TELTH HEALTHCARE PRIVACY POLICY

2.1 Personal Information

We collect information that identifies you, including:

• Name, date of birth, gender, and age
• Contact information (address, email, mobile number)
• Aadhaar number (with your consent, where legally permitted)
• PAN card details (for prepaid card KYC purposes)
• Insurance information (policy numbers, provider details)
• Payment information (UPI ID, credit/debit card details)
• Emergency contact information

2.2 Health Information

We collect comprehensive health data including:

• Medical history and conditions
• All diagnostic test results and health markers
• Treatment records and outcomes
• Medication and prescription information
• AYUSH treatment history (if applicable)
• All health parameters required for comprehensive care
• Immunization records as per Indian health guidelines
• Any health data necessary for optimal care delivery

2.3 Device and Usage Data

We automatically collect:

• Device information (type, model, operating system)
• IP address and approximate location
• Browser type and settings
• Usage patterns and preferences
• Interaction with our platforms
• All device-generated health data

3.1 Camera Access

Our mobile application requests camera access for the following purposes:

• Video Consultations: Camera access is used exclusively for real-time video calls between users and healthcare providers during telemedicine consultations
• Document Scanning: Camera may be used to scan medical documents, prescriptions, or health records for digital storage and processing
• Health Monitoring: Camera access may be required for certain health monitoring features when using compatible medical devices

Important Notes:

• Camera access is only activated with your explicit permission
• No video content is recorded, stored, or shared by the app during consultations
• Camera access is limited to the duration of active use and consultation sessions
• All video data is transmitted securely through encrypted channels

3.2 Microphone Access

Our app uses microphone access for:

• Audio Communication: Real-time audio during video consultations with healthcare providers
• Voice Commands: Optional voice-activated features for hands-free navigation (if enabled)
• Audio Consultations: Voice-only telemedicine consultations when video is not required

Important Notes:

• Microphone access is only triggered during active consultations or when voice features are specifically activated
• No audio is recorded, stored, or shared by the app or company
• All audio data is transmitted securely and not retained after consultation ends

3.3 Location Access

We may request location access for:

• Emergency Services: To provide your location to emergency responders when using emergency features
• Nearby Healthcare Facilities: To locate nearest Telth Smart Care Hubs, hospitals, or pharmacies
• Delivery Services: For medicine delivery and home healthcare services
• Compliance: To ensure services comply with state-specific healthcare regulations

Location Data Handling:

• Location data is only collected with your explicit consent
• Location information is not stored permanently and is used only for the specific requested service
• You can disable location access at any time through device settings

3.4 Storage Access

Our app requests storage access to:

• Medical Records: Store and access your health documents, test results, and medical history
• Prescription Images: Save photos of prescriptions for pharmacy processing
• Health Data Backup: Securely backup your health information for continuity of care
• Offline Access: Enable access to critical health information when internet connectivity is limited

3.5 Notification Access

We request notification permissions to:

• Appointment Reminders: Send reminders for scheduled consultations and health check-ups
• Medication Alerts: Notify you about medication schedules and prescription refills
• Health Monitoring: Alert you about critical health parameters or test results
• Emergency Notifications: Send urgent health alerts and emergency communications

3.6 Third-Party SDK Usage

Our mobile application uses the following third-party services:

• Agora SDK: For video and audio communication during telemedicine consultations
• Payment Gateways: For secure processing of payments and insurance claims
• Analytics Services: To improve app performance and user experience (with anonymized data)

Third-Party Data Handling:

• All third-party services are vetted for compliance with Indian data protection laws
• Media data transmitted through Agora SDK is encrypted and not stored by third parties
• Payment data is processed through PCI-DSS compliant Indian payment gateways

3.7 Permission Management and User Control

You maintain full control over app permissions:

• Granular Control: You can grant or deny individual permissions based on your preferences
• Revocation: All permissions can be revoked at any time through your device settings
• Functionality Impact: We will clearly explain how denying certain permissions may affect app functionality
• Re-request: We may request permissions again only when necessary for specific features you choose to use

3.8 Biometric Data Protection

If our app uses biometric features (fingerprint, face recognition) for authentication:

• Biometric data is processed locally on your device and never transmitted to our servers
• We do not collect, store, or analyze biometric data for any other purposes
• Biometric authentication is optional and alternative login methods are always available

We process your personal data in compliance with:

• Digital Personal Data Protection Act, 2023 (DPDPA)
• Information Technology Act, 2000
• Indian Medical Council (Professional Conduct, Etiquette and Ethics) Regulations, 2002
• Drugs and Cosmetics Act, 1940 (for e-pharmacy services)
• Clinical Establishments Act, 2010
• Other applicable Indian laws and regulations

5.1 Healthcare Services

We use your information to:

• Provide personalized healthcare services
• Create and manage care plans
• Facilitate telemedicine consultations as per Indian telemedicine guidelines
• Process diagnostic tests in NABL-accredited facilities
• Monitor health conditions
• Provide emergency medical assistance
• Coordinate care with registered medical practitioners

5.2 P3DSC Algorithm

Your data powers our predictive healthcare system to:

• Generate health insights based on Indian population health patterns
• Optimize treatment protocols
• Identify health risks specific to Indian demographics
• Personalize care recommendations
• Support evidence-based clinical decisions

5.3 Regulatory Compliance

We use your data to:

• Comply with mandatory reporting requirements
• Maintain medical records as per Indian regulations
• Report notifiable diseases to health authorities
• Process insurance claims with Indian insurance providers
• Meet tax compliance requirements

6.1 Healthcare Providers

We share information with:

• Medical practitioners registered with Indian medical councils
• Hospitals and clinics registered under Clinical Establishments Act
• NABL-accredited diagnostic laboratories
• Licensed pharmacies for prescription processing
• AYUSH practitioners (when applicable)
• Care practitioners trained and licensed by Telth and its partners

6.2 Government and Regulatory Bodies

We may share data with:

• Ministry of Health and Family Welfare
• National Health Authority
• State health departments
• Insurance Regulatory and Development Authority of India (IRDAI)
• Law enforcement agencies (with valid legal requests)

6.3 Third-Party Service Providers

We work with:

• Indian payment gateways and banks
• Cloud service providers compliant with Indian data localization requirements
• IT service providers based in India
• Medical device manufacturers approved by CDSCO
• Insurance companies licensed by IRDAI

7.1 Data Localization

In compliance with Indian law:

• All personal data is stored within Indian territory
• Health records are maintained on servers located in India
• We use Indian cloud service providers where possible
• Cross-border transfers are minimized and conducted per legal requirements

7.2 Security Measures

We implement:

• Encryption standards approved by Indian authorities
• Multi-factor authentication
• Regular security audits by CERT-IN empaneled auditors
• Compliance with RBI guidelines for payment data
• Physical security at all Indian facilities

7.3 G-Med ID Security

Your unique healthcare identifier is:

• Linked with consent to government health IDs (where applicable)
• Protected using India-specific authentication methods
• Integrated with ABDM (Ayushman Bharat Digital Mission) where required

8.1 Rights under DPDPA

You have the right to:

• Access your personal data
• Correct inaccurate information
• Erase personal data (subject to legal requirements)
• Withdraw consent
• Grievance redressal
• Nominate a digital data nominee

8.2 Health Data Rights

You can:

• Access your electronic health records
• Request physical copies of medical records
• Port data to other healthcare providers
• Opt-out of data sharing (except mandatory reporting)

8.3 Mobile App Permission Rights

You can:

• Review and modify all app permissions at any time
• Revoke specific permissions without affecting other app functionality
• Request information about how permissions are used
• Disable automatic permission requests

9.1 Types of Consent

We obtain:

• Explicit consent for sensitive personal data
• Informed consent for medical procedures
• Separate consent for Aadhaar authentication
• Opt-in consent for marketing communications
• Parental consent for minors (below 18 years)
• Granular consent for each mobile app permission

9.2 Withdrawal of Consent

You can withdraw consent through:

• Our mobile app or web platform
• Written request to our Data Protection Officer
• Customer support channels
• Device settings for app permissions

10.1 Retention Periods

We retain data as per:

• Indian Medical Council regulations (minimum 3 years)
• Insurance claim requirements
• Legal proceedings requirements

10.2 Data Deletion

Upon request, we will:

• Delete data not required by law
• Anonymize health records where permitted
• Remove marketing preferences immediately

11.1 Grievance Officer

For users below 18 years:

• Parental/guardian consent is mandatory
• Limited data collection
• Enhanced security measures
• Compliance with child protection laws

We use cookies in compliance with Indian laws:

• Essential cookies for functionality
• Analytics cookies (with consent)
• No third-party tracking without consent
• Cookie consent banner as per requirements

We will notify you of material changes through:

• Email notifications
• SMS alerts
• In-app notifications
• Website announcements

This Privacy Policy is available in:

• English
• Regional languages upon request

In case of discrepancy, the English version prevails.

For privacy-related queries: