Privacy Policy

Sri Maha Clinic Privacy Policy

At Sri Maha Clinic Pharmacy Private Limited ("Sri Maha Clinic" or "we"), we are committed to protecting your personal information. This Privacy Notice explains the types of personal data we collect from you when you use our website (including sub-domains and microsites) or mobile applications. It outlines why we collect this information, who we may share it with, and the steps we take to ensure its security. Additionally, it informs you about your rights regarding your personal data and the choices available to you. It also explains how you can reach us to discuss our privacy practices.We encourage you to carefully review this Privacy Notice before accessing or using any of our products or services.

1. General Terms

By accessing or using the Platform or Services, or by providing us with your information, you confirm that you have the legal capacity to enter into a binding contract under Indian law, specifically the Indian Contract Act, 1872. You acknowledge that you have read, understood, and agreed to the practices and policies outlined in this Privacy Policy and agree to be bound by its terms.

You consent to our collection, use, sharing, and disclosure of your information as described in this Privacy Policy. We reserve the right to change, modify, add, or remove portions of this Privacy Policy at our discretion, at any time. Continued use of the App, Services, or Platform following any amendments will be considered your implicit acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically to stay informed of any changes.

If you are accessing or using the Services on the App or the Site from a location outside of India, you do so at your own risk and are solely responsible for complying with any applicable local laws.

If you do not agree with any terms or conditions of this Privacy Policy, please refrain from using the Site, App, or any Services. This Privacy Policy may change at any time without prior notice, so we recommend that you check this policy regularly on the Site or App to remain informed of any updates.

2. What Information Do We Collect About You?

We collect different types of information to provide and improve our services, including:

Personal Details: This encompasses your age, gender, date of birth, marital status, nationality, government ID details, occupation, ethnicity, religion, travel history, and any other information you provide through surveys or questionnaires.
Health and Medical Information: This includes prescription details, medical history, and any other health-related data necessary for providing our services.
Technical Data: Information about your device, IP address, browser type, and usage patterns when you interact with our website or mobile apps.
Transaction Information: Details of your purchases, orders, and payment history.
Location Data: If you allow us, we may collect location information to improve our services, such as finding nearby pharmacies or delivery options.
"Payment and Transaction Data: We collect data related to your payment methods, transaction history, preferences, spending patterns, and other financial details like payment instruments and modes of payment.
Customer Reviews and Opinions: We collect your reviews, opinions, and feedback about our products, services, and programs.
Rewards and Membership Information: This includes your membership details, account information, profile or password data, and any affiliations with frequent flyer or travel partner programs.

We collect this information to enhance your experience and ensure the proper functioning of our services.

3. How We Use The Information We Collect

We use the information we collect in various ways to provide our Services on the App and the Site and to operate our business, including:

Fulfillment of Requests: To carry out our obligations arising from your requests for products and Services on the Platform.
Platform Improvement: To operate and enhance the Platform, fostering a positive user experience and improving our overall business.
Order Processing: To process and deliver your orders.
Access Enablement: To grant you access to our Site or App for purchasing products and receiving Services.
Consultation Facilitation: To enable you to initiate consultations with Medical Practitioners or facilitate diagnostic tests.
Data Analysis: To analyze data, track trends, build algorithms, and create databases for rating systems and recommendation engines.
Research and Development: For growth and development of our business and that of our group entities, including expanding our network of consulting RMPs doctors and partners.
Customer Service: To respond to your requests, customize your orders, improve our Platform, and communicate with you.
Compliance and Auditing: For non-targeting purposes such as frequency capping, compliance, billing, ad reporting, market research, product development, and to comply with applicable laws.
Quality Assurance: To conduct audits and quality assessment procedures.
Resource Analysis: To analyze the use of our resources, troubleshoot problems, and improve our Products and Services, utilizing information regarding your mobile device and software.
User Communication: To contact users, both during and after an order, for updates, query resolution, order details, consultations, follow-ups, or to offer new products and Services.
Fraud Prevention: To investigate, prevent, or take action regarding illegal activities, suspected fraud, threats to safety, violations of our Terms, or as required by law.
User Queries: To respond to your queries and communicate information, including promotions, updates to the Site, or future fees for purchasing products or Services.
Feedback Collection: To contact you via SMS, email, and phone calls for your valuable feedback on our current and potential products and Services.
Abandoned Carts: If you add products to your cart but do not complete the checkout process, we may contact you via SMS, email, or phone to assist you in completing your order.
Cookie Usage: We may use cookies and automatically collected information to (i) personalize our services, such as remembering your information for future visits; (ii) provide customized advertisements, content, and information; (iii) monitor and analyze the effectiveness of our Services and third-party marketing; (iv) track aggregate site usage metrics; and (v) manage your entries and submissions in promotions or other activities.
Fraud Detection: We may access or store your information as necessary to detect, prevent, or address fraud and illegal activities or to protect the rights and safety of the Platform and others.
Location Information: We may use information about your location to confirm you are in a jurisdiction where the Service is offered and to identify appropriate Medical Practitioners.
De-identified Information: We may collect, analyze, use, publish, and sell de-identified information, which may include components of your personal or sensitive information, for any lawful business purpose, including research and marketing.

Disclosure Of Your Information

Information about you and other users of the Platform is a vital part of our business. We share personal information only as described below, ensuring that any third party has implemented adequate data protection measures and adheres to practices at least as protective as those outlined in this Privacy Policy. By using the Site or the App, you accept these terms and consent to the storage and processing of your personal information and sensitive personal data (SPDI) by third parties.

We have arrangements with various third parties, including affiliates, service providers, retailers, retail pharmacies, payment gateways, and logistics partners, who may have access to your personal information and SPDI. However, they are prohibited from disclosing this information to any other individual or entity. Some of these third parties include:

Retail Partners: Your personal information or SPDI may be shared with affiliated retailers and retail pharmacies that fulfill your orders and with Medical Practitioners. These retailers operate on the Platform or sell medicines and wellness products through the Site or the App. You will be informed when a third party is involved in your transactions, and we will share relevant customer information with them.
Third-Party Service Providers: Your personal information or SPDI may also be shared with third-party service providers, such as diagnostic service providers (including labs and collection agents), retailers, and logistics providers, to fulfill services and deliver your orders. This includes processing orders, facilitating diagnostic tests, delivering packages, sending newsletters and emails, analyzing data, and providing customer service. These service providers may collect personal information necessary for their functions and must process this information according to this Privacy Policy and applicable laws. Please note that we are not responsible for the actions or omissions of these third parties, but we will assist you in resolving any issues that may arise with them.
Legal Obligations: We may release account and other personal information when we believe it is appropriate to comply with applicable laws. This may include conforming to legal requirements, protecting rights or property, preventing crimes, or ensuring the safety of our users or the public. We may also disclose your personal information to enforce our Terms and agreements or protect our rights and those of others.
Mergers, Amalgamations, or Transfers: In the event of a merger, acquisition, or transfer of our assets, the third party involved will have the right to continue using your information (including SPDI) in accordance with this Privacy Policy. We may also share information with partners, affiliates, or potential associates in an anonymized and aggregated manner for understanding user interactions and enhancing the overall experience.
Business Improvement: You acknowledge that we have the right to use recorded copies of your telephone conversations, e-prescriptions with Medical Practitioners, and diagnostic test reports to improve our services, marketing efforts, and customer experience. These uses help us tailor our Site, App, and Services to better meet your needs. We may transfer such personal information and SPDI to third parties, including those outside India, while taking reasonable steps to ensure compliance with applicable data protection laws.

5. Transfer To Third Parties And Outside India

Subject to applicable laws, we may, at our discretion, transfer personal information and SPDI to any corporate entity (as defined under the Information Technology Act, 2000) that provides at least the same level of data protection as we do, whether located in India or elsewhere.

By using the Site and the App, you consent to our sharing and processing of your personal information and SPDI by third parties, including in locations outside India, provided that they maintain protection standards comparable to those in India or equivalent international standards.

6. Protecting Your Information

We implement electronic, physical, and procedural safeguards to protect the collection, storage, and disclosure of personal information, including sensitive personal data (SPDI). As part of our security procedures, we may occasionally request proof of identity before disclosing any personal information to you. To safeguard your information during transmission, we utilize Secure Sockets Layer (SSL) software, which encrypts the data you input. We also adhere to international standards for information security management systems.

Access to personal information is restricted to our employees and agents who require it to process information on our behalf. These individuals are bound by strict confidentiality obligations and may face disciplinary action, including termination, for failing to comply with these requirements.

No employee or administrator will have knowledge of your account password. It is essential for you to protect your account from unauthorized access by securing your password and mobile phone, as outlined in the ‘User Account, Password and Security’ section of the Terms. Please remember to log off from the Site or the App after use. We are not liable for any unauthorized use of your account or password.

If you suspect any unauthorized access to your account, you must notify us immediately by sending an email to the contact details provided in the contact section. You agree to indemnify us for any losses incurred due to unauthorized use of your account or password

In certain circumstances, we may not be able to obtain your prior consent before disclosing your information if it is requested by government agencies or required by law during investigations of cyber incidents or criminal prosecutions.

Furthermore, we are not responsible for any security breaches or actions taken by third parties, or for events beyond our reasonable control, including government actions, hacking, unauthorized access to data, computer crashes, or poor-quality internet and phone services.

7. Your Data Access Options

Through the Platform, you have the ability to access various details related to your account and interactions. This includes viewing your personal information and, where applicable, updating, modifying, or deleting data that you’ve provided. You can correct any inaccurate or incomplete personal details, including sensitive personal data, whenever feasible. Additionally, you can choose to opt-out of optional services, such as receiving promotional emails or offers. If you wish to opt-in to these services during sign-up, you will be given the opportunity to do so.

8. Is The Platform Accessible To Children?

The Platform is only accessible to individuals who can legally form a binding contract under the Indian Contract Act, 1872. If you are under 18 years of age, you are not permitted to use or access our services. If we become aware that anyone under 18 has registered, used the platform, or provided personally identifiable information, we will take steps to delete this information from our systems. Parents or guardians who discover that their child under 18 has gained unauthorized access can contact us at care@srimahaclinic.com to request the deletion of the child's personal data.

9. Third-party Links

The Platform may contain hyperlinks to external websites, services, advertisements, or other content (“Third-Party Links”) operated by entities not associated with us. We do not control or endorse the practices or content of these third-party platforms. You acknowledge that we are not responsible for the collection, use, or disclosure of your information by these third parties.

Interactions or transactions between you and these third parties are solely your responsibility. We cannot be held liable for any loss, damage, or disputes that arise from such engagements. Additionally, we encourage you to review the privacy policies and terms of these third-party platforms before sharing any personal data, ensuring you make informed decisions when interacting with their services.

10. Data Retention

Sri Maha Clinic retains your data for as long as it is necessary to deliver our products and services, maintain access to our website or mobile application, or fulfill other important purposes such as complying with legal obligations, resolving disputes, and enforcing agreements. The duration for which we retain your data may vary depending on the type of data and its intended use, as well as the applicable legal requirements. Retention periods are therefore subject to variation based on these factors.

Even if you request deletion of your data, or if we delete it as part of routine processes, some of your information may still be preserved on backup or archival systems for purposes such as audits, legal compliance, tax requirements, or regulatory needs.

11. Data Storage Location

Data collected under this Privacy Notice is stored on servers located within India.

12. Data Processing

We ensure that the data collected under this Privacy Notice is processed in accordance with both its terms and applicable legal requirements. To provide adequate protection for your data, we have established appropriate written agreements with Sri Maha Clinic Entities, Partners, and Service Providers with whom we share your information. These agreements ensure that your data is handled by these parties in compliance with applicable law.

13. App Permissions That We Capture

During onboarding, we request the following app permissions to enhance your experience:

Location: We recommend allowing location sharing to "Always" so we can provide location-specific data, such as product availability. You can change this setting anytime.
Camera: To let you take a photo of prescriptions and upload them directly to the app.
Photos Media Files: Required to store and retrieve your uploads, such as prescriptions, on your device.
SMS: Supports automatic OTP confirmation, so you don't have to manually enter the authentication code.
Receive SMS: Allows us to send payment-related SMS notifications through our payment partner JustPay.
Access Wi-Fi State: Helps optimize your experience based on Wi-Fi strength, particularly for video consultations.
Record Audio: Enables voice input during video consultations with doctors.
Bluetooth: Used for connecting to Bluetooth headsets during video consultations.

14. Severability

If any court or competent authority determines that any provision of this Privacy Notice, or part thereof, is invalid, illegal, or unenforceable, that provision (or part) will be considered removed to the extent necessary, without affecting the validity of the remaining provisions

15. Updates To This Privacy Notice

As our business evolves, this Privacy Notice may be updated periodically. We may send email reminders about such updates unless you've opted out. However, we encourage you to frequently review our website and mobile application to stay informed of any changes. Any updates will be effective as soon as they are posted. By continuing to use our website, mobile application, or services following these updates, you agree to the revised terms of the Privacy Notice.

16. Contact Us

To request to access, review, update, or withdraw your consent for your personal information or to otherwise reach us, please submit a request by e-mailing us at care@srimahaclinic.com. You may contact us for information on Service Providers, Partners with whom we may share your Data in compliance with this Privacy Notice and applicable law. We will respond to your request within 30 days.

17. Grievance Officer

Please see below the details of our grievance officer:

Name: Mr. N. Balaji
Email: support@srimahaclinic.com
Address: 112, Bharath Flats, Radha Nagar Main Road, Chromepet, Chennai-600 044, Tamil Nadu, India
Mobile Number: 9047660909