Digital Health Innovators Private Limited having its registered office #150/1, Infantry Road, Suite 1, Karnataka - 560001, Bangalore, (also referred to as “Company”, “our”, “us” or “we”) operates an online platform in the name and style of “DaytoDay” that enables its partner Hospitals to connect with their surgical Patients.
INFORMATION THAT WE COLLECT
Information that is collected as you use DaytoDay and the Services includes the following:
Your Personal Information: When you sign up and register with us through DaytoDay, we ask you for your Personal Information. “Personal Information” means information that would allow someone to identify or contact you, such as your first and last name, date of birth, e-mail address, and phone number. Further, we may ask for the name and contact details of the patient’s caregiver, if and when required. However, Personal Information does not include aggregated information that, by itself, does not permit the identification of individual persons and does not include Activity Information (defined in paragraph 3).
Your Sensitive Personal Information: In order for your Hospital to provide you the Services on DaytoDay, we collect the following sensitive personal information: (a) details such as your patient ID, Hospital Name, name and type of your scheduled surgical procedure, date of procedure, date of discharge, prescribed medications; (b) in the event you use any of our connected devices, we also collect and store details such as your blood pressure levels, glucose levels, BMI and other vital signs (“Sensitive Personal Information”).
HOW WE USE THE INFORMATION
We will use your name and patient ID number in order to synchronize your user account with your registered account/records of your concerned Hospital.
We use your name to customize messaging in the service.
Your date of birth is collected and will be used to support 2 (Two) factor authentication to verify your identity. We also your use date of birth to ensure that you are not below the age of 18 (eighteen) years.
Your email address and Phone number will be used to communicate the following:
A. a one-time registration code and instructions for registering your account;
B. any forgotten password(s) in order to help you access your User Account, upon a request; and
C. any other communication that we wish to send to you in relation to the Services made available on DaytoDay.
Details of your vital signs such as weight, blood pressure, BMI, glucose levels, and others, will be used solely to update your medical records and enable your Hospital to provide you the Services on DaytoDay.
In order to improve the quality of DaytoDay and/or the Services, we may ask you to provide us with information regarding your experiences on Day to Day on a periodic basis. Patients have the option of choosing not to provide us with this information;
We will use the information that we collect for the following purposes related to the Services:
A. To track your usage of the Services;
B. To improve the quality, features, and functionality of the Services;
C. To improve the security of the Services;
D. To back up our systems and allow for disaster recovery; and
LEGAL BASES FOR PROCESSING INFORMATION UNDER THE GDPR FOR USERS IN THE EUROPEAN UNION (EU)
The Company processes information of users in the EU in accordance with Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (“GDPR”). The GDPR governs how the Company may process your information and the rights that EU users have in relation to your information. This means that the Company will collect and use your information only where:
The collection and use of your information is justified because of a legitimate interest such as for improving DaytoDay and providing the Services (but only where our legitimate interest isn’t overridden by your interest in protecting your information);
We have obtained your consent for using your information in a certain way;
The collection and use of your information is necessary for compliance with our legal obligations;
You may withdraw your consent for using your information at any time. You can withdraw your consent by writing to email@example.com. Where we are using your information because of a legitimate interest to do so, you have the right to object to that use. However, if you do so, you may not be able to continue using the functionalities of DaytoDay and/or the Services.
DISCLOSURE OF THE INFORMATION
The Company does not sell, trade, or rent or disclose your Personal Information or your Sensitive Personal Information to any third party. However, the Company cannot completely ensure that such information will not be disclosed to third parties. For example, we may be legally obliged to disclose information to the government or third parties under certain circumstances, third parties may circumvent the Company’s security measures to unlawfully intercept or access transmissions or private communications, or an error may occur in the administration of DaytoDay. In the unlikely event that the Company needs to investigate or resolve possible problems or inquiries, we may, and you authorize the Company to, disclose any information about you to government officials as permitted by applicable law.
We reserve the right to disclose any Personal Information and/or Sensitive Personal Information as required by applicable law and when we believe, at our sole discretion that disclosure is necessary to protect our rights, protect someone from injury and/or to comply with a judicial proceeding, court order, or legal process served on DaytoDay.
If the Company becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, Personal Information and Sensitive Personal Information will be transferred to the new entity for the continued performance of Services.
CROSS-BORDER TRANSFERS OF INFORMATION (FOR USERS IN THE EU)
In the event we transfer information of users in the EU to a third party service provider located outside the EU and/or is not subject to an adequacy decision by the EU Commission, we will ensure that:
we obtain your prior consent for such transfer; and Such third party service providers have appropriate safeguards for your information by way of entering into a binding agreement that provides for the same.
On receiving a request to deactivate your User Account, the Company will deactivate your User Account and all Personal Information and Sensitive Personal Information, collected by us, if any, will be destroyed. Non-personal identifiable information of users may be retained indefinitely for analytics subject to the same being kept separate from other information including but not limited to unique identifiers, that, in combination with such non-personal identifiable information of the users, may render the same personally identifiable.
We keep database backups of your [Specify the type of information (i.e., Personal Information/Non-personal identifiable information)] for the purposes of recovering from an outage. On deactivation of your User Account, the backup records of your [Specify the type of information], will be deleted after 7 (Seven) days from the date of deactivation of your User Account.
RIGHTS IN RESPECT OF YOUR INFORMATION
You, as a user of Day to Day’s Services, will have the following rights with regards to your Personal Information and/or Sensitive Personal Information:
A. Request a copy of your personal information and/or sensitive personal information;
B. Request that we correct inaccuracies relating to your personal information and/or sensitive personal information;
C. Request that your personal information and/or sensitive personal information is deleted or that we restrict access to it;
D. Request a structured electronic version of your personal information and/or sensitive personal information; and
C. Object to our use of your personal information and/or sensitive personal information;
Should you wish to make a request in respect of your personal information and/or sensitive personal information, please contact us at firstname.lastname@example.org.
In some circumstances, the Company may not be able to comply with a request that you make in respect of your personal information or sensitive personal information. For example, we may not be able to provide a copy of your personal information or sensitive personal information where it infringes on the rights of another user. We may also be required to retain certain personal information or sensitive personal information that you ask us to delete for various reasons, such as where there is a legal requirement to do so.
If we are unable to resolve your request, or if you are concerned about a potential violation, you may be entitled to report the issue or make a complaint to the data protection authority in your jurisdiction.
THIRD PARTY SERVICE PROVIDERS
You acknowledge that your personal information and/or sensitive personal information may be shared with our third party service providers for monitoring your DaytoDay usage patterns, enabling your chat/text/message communications through DaytoDay, and core infrastructure purposes but always subject to your prior consent. You may at anytime object to the sharing of your information with third party service providers by writing to us at email@example.com .
We have implemented industry standard security policies, rules and technical measures, as required under Section 8 of the Information Technology (Reasonable security practices and procedures and sensitive personal information) Rules, 2011 in order to protect any kind of personal sensitive information that we have under our control from unauthorized access. You should know, however, that the Company cannot fully eliminate such risks.
GOVERNING LAW AND JURISDICTION
The name and contact details of the Grievance Officer are provided below:
Name: Fathima Jansi
Phone No: 9513335590
E-mail Address: firstname.lastname@example.org
Postal Address: #150/1, Infantry Road, Suite 1, Karnataka - 560001, Bangalore