VRH Healthcare Logo

Privacy Policy for VRH Healthcare Services Pvt. Ltd.

Last Updated: June 1, 2025

Introduction

VRH Healthcare Services Pvt. Ltd. ("VRH Healthcare", "we", "us", or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your data when you engage with our services, including our website, mobile applications, and other platforms facilitating medical tourism and healthcare services for international patients. This policy is governed by Indian laws, including the Information Technology Act, 2000 (IT Act) and the Digital Personal Data Protection Act, 2023 (DPDPA), and applies to all users worldwide accessing our services.

We aim to ensure transparency in our data practices and compliance with applicable Indian legal requirements. This policy is written in simple English to ensure clarity for all users, including those for whom English may not be the first language.

Scope of This Privacy Policy

This Privacy Policy applies to all individuals who interact with VRH Healthcare Services Pvt. Ltd., including but not limited to website visitors, patients, and other users accessing our services globally. The policy is governed by and interpreted in accordance with the laws of India, specifically theInformation Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (IT Rules), and the Digital Personal Data Protection Act, 2023 (DPDPA). Regardless of where you are located, by using our services, you consent to the collection, use, and disclosure of your personal data as outlined in this policy, subject to Indian law.

This policy does not cover practices of third-party websites or services linked to our platform that we do not own or control. We encourage you to review the privacy policies of those third parties.

Data We Collect

We collect only the data necessary to provide our medical tourism and healthcare facilitation services. The types of data collected are as follows:

Personal Data

  • Identification Information: Full name, date of birth, gender, nationality, and passport details (if required for travel or treatment).
  • Contact Information: Email address, phone number, mailing address, and emergency contact details.
  • Medical Information: Medical history, current health conditions, treatment preferences, and other health-related details necessary for coordinating medical services, such as appointments or hospital admissions.
  • Booking and Payment Information: Details related to service bookings, travel arrangements, and payment records (excluding sensitive payment details like credit card numbers, which secure third-party payment processors handle).

Cookies and Analytics Data

  • Cookies: We use cookies and similar tracking technologies to enhance your experience on our website and applications. Cookies help us understand user behavior, improve website functionality, and personalize content.
  • Analytics Data: We collect anonymized data, such as IP addresses, browser types, device information, and pages visited, to analyze website performance and user engagement.
  • Purpose of Cookies: Cookies are used for session management, site navigation, and analytics to improve our services.
  • Opt-Out Options: You can manage cookie preferences through your browser settings or by contacting us (see "Contact Us" section). You may opt out of non-essential cookies, but this may affect the functionality of our services.

Purpose of Data Collection

We collect and process your personal data for the following purposes, in compliance with Indian legal obligations:

  • Service Coordination: To facilitate medical tourism services, including arranging consultations, hospital admissions, travel, and accommodation for international patients.
  • Appointment Scheduling: To book and manage appointments with healthcare providers, including doctors and hospitals in India.
  • Communication: To respond to inquiries, provide updates on treatment plans, and send service-related notifications.
  • Legal Compliance: To comply with applicable Indian laws, regulations, and reporting requirements, including those under the IT Act and DPDPA.
  • Website Improvement: To analyze user behavior and improve our website, applications, and services through anonymized analytics data.
  • Security: To protect our systems and your data from unauthorized access or fraudulent activities.

Data Disclosure

We prioritize the confidentiality of your personal data and do not sell or unlawfully share your information with third parties. Your data may be disclosed only in the following circumstances:

  • Indian Partner Hospitals and Doctors: We share your personal and medical information with verified hospitals, clinics, and doctors in India as necessary to provide the requested medical services. These partners are bound by strict confidentiality agreements and comply with Indian data protection laws.
  • Legal Obligations: We may disclose your data to comply with legal or regulatory requirements, such as court orders or government investigations, in accordance with Indian law.
  • Service Providers: We may engage trusted service providers (e.g., payment processors, IT service providers) who process data on our behalf under strict data protection agreements.
  • No Unlawful Third-party Sales: We do not sell or share your personal data with third parties for marketing or other unlawful purposes.

User Rights

Under Indian law, including the IT Act and DPDPA, you have certain rights regarding your personal data:

  • Right to Access: You have the right to request access to the personal data we hold about you.
  • Right to Correction: You may request corrections to inaccurate or incomplete data.
  • Right to Withdrawal of Consent: You may withdraw your consent for data processing at any time by contacting us (see "Contact Us" section). Note that withdrawal may limit our ability to provide certain services.
  • Right to Erasure: You may request the deletion of your data, subject to legal retention obligations.
  • Right to Data Portability: Where applicable, you may request a copy of your data in a structured, commonly used format.

To exercise these rights, please contact our Grievance Officer (details below). We will respond to requests within a reasonable timeframe, as required by Indian law.

Data Security

We implement robust security measures to protect your personal data in accordance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011:

  • Encryption: Sensitive data, such as medical information, is encrypted during transmission and storage.
  • Access Controls: Access to your data is restricted to authorized personnel only, who are trained in data protection protocols.
  • Regular Audits: We conduct periodic security audits to ensure compliance with Indian data protection standards.
  • Breach Notification: In the unlikely event of a data breach, we will notify affected users and relevant authorities as required by the DPDPA and IT Rules.

Despite these measures, no system is completely secure. We strive to protect your data but cannot guarantee absolute security.

Grievance Officer

As required by Indian law, we have appointed a Grievance Officer to address your concerns regarding data privacy:

Name: Dr. Asif Iqbal Khan
Email: iqbalasifpat@gmail.com
Address: VRH Healthcare Services Pvt. Ltd., G-53, Second Floor, Noida Sarita Vihar Road, Shaheen Bagh, Okhla, New Delhi – 110025
Response Time: We will respond to grievances within 30 days, as per Indian legal requirements.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by Indian law. For example:

  • Medical and booking data may be retained for the duration of your treatment and follow-up, or as required by healthcare regulations.
  • Analytics data is retained in anonymized form for statistical purposes.

Upon request or at the end of the retention period, data is securely deleted or anonymized.

International Data Transfers

As a medical tourism company, we serve users worldwide. Your data may be processed in India, where our servers and operations are based. We ensure that all data processing complies with Indian data protection laws, regardless of your location. For users in jurisdictions with specific data protection laws (e.g., the EU), we take steps to ensure compliance with Indian laws, but this policy does not incorporate GDPR-specific clauses unless explicitly required for EU patients.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze usage trends. You can control cookies through your browser settings or by contacting us. Disabling cookies may limit certain features of our services. For more details, see the "Cookies and Analytics Data" section above.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. The updated policy will be posted on our website with the "Last Updated" date. We encourage you to review this policy regularly.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact our Grievance Officer:
Email: iqbalasifpat@gmail.com
Address: VRH Healthcare Services Pvt. Ltd., G-53, Second Floor, Noida Sarita Vihar Road, Shaheen Bagh, Okhla, New Delhi – 110025
We are committed to resolving your concerns promptly and in compliance with Indian law.