge that the Company collects and stores the User’s Personal Information and/or Sensitive Personal Information in a secure cloud based platform which is provided by the User from time to time on the Website/Application/ Web Portal or while using other Services. The User is aware that this information will be used by the Company to deliver its services and help customize/improve MedTrail experience safer and easier but no personally identifiable information will be shared with any third party under any circumstances without User’s explicit consent unless directed by the law.
7. Confidentiality and security
- Your information is regarded as confidential and therefore shall not be divulged to any third parties, unless legally required to do so to the appropriate authorities, or if necessary for providing the services of the Website/Application/ Web Portal.
- Your Personal Information/Sensitive Personal Data is maintained by Us in an electronic form on our equipment, and on the equipment of our employees. Such information may also be converted to physical form from time to time.
- People who can access your Personal Information
- User Information will be processed by our employees, authorised staff or agents, on a need to know basis, depending on the specific purposes for which the User Information has been collected by Us.
- Part of the functionality of the Company is assisting the doctors to maintain and organise such information. The Company may, therefore, retain and submit all such records to the appropriate authorities, or to doctors who request access to such information.
- Part of the functionality of the Company is assisting the patients, and other stakeholders (like doctors, dispensaries, customer care executives) to access information relating to them. The Company may, therefore, retain and submit all such records to the relevant patients, or the stakeholders.
- Security Practices: We treat data as an asset that must be protected against loss and unauthorised access. We employ many different security techniques to protect such data from unauthorized access by members inside and outside MedTrail Technologies Private Limited. We follow generally accepted industry standards to protect the User Information submitted to Us and information that We have accessed, including managerial, technical, operational and physical security control measures. The Users indemnifies MedTrail from any legal liabilities in case of any security breaches beyond the control of Our standard security procedures.
- Measures We expect you to take: It is important that you also play a role in keeping your User Information safe and secure. You are responsible for keeping your login details/ email/ username confidential and for any use of your account. If You use a shared or public computer, never choose to have your login details/email address/ username remembered and make sure to log out of your account every time you leave the computer.
- Unauthorised use of User’s account: We do not undertake any liability for any unauthorized use of your account and login details/ email address/ username. If you suspect any unauthorized use of your account, you must immediately notify Us by sending an email to firstname.lastname@example.org You shall be liable to indemnify Us due to any loss suffered by them due to such unauthorized use of your account and login details/ email address/ username.
- Notwithstanding the above, the Company is not responsible for the confidentiality, security or distribution of your Personal Information by third parties outside the scope of our agreement with such third parties. Further, the Company shall not be responsible for any breach of security or for any actions of any third parties or events that are beyond the reasonable control of the Company including but not limited to the, acts of government, computer hacking, unauthorised access to computer data and storage device, computer crashes, breach of security and encryption.
8. Background Mode
On mobile devices, some components of the MedTrail application will run in background mode to connect to MedTrail’s hardware and transfer data to the mobile device over Bluetooth. This is to ensure that data from MedTrail's hardware is synced to the mobile app, sent to MedTrail’s cloud and processed even while the application is in background mode.
9. Rentention of your personal data
In accordance with applicable laws, We will use the User Information for as long as necessary to satisfy the purposes for which such User Information was collected (as described in Section 4 above) or to comply with applicable legal requirements.
10. Your rights
You have the right to access, review and request a physical or electronic copy of information held about you. You also have the right to request information on the source of your Personal Information/Sensitive Personal Information.
11. Children's and minor's policy
We strongly encourage parents and guardians to supervise the online activities of their minor children and consider using parental control tools available from online services and software manufacturers to help provide a child-friendly online environment. These tools can also prevent minors from disclosing their name, address, and other personally identifiable information online without parental permission. Although the Company’s Platform are not intended for use by minors, We respect the privacy of minors who may inadvertently use the internet or the Platform.
12. Consent to this policy
We use data collection devices such as "Cookies" on certain pages of our Website/Applications/Web Portal. Cookies are small files sited on your hard drive that assist us in providing customized services. We also offer certain features that are only available through the use of a “Cookie”. Cookies can also help us provide information which is targeted to your interests. Cookies may be used to identify logged in or registered users.
If a User uses the Services after a notice of changes has been sent to such User or published on the Website/Application/Web Portal, such User hereby provides his/her/its consent to the changed terms.
15. Address for privacy questions
If you have any grievance with respect to our use of your information, you may communicate such grievance to the Data Protection Officer: