The Information Technology Act, 2000 – Section 43A.
The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011.
We collect your personal information in order to provide and simultaneously improve our products and services. All partner firms and any third party working with or for us, and who have access to personal information, will be expected to read and comply with this policy. No third party may access or process sensitive personal information held by us without having first entered into a confidentiality agreement.
We may also share your information with:
Healthcare professionals involved in your treatment
Third-party service providers (billing, IT support, etc.)
Government authorities as required by law
We collect your personal information directly from you, from third parties, from our partners, automatically via our website, and through business interaction. The data we collect depends on the context of your interactions with us. This personal information may relate to the type of device you are using, the time you have logged onto our website, your IP address and other information as listed in Clause 4 below.
We may collect personal information, including but not limited to:
Patient information such as name, number, mail ID, address, date of birth/age, etc.)
Personal medical history and records
Physical, physiological and mental health condition, provided by you and/or your health care professional
Valid billing and payment details
Patient/Caregiver/Doctor/Health Care Professional Name
Login ID and password
User details as provided at the time of registration or thereafter
Records of interaction with MASSH representatives
Your usage details such as time, frequency, duration and pattern of use, features used and the amount of storage used
Master and transaction data and other data stored in your user account
Any other information that is willingly shared by you (collectively referred to as “Personal Information”)
Sexual orientation, Transgender Status, Intersex Status
Caste or Tribe
Religious or political belief or affiliation
When you visit our site, some information is automatically collected. This is also called website usage information.
Operating Systems (OS) running on your device
Internet Protocol (IP) address
Website you visited before our website
How you use our products and services
We automatically collect purchase or content use history, which we sometimes aggregate with similar information from other customers to create features such as Best Seller, Top Rated, etc.
We collect the full Uniform Resource Locators (URL) clickstream to, through, and from our website (including date and time); cookie number; products and/or content you viewed or searched for; page response times; download errors; length of visits to certain pages; page interaction information (such as scrolling, clicks, and mouse-overs).
By using this website, you are agreeing that we may advertise your feedback on the website and marketing materials.
We will retain your information as long as we require this to provide you with the goods and services and for such a period as mandated by the concerned laws.
If you opt to receive marketing correspondence from us, subscribe to our mailing list or newsletters, enter into any of our competitions or provide us with your details at networking events, we may use your personal data for our legitimate interests in order to provide you with details about our goods, services, business updates, and events.
We use the collected information of our users for purposes including, but not limited to:
Providing effective medical services and treatment
Billing and processing payments
Appointment scheduling and reminders
Improving and customising our services
Complying with legal obligations
Performing studies, research and analysis for improving our information, data interpretation, services and technologies
Ensuring that the content displayed on our website is customised to your interests and preferences
Contacting you via phone, SMS, WhatsApp or email for appointments, technical issues, payment reminders, deals and offers and other announcements
Sending promotional mails & messages from us or any of our channel partners via SMS, WhatsApp, email
Advertising products and services of MASSH and third parties
Transferring information about you if we are acquired by or merged with another company
Sharing with our business partners for provision of specific services you have ordered so as to enable them to provide effective services to you
Administering or otherwise carrying out our obligations in relation to any agreement you have with us
Building your profile on the website
Responding to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims
Aggregating personal information for research, statistical analysis and business intelligence purposes, and to sell or otherwise transfer such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates, (referred to as “Purpose(s)”)
Using the information we collect primarily to provide, maintain, protect and improve our current products and services
Improving our services, site, and how we operate our businesses
Understanding and enhancing your experience using our site, products, and services
Personalising our products or services and make recommendations
Providing and delivering products and services you request
Processing, managing, completing, and accounting for transactions
Providing customer support and responding to your requests, comments, and inquiries
Creating and managing the online accounts you manage on our website
Sending you related information, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages
Communicating with you about promotions, upcoming events, and news about products and services
Protecting, investigating and detering fraudulent, unauthorised, or illegal activity
We share your data with your consent or to complete any transaction or provide any product or service you have requested or authorised. We also share data with our affiliates and subsidiaries, with vendors working on our behalf. However, we may process your personal information without your knowledge or consent where required by applicable law or regulation for the purposes of verification of identity or for prevention, detection, or investigation, including of cyber incidents, prosecution, and punishment of offences.
We may employ other companies and individuals to perform functions on our behalf. The functions include fulfilling orders for products or services, delivering packages, sending postal mail and e-mail, removing repetitive information from customer lists, providing marketing assistance, providing search results and links (including paid listings and links), processing payments, transmitting content, scoring credit risk, and providing customer service.
We release accounts and other personal information when we believe it is appropriate to comply with the law, enforce or apply our conditions of use, and other agreements, and protect the rights, property, or safety of us, our users, or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction.
Keeping track of items stored in your shopping basket.
Conducting research and diagnostics to improve the content, products, and services.
Preventing fraudulent activity.
Our cookies allow you to take advantage of some of our essential features. For instance, if you block or otherwise reject our cookies, you will not be able to add items to your shopping basket, proceed to checkout, or use any products or services that require you to sign in.
Approved third parties also may set cookies when you interact with our services.
Third parties include search engines, providers of measurement and analytics services, social media networks, and advertising companies.
You can prevent the storage of cookies by choosing a "disable cookies" option in your browser settings. But this can limit the functionality of our services.
The security of your personal information is important to us. We implement security measures to protect your personal information, including encryption, access controls, and regular security audits.
We take due care to protect customer data. Technical measures are in place to prevent unauthorised or unlawful access to data and against accidental loss or destruction of, or damage to, data. The employees who are dealing with the data have been trained to protect the data from any illegal or unauthorised usage.
We work to protect the security of your information during transmission by using Secure Sockets Locker (SSL) software, which encrypts information you input. SSL allows sensitive information such as credit card numbers, UID, and login credentials to be transmitted securely.
We follow the Payment Card Industry Data Security Standard (PCI DSS) when handling branded credit cards from the major card schemes.
We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of personal customer information.
We take reasonable steps to help protect your personal information in an effort to prevent loss, misuse, unauthorised access, disclosure alteration, and destruction. It is your responsibility to protect your usernames and passwords to help prevent anyone from accessing or abusing your accounts and services. You should not use or reuse the same passwords you use with other accounts as your password for our services.
It is important for you to protect against unauthorised access to your password and your computers, devices, and applications. Be sure to sign off when you finish using a shared computer.
Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees, agents, contractors, and other third parties that have a legitimate business need for such access.
Information collected from you will be stored for such period as required to complete the transaction entered into with you or such period as mandated under the applicable laws.
While we endeavour to take all reasonable steps to keep any information secure, you acknowledge that the internet is not 100% secure and that we cannot provide any absolute assurance regarding the security of your personal information. We will not be liable for any breach of security or unintended loss or disclosure of information caused by us in relation to your personal information.
If you are under 18, or the age of minority in the jurisdiction in which you reside, you may only use our website with the consent of your parent or legal guardian. In any case, we will not be liable for any cause of action that arose due to non-compliance with this section.
You have the right to access, correct, or delete your personal information. If you have concerns about the accuracy of your information, please contact us.