Privacy Policy

CureALife Healthtech – Privacy Policy

Effective Date: 10/Sep/2025

1. INTRODUCTION

This Privacy Policy explains how CureALife Healthtech Private Limited (“Company”, “we”, “our”, “us”) collects, uses, stores, processes, shares, protects, and retains personal, sensitive, and health information of all users accessing our digital healthcare platform (“Platform”).

The Platform includes:

Website and Mobile App
User – anyone using our platform
Patient, Clinician, Medic, Hospital, Lab, Pharmacy, NGO, Corporate, Insurance & Institutional Portals, and others
Telemedicine tools (chat/audio/video)
AI-based diagnostic and predictive modules
APIs and third-party integrations
Cloud-hosted databases and analytics systems

By using our Platform, you consent to this Privacy Policy.

2. APPLICABILITY

Patients
Clinicians (Doctors, Nurses, Physiotherapists, Psychologists, Dieticians, etc.)
Hospitals, Clinics, Labs, Diagnostics, Pharmacies
Insurance Companies
NGOs & Corporate health partners
Medical Colleges, Universities & Research Institutions
Third-party vendors & technology providers

3. DATA WE COLLECT

A. Personal Identification Data

Name, gender, date of birth
Address, email, mobile number
ID documents (optional), Profile photograph (optional)

B. Sensitive Personal & Health Data

Symptoms, medical conditions, diagnoses, medical history, allergies, medications
Digital prescriptions, Lab reports, imaging reports
Vitals and biometric data, Treatment plans & clinical notes
Telemedicine consultation recordings (optional)
AI-generated analytics, differential diagnosis & predictions

C. Organizational & Professional Data

Hospital/clinic details, Registration numbers & business documents
Staff login details, Institutional affiliation data
Insurance policy & corporate employee records

D. Technical & Device Data

IP address, Device type, OS, browser details
Location (if permitted), App usage logs, Crash logs & error reports
Cookies & tracking information

E. Communication Data

Chat messages, Audio & video consultation logs
Email communication, Support tickets

4. PURPOSE OF DATA COLLECTION

We process your data for the following reasons:

A. To deliver healthcare services

Telemedicine consultations, Appointment booking & follow-ups
Medical record management, Lab & pharmacy integrations, Hospital/clinic services

B. To support clinicians

Access to patient history & reports
AI-powered treatment suggestions, Clinical dashboards & analytics

C. AI & Predictive Services

Differential diagnosis support, Clinical risk prediction
Disease progression models, Patient triage & management suggestions
Personalized health insights

AI predictions are NOT a substitute for clinical judgment.

D. To support organizations

Corporate health dashboards, Employee health monitoring
Insurance claim assistance, Analytics for NGOs, hospitals & institutions

E. Platform operations

Account creation & verification, Customer support
Notifications & updates, Fraud detection, Legally required audits

F. Research & Development

Anonymized datasets used for: AI model training, Public health analytics, Academic research

5. HOW WE SHARE DATA

We may share data with:

A. Clinicians

For diagnosis, treatment & follow-up.

B. Healthcare Partners

Labs, pharmacies, hospitals
Diagnostics & imaging centers

C. Insurance & Corporate Partners

With your authorization.

D. Educational & Research Institutions

Only anonymized data.

E. Technology & Cloud Providers

Azure cloud hosting, Hostinger web hosting
AI APIs, Communication tools (Jitsi Meet, WhatsApp, etc.), Payment gateways

F. Legal Compliance

Court orders, Government agencies, Investigations

We NEVER sell your personal or health data.

6. USE OF THIRD-PARTY TOOLS

We use tools such as:

Jitsi Meet or other relevant platform for video consultations
WhatsApp for limited communication
Azure, Hostinger or other platforms for cloud, web & mobile hosting
Google playstore, iOS App store and other platform for App or WAP store
AI engines & medical API services

Each third-party tool has its own privacy policies. We are not responsible for failures or breaches caused by third parties.

7. DATA SECURITY

We implement:

SSL/TLS encryption, Encrypted databases
Role-based access control, Multi-factor authentication for clinicians
Regular cybersecurity audits, Data minimization principles
Firewall, IDS, and secure cloud architecture

Despite this, no system is fully secure. Users share data at their own risk.

8. CROSS-BORDER DATA TRANSFER

Your data may be processed or stored outside India due to: Azure cloud servers, Global API tools, International analytics tools. We ensure industry-standard protections for such transfers.

9. USER RIGHTS

Users have the right to:

Access their data, Request corrections, Request deletion (subject to legal limits)
Withdraw consent, Request data portability
Restrict processing, Object to profiling
Lodge a complaint with the Grievance Officer

Requests will be processed within 30 days.

10. DATA RETENTION

We retain data as follows:

Medical Records – Minimum 3 years or as legally required
Telemedicine records – 3 years (optional retention)
Billing & financial data – 7 years
AI model data – anonymized & indefinite
Logs & analytics – as required for operations

Deleted accounts are anonymized but certain records may be retained for: Legal compliance, Medical audits, Fraud prevention, Research (anonymized form).

11. CHILDREN’S PRIVACY

For users under 18, parental/guardian consent is mandatory.

12. LIMITATION OF LIABILITY

The Company is not responsible for:

Misdiagnosis or negligence by clinicians
AI inaccuracies
Data breaches caused by third-party providers
User errors or unauthorized access
Force majeure events

13. UPDATES TO THIS POLICY

We may modify this Privacy Policy anytime. Continued use of the Platform indicates acceptance of updates.

14. GRIEVANCE OFFICER

Name: Vikram Prasad
Email: grievance@curealyf.com
END OF DOCUMENT