and protection of the information we collect from and about you when you use our web-based platform and
proprietary mobile application (the “Service”). We take our obligations regarding your privacy and the
in a manner that is clear and easy for you to understand.
practitioner who wishes to enlist or have enlisted on the Service and you have reached this page,
By using or accessing the Service, or by giving us your information, you, the User, agree and consent
to the collection, use and disclosure of any and all information belonging or relating to you in a
Terms and Conditions by using or accessing the Service. If you are using or accessing the service
on behalf of someone else, you represent that you have been authorized by such individual to accept
hereunder, then we cannot provide you the Service and you should stop accessing the same forthwith.
(i) Section 43A of the (Indian) Information Technology Act, 2000;
(ii) Regulation 4 of the (Indian) Information Technology (Reasonable Security Practices
and Procedures and Sensitive Personal Information) Rules, 2011 (the “SPI Rules”); and
(iii) Regulation 3(1) of the (Indian) Information Technology (Intermediaries Guidelines)
(i) The type of information collected from the Users of the Service, including personal information;
(ii) The purpose, means and modes of usage of such information; and
(iii) How and to whom Dori will disclose such information.
What is Personal Information
“Personal information” is defined under the SPI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
The SPI Rules further define “sensitive personal data or information” of a person to mean personal information about that person relating to:
(ii) Financial information such as bank accounts, credit and debit card details or other payment instrument details;
(iii) Physical, physiological and mental health condition;
(iv) Sexual orientation;
(v) Medical records and history;
(vi) Biometric information;
(vii) Information received by body corporate under lawful contract or otherwise;
Information that is freely available in the public domain or accessible under the Right to Information Act, 2005 or any other law will not be regarded
as sensitive personal data or information.
Why we collect certain information
We only collect information to conduct our business and to enable us to deliver and to continue improving our Service. We do not, for any reason whatsoever,
sell or otherwise trade your information with any third party.
Profile Information: We collect some personal information from you when you register for an
account on the Service. Some of this information such as your name and email help us to
effectively manage our relationship with you while others such your PAN details enable us
establish your identity. While these are mandatory, others such as your photograph are optional.
We may use your Profile Information to send you information about our Service and to market
to you. You may unsubscribe from any of our e-mailers by following the instructions contained
therein. You can access your Profile Information anytime by accessing the ‘Profile’ section of the
Billing and Payment Information: You will provide us your billing and payment details when
you sign-up for an account on the Service. We do not have access to any other information once
you are redirected to the payment gateway. This information is collected as it is mandated for
User Uploaded Information: We provide you with the facility to upload your medical records
on to the Service. These are, however, only online copies of such records and act as a data
repository, stored by you to access and share them at your convenience. By uploading such
information, you authorize us to grant access to these records with medical practitioners who
have been verified by us and have been enlisted on the Service in order to render healthcare
Other relevant information: We collect certain information such as your telephone number,
address, the phone numbers of your emergency contacts, which are essential for the provision
of our services.
We also collect the following information automatically:
(i) Log and Analytics: This includes information such as your web request, IP address,
browser type and language and date and time of request as well as your usage and
analytics of the time spent by you on the Service. We use such information to create
statistical and demographic profiles for our own internal business purposes, which are
aimed at improving and customizing our Service for you. In any case, we use such
information in an anonymous and aggregated form. For a more elaborate
understanding of how we collect such data, please go through our Cookies section.
(ii) Device Identifiers: When you access the Service using a mobile device, we collect
specific device information contained in your mobile device’s “device identifier.” This
device identifier includes information such as the type of device you are using, its
operating system, and mobile network information, which may include your mobile
phone number. We may associate this device identifier with your Service account and
will use data associated with your device identifier to customize our Services to your
device and to analyze any device-related issues.
(iii) Location Information: In order to effectively provide you the Service, it is necessary
that we collect and process information about your location as and when required, when
you are accessing the Service. You can disable location-based services in the settings
associated with your mobile. However, the Service will not function properly if location
services are turned off.
How we share your information
- We may share the information we collect from you with third parties in the manner detailed
As authorized by you: We share access to your medical records including prior prescriptions
with medical practitioners enlisted on the Service. By signing up for the Service, you consent to
the sharing of the uploaded records with enlisted medical