Privacy Policy

This Privacy Policy describes Dori Health Pvt. Ltd’s (“Dori”) policy regarding the collection, use, disclosure and protection of the information we collect from and about you when you use our web-based platform and proprietary mobile application (the “Service”). We take our obligations regarding your privacy and the protection of your information very seriously and we have made an effort to draft this Privacy Policy in a manner that is clear and easy for you to understand.

This Privacy Policy is applicable to all the users of the Service (the “User”). In case you are a practitioner who wishes to enlist or have enlisted on the Service and you have reached this page, please view and confirm your relevant Privacy Policy.

By using or accessing the Service, or by giving us your information, you, the User, agree and consent to the collection, use and disclosure of any and all information belonging or relating to you in a manner that conforms to this Privacy Policy. You further agree to this Privacy Policy and to the Terms and Conditions by using or accessing the Service. If you are using or accessing the service on behalf of someone else, you represent that you have been authorized by such individual to accept this Privacy Policy on his or her behalf. We urge you to read our policies and practices as outlined in this Privacy Policy very carefully and if in any way you do not agree with anything contained hereunder, then we cannot provide you the Service and you should stop accessing the same forthwith.

  1. Why this Privacy Policy
    1. This Privacy Policy is published in compliance with:

      (i) Section 43A of the (Indian) Information Technology Act, 2000;
      (ii) Regulation 4 of the (Indian) Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the “SPI Rules”); and
      (iii) Regulation 3(1) of the (Indian) Information Technology (Intermediaries Guidelines) Rules, 2011.

    2. This Privacy Policy inter alia states the following:

      (i) The type of information collected from the Users of the Service, including personal information;
      (ii) The purpose, means and modes of usage of such information; and
      (iii) How and to whom Dori will disclose such information.

  2. What is Personal Information
    1. “Personal information” is defined under the SPI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
    2. The SPI Rules further define “sensitive personal data or information” of a person to mean personal information about that person relating to:

      (i) Passwords;
      (ii) Financial information such as bank accounts, credit and debit card details or other payment instrument details;
      (iii) Physical, physiological and mental health condition;
      (iv) Sexual orientation;
      (v) Medical records and history;
      (vi) Biometric information;
      (vii) Information received by body corporate under lawful contract or otherwise;

    3. Information that is freely available in the public domain or accessible under the Right to Information Act, 2005 or any other law will not be regarded as sensitive personal data or information.
  3. Why we collect certain information
    1. We only collect information to conduct our business and to enable us to deliver and to continue improving our Service. We do not, for any reason whatsoever, sell or otherwise trade your information with any third party.
    2. Profile Information: We collect some personal information from you when you register for an account on the Service. Some of this information such as your name and email help us to effectively manage our relationship with you while others such your PAN details enable us establish your identity. While these are mandatory, others such as your photograph are optional. We may use your Profile Information to send you information about our Service and to market to you. You may unsubscribe from any of our e-mailers by following the instructions contained therein. You can access your Profile Information anytime by accessing the ‘Profile’ section of the Service.
    3. Billing and Payment Information: You will provide us your billing and payment details when you sign-up for an account on the Service. We do not have access to any other information once you are redirected to the payment gateway. This information is collected as it is mandated for online transactions.
    4. User Uploaded Information: We provide you with the facility to upload your medical records on to the Service. These are, however, only online copies of such records and act as a data repository, stored by you to access and share them at your convenience. By uploading such information, you authorize us to grant access to these records with medical practitioners who have been verified by us and have been enlisted on the Service in order to render healthcare services.
    5. Other relevant information: We collect certain information such as your telephone number, address, the phone numbers of your emergency contacts, which are essential for the provision of our services.
    6. We also collect the following information automatically:

      (i) Log and Analytics: This includes information such as your web request, IP address, browser type and language and date and time of request as well as your usage and analytics of the time spent by you on the Service. We use such information to create statistical and demographic profiles for our own internal business purposes, which are aimed at improving and customizing our Service for you. In any case, we use such information in an anonymous and aggregated form. For a more elaborate understanding of how we collect such data, please go through our Cookies section.

      (ii) Device Identifiers: When you access the Service using a mobile device, we collect specific device information contained in your mobile device’s “device identifier.” This device identifier includes information such as the type of device you are using, its operating system, and mobile network information, which may include your mobile phone number. We may associate this device identifier with your Service account and will use data associated with your device identifier to customize our Services to your device and to analyze any device-related issues.

      (iii) Location Information: In order to effectively provide you the Service, it is necessary that we collect and process information about your location as and when required, when you are accessing the Service. You can disable location-based services in the settings associated with your mobile. However, the Service will not function properly if location services are turned off.

  4. How we share your information
    1. We may share the information we collect from you with third parties in the manner detailed below.
    2. As authorized by you: We share access to your medical records including prior prescriptions with medical practitioners enlisted on the Service. By signing up for the Service, you consent to the sharing of the uploaded records with enlisted medical practitioners for the purposes of rendering medical services or for the satisfactory completion of any of the services provided by us including for scheduling and fulfilling appointments.
    3. With trusted service providers and business partners: We may utilize trusted third party service providers to assist us in delivering our Service including hosting of the Service, sending out email updates, or processing payments. These service providers may have access to your information, for the limited purpose of performing the contracted services. They will be required to have a privacy policy and security standards in place that are at least as protective of your information as this Privacy Policy. We may also store personal information in locations outside the direct control of Dori (for instance, on servers or databases co-located with web hosting providers).
    4. If required to do so by law or in order to protect our rights: We will not disclose any of your personal information that we have collected to governmental authorities or institutions unless such disclosure is requisitioned under any Indian law or judicial decree. We may also disclose any of your personal information to our legal counsel or to any governmental authority or agency if we believe that it is necessary to do so to protect the safety of any person, to address fraud, security or technical issues or to protect our rights or property.
    5. In an aggregate and non-personally identifiable manner: We may disclose aggregate nonpersonally identifiable information such as aggregate and anonymous usage data, platform and device types, etc. publicly or with interested third parties to help them understand, or to help us improve, the Service.
    6. In connection with a sale or change of control: If the ownership of any or substantially all of our business changes, we may transfer your information to the new owner so that the Service can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Privacy Policy until such time as this Privacy Policy is updated or amended by the acquiring party after notice to you.
  5. How we protect your information
    1. We use commercially reasonable and industry standard physical, managerial, and technical safeguards to have a comprehensive information security program and to preserve the integrity and security of your information. We also continuously and regularly backup your data to prevent data loss and to aid in data recovery. We also guard against common web vendor attacks, host data in secure audited data centers and implement firewalls and access restrictions on our servers to secure our network and better protect your information.
  6. Risks inherent in sharing information
    1. Although we take reasonable steps to maintain the security of the information associated with your account, please be aware that no security measures are perfect or impenetrable. We will not be responsible for any misuse of your information by enlisted medical practitioners. We will not be responsible for third party circumvention of any privacy settings or security measures on the Service.
  7. Children’s Privacy
    1. Our service is not directed to persons under eighteen years of age and we do not collect any personal information from any child. However, if you do provide any personal information relating to a child or children on account of them being your dependent or otherwise, or if you use the Service on behalf of any child or children, you represent that you are authorized to:

      (i) Provide such personal information on behalf on such child or children.
      (ii) Accept this Privacy Policy on such child or children’s behalf.
      (iii) Consent on behalf of such child or children to our collection, use and disclosure of such information.

  8. Links to other web sites
    1. We are not responsible for the practices employed by websites linked to from within the Service, nor for the information or content contained therein. Please remember that when you use a link to go from the Service to another website, our Privacy Policy is no longer in effect and your activities on that third party website is subject to such third party website’s own rules and policies.
  9. Cookies
    1. Dori uses “cookies” in conjunction with its Service to obtain information. A cookie is a small data file that is transferred to your device for record-keeping purposes. For example, a cookie could allow the Service to recognize your browser, while another could store your preferences and other information.
    2. Your browser may allow you to set how it handles cookies, such as declining all cookies or prompting you to decide whether to accept each cookie. But please note that some parts of the Service may not work as intended or may not work at all without cookies.
    3. We may place our cookies on your device in relation to the Service and you agree to the same. Accordingly, this Privacy Policy will apply to our treatment of the information we obtain via our cookies.
    4. Third-Party cookies: We may also allow our business partners to place cookies on your device. For example, we use Google Analytics for web analytics, for which purpose Google may also set cookies on your device. Third Parties may also place cookies on your device for advertising purposes.
    5. There are two types of cookies used in conjunction with the Service, namely “persistent cookies” and “session cookies”. Session cookies will normally expire when you close your browser, while persistent cookies will remain on your device after you close your browser, and can be used again the next time you access the Service.
    6. Other technologies: We may also use other technologies with similar functionality to cookies, such as web beacons and tracking URLs to obtain log data about users. We may also use web beacons and tracking URLs in our messages to you to determine whether you have opened a certain message or accessed a certain link.
    7. Dori uses cookies and similar tracking technologies for a number of purposes, such as:

      (i) To enable, facilitate and streamline the functioning of the Service across different webpages, devices and browser sessions.
      (ii) To simplify your access to and use of the Service and make it more seamless.
      (iii) To monitor and analyze the performance, operation and effectiveness of the Service, so that we can improve and optimize it.
      (iv) To show you content (which may include advertisements) that is more relevant to you.
      (v) For fraud detection and prevention.

    8. Disabling cookies: Most browsers automatically accept cookies, but you can modify your browser setting to decline cookies by visiting the Help portion of your browser’s toolbar. If you choose to decline cookies, please note that you may not be able to sign in, customize, or use some of the features of the Service.
  10. Changes to our Privacy Policy
    1. If we change our Privacy Policy, we will post those changes on this page to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when they are posted on this page. If a User accesses the Service after a notice of the changes to the Privacy Policy has been sent to such User via email, such User shall be bound by the changed terms.
  11. Queries regarding this Privacy Policy
    1. We can be reached, for all questions and grievances with regard to our information collection, use and disclosure practices, by:

      (i) Sending a letter marked to the attention of our Data Protection Officer, Mr. Sarat Kumar, Dori Health Pvt. Ltd., at P18E, L5, The Hive, VR Mall, Plot No 11B, Survey No 40/9, Devasandra Industrial Area, 2nd Stage, KR Puram Hobli, Karnataka, India – 560048.
      (ii) Sending an e-mail to support@zevahealth.com.

    2. We will make all reasonable efforts to respond promptly to any requests, questions or concerns which you may have regarding our use of your information.
Dated: 18/06/2018