EGS-Health PVT LTD. ("EGS Health" or "we") takes the privacy of your information seriously. This privacy notice ("Privacy Notice") describes the types of personal information, we collect from you through our website (including sub-domains and microsites) and mobile applications. It also describes the purposes for which we collect that personal information, the other parties with whom we may share it and the measures we take to protect the security of your data. It also tells you about your rights and choices with respect to your personal information, and how you can contact us about our privacy practices
You are advised to carefully read this Privacy Notice before using or availing any of our services.
In this Privacy Notice, the following definitions are used:
Data - Includes personal and non-personal information including the sensitive personal information concerning you, which either directly or indirectly in combination with other information, could allow you to be identified, when you visit our stores, website and/or mobile application.
Data Protection Laws - Any applicable law for the time being in force, relating to the processing of Data.
Cookies - A small file placed on your device by our website or mobile application, when you either visit or use certain features of our website or mobile application. A cookie generally allows a website to remember your actions or preference for a certain period of time.
Partners - Selected third parties with whom we have contracts for the businesses described in this Privacy Notice.
Service Providers - Includes entities to whom we or other EGS Health will disclose your Data in order to process information for a specific purpose pursuant to a written contract.
Medicas – Medicas is an EGS Health Product for Digital Healthcare on request, with a dedicated product website (https://www.medicasapp.com).
EGS Health Entity - EGS Health Private Limited (https://www.egs-health.com) is a company incorporated in India whose registered office is at 1 3 169,, Sadhu Street,, Srikakulam, Srikakulam, Andhra Pradesh, India, 532001. EGS Health – EGS Health and its subsidiaries, affiliates, associate companies, and joint venture companies with whom we have a contractual arrangement to share data for the purposes described in this Privacy Notice.
User - The natural person who accesses our website or mobile application.
EGS Health collects Data for various purposes set out in this Privacy Notice. This Data includes, without limitation, the following categories:
- Contact information: First and last name, email address, postal address, country, phone number and other similar contact data
- Financial information: Payment instrument information, transactions, transaction history, preferences, method, mode and manner of payment, spending pattern or trends, and other similar data.
- Technical information: Website, device and mobile app usage, Internet Protocol (IP) address and similar information collected via automated means, such as cookies, pixels and similar technologies.
- Transaction information: The date of the transaction, total amount, transaction history and preferences and related details.
- Health related information, such as information or records relating to Your medical/ health history, health status, details of treatment plans and periodical reviews, medication prescribed by a Medical Practitioner, dosage details such as frequency of dosage, alternative medication, medicines ordered through the Platform, laboratory testing results and any other information inferred there from
- Product and service information: Your account membership number, registration and payment information, and program-specific information, when you request services directly from us.
- Personal information: Age, sex, date of birth, nationality, details or any other personal information provided in our website or in mobile application
- Your reviews, feedback and opinions about our services.
- Loyalty programme information: Your information, account details, profile or password details and/or any other offers, discounts or loyalty membership that we have or may have in the future
We collect Data in the following ways:
- Information Given by You: We receive and store any information you enter on our website or mobile application or give us in any other way (e.g., emails, over a call, call centre employees). Please see the section titled "Data Shared by You" for more information.
- Automatic Information We Collect: We use "cookies", pixels and similar technologies to receive and store certain types of information whenever you interact with us. Please see the section below, titled "Data Collected Automatically" for more information.
- E-mail Communications: To help us to make e-mails with more relevant information, we often receive a confirmation (if your device supports such capabilities) when you open e-mail or click on a link in the e-mail.
- Automatic Information accessed from Other Websites/other sources: We receive and store certain types of information when you interact with third-party websites that use our technology or with whom we have a specific agreement. Because we process this information on behalf of the applicable website operators, collection, processing, and use of such information is subject to the applicable website operators’ privacy policies and is not covered by our Privacy Notice
- Information Previously Provided to EGS Health: Information previously shared with any of the EGS Health Entities/Products.
You can make choices about our collection and use of your Data. For example, you may want to access, edit or remove your Data on our website or mobile application. When you are asked to provide Data, you may decline.4. DATA SHARED BY YOU
EGS Health may collect your Data in several ways from your use of our website or mobile application. For instance:
- when you register with us to receive our services;
- when you transact with us or attempt to transact with our website or mobile application;
- when you complete surveys conducted by EGS or on its behalf:
- when you elect to receive any communications (including promotional offers) from us:
- from the information gathered by your visit to our website or mobile application
- We automatically collect some information when you visit our website or use our mobile application. This information help us to make improvements to our content and navigation. The information collected automatically includes your IP address.
- Our web servers or affiliates provide analytics and performance enhancement services such as IP addresses, operating system details, browsing details, device details and language settings. This information is aggregated to measure the number of visits, average time spent on the site, pages viewed and similar information. EGS Health uses this information to measure the site usage, improve content and to ensure safety and security, as well as enhance performance of our website or mobile application.
- We may collect your Data automatically via Cookies, pixels and similar technologies in line with settings on your browser. For more information about Cookies, please see the section below, titled "Cookies".
Any or all the above Data may be required by us from time to time to provide information relating to EGS Health and to work on the experience when using our website or mobile application. Specifically, Data may be used by us for the following reasons:
- carry out our obligations arising from any contract entered into between you and us;
- provide services and communicate with you about services offered by us;
- enable EGS Health and Partners to offer services and communicate with you about such services;
- processing, disclosing, transmitting, and/or sharing the data/information with EGS Health, and other third parties which have business or contractual dealings with us;
- provide you with offers (including for financial services), personalized services and recommendations and to improve user experience on our website and mobile application
- operate, evaluate and improve our business, website and mobile application;
- generate aggregated data to prepare insights to enable us to understand customer behaviour, patterns and trends with a view to learning more about your preferences or other characteristics;
- provide privileges and benefits to you, marketing and promotional campaigns based on your profile;
- in connection with loyalty programs owned and operated by us or by other EGS Health entities;
- communicate with you (including to respond to your requests, questions, feedback, claims or disputes) and to customize and improve our services;
- to enhance your experience and bring you access to membership programs, rewards and offers across EGS Health portfolio
- protect against and prevent fraud, illegal activity, harm, financial loss and other legal or information security risks; and
- serve other purposes for which we provide specific notice at the time of collection, and as otherwise authorized or required by applicable law.
We treat these inferences as personal information (or sensitive personal information, as the case may be), where required under applicable law. Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.
Wherever required under the applicable law, we will use your personal information (including sensitive personal information) with your consent; as necessary to provide you with services; to comply with a legal obligation; or when there is a legitimate necessity to make use of it.
Our website and mobile application do not offer services, for use by minors. If you are under 18, you may use our website or mobile application only with the involvement of a parent or guardian.8. SHARING OF DATA
We may share your Data with/ for:
- Partners: We may make available to you services or applications provided by Partners for use on or through our website or mobile application. If you choose to use such service, customer information related to those transactions may be shared with such Partner.
- EGS Health: We may make available to you products, services and /or applications of EGS Health, to assist them to reach out to you in relation to their programs or campaigns and to process your queries and requests. Accordingly, we may share your Data with Medicas. We may also share your Data with the EGS Health Entities as is relevant for the purposes set out in Clause 6 above, and to facilitate the operation of our business.
- EGS Health Medicas Platform: Your Data may be shared with Medicas App and other participating entities on the Medicas App Platform operated by EGS Health for purposes of enrolment, offering you products, services and benefits. Accordingly, we may share your Data with other EGS Health, Partners and Service Providers and as a part of this unification your account information across several EGS Health Entities may be merged, to offer You a single login for seamless experience.
- Service Providers: We or other EGS Health Entities/Products may share your Data with Service Providers. (Pharmacies, Lab Partners etc.) Examples include storing and analysing Data, protecting and securing our systems, providing search results and links, providing customer service, credit analysis, processing your information for profiling, user analysis and payment processing.
- Information from Other Sources: We may obtain information from other sources. An example of this is when you authorize a website (such as the website of another EGS Health Entity/Product), to interact directly with our website or mobile application to provide or receive Data about you. In that case, we might receive such Data used by that website to identify your account with that website.
- Business Transfers: As we continue to develop our business, we might sell or buy subsidiaries or business units. Your Data may be transferred as part of such transaction. Any Data that we receive from a third party pursuant to such transactions will be processed in accordance with this Privacy Notice and applicable law.
- Third Parties: We may also share your Data with other third parties where:
These Service Providers will be required to only process Data in accordance with express instructions and as necessary to perform services for purposes set forth in this Privacy Notice. The Service Providers will also be required to safeguard the security and confidentiality of the Data they process by implementing appropriate technical and organizational security measures and confidentiality obligations binding employees accessing Data.
- You request or authorize us to do so;
- We need to comply with applicable law or respond to valid legal process; or
- We need to operate and maintain the security of our website or mobile application, including to prevent or stop an attack on our computer systems or networks.
We require these third parties, by contract to only process sensitive personal data in accordance with our instructions and as necessary to perform services on our behalf or in compliance with applicable law. We also require them to safeguard the security and confidentiality of the sensitive personal data, they process on our behalf by implementing appropriate confidentiality, technical and organizational security measures.
Please note that EGS Health and Partners may have privacy practices that differ from those of EGS Health. The use of your Data will be governed by their privacy statements when you provide Data on their websites..
We will use technical and organisational measures to safeguard your Data and we store your Data on secure servers. Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us by e-mail at our email address provided at Clause 16 below.10. RETENTION OF DATA
EGS Health retains Data for as long as necessary for the use of our services or to provide access to and use of our website or mobile application, or for other essential purposes such as complying with our legal obligations, resolving disputes, enforcing our agreements and as long as processing and retaining your Data is necessary and is permitted by applicable law. Because these needs can vary for different data types and purposes, actual retention periods can vary significantly.
Even if we delete your Data, including on account of exercise of your right under Clause 10 below, it may persist on backup or archival media for audit, legal, tax or regulatory purposes.
When we process Data about you, we do so with your consent and/or as necessary to operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests of EGS Health as described in this Privacy Notice.
You have the following rights in relation to your sensitive personal information and you can exercise it by submitting a request as described in the "How to Contact Us" section below.
- Right to Access, Review and Modify
- Right to Correction
- Right to Withdraw Consent
It is important that the Data we hold about you is accurate and current. Please keep us informed if your personal information changes during the period for which we hold it.12. PROCESSING YOUR DATA
We take steps to ensure that the Data we collect under this Privacy Notice is processed according to the provisions of this Privacy Notice and the requirements of applicable law.
To ensure that your Data receives an adequate level of protection, we have put in place appropriate written contracts with EGS Health, Partners and Service Providers that we share your Data with. This ensures that your Data is treated by such parties in a way that is consistent with the applicable law.
We ask for the following app permissions while onboarding, in order to optimize the experience for you:
Location - It is recommended that you set your location sharing 'Always' as it helps us to show you location specific data like availability of services and service providers. You can change this anytime.
Camera - To allow you for video consultation, take a photo of prescriptions & directly upload it to the app and other features and functionalities requiring camera.
Photos/Media/Files - Media access permission is needed to store and retrieve your uploads such as prescription, Medical reports, test reports, uploads on your device.
SMS - To support automatic OTP confirmation, so that you don't have to enter the authentication code manually.
Receive SMS - This helps us to send you registration, booking, appointment, consultation, payment related SMS by our payment partners.
Access Wifi State - This helps us to optimize your experience based on the Wifi’s strength and signals, especially for optimizing video consultations.
Record Audio - To enable video consultations with doctors.
Bluetooth - Bluetooth is used to redirect to Bluetooth headset during video consultations.
If any court or competent authority finds that any provision of this Privacy Notice (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this Privacy Notice will not be affected.15. CHANGES TO THIS PRIVACY NOTICE
Our business changes constantly and our Privacy Notice may also change . We may e-mail periodic reminders of our notices and conditions, unless you have instructed us not to, but you should check our website and mobile application frequently to see recent changes. The updated version will be effective as soon as it is accessible. Any changes will be immediately posted on our website and mobile application and you are deemed to have accepted the terms of the updated Privacy Notice on your first use of our website or mobile application or first purchase of services following the alterations. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.16. HOW TO CONTACT US
To request to access, review, update, or withdraw your consent for your personal information or to otherwise reach us, please submit a request at firstname.lastname@example.org or our product e-mail address email@example.com. You may contact us for information on Service Providers and Partners with whom we may share your Data in compliance with this Privacy Notice and applicable law. We will respond to your request within 30 days.
17. GRIEVANCE OFFICER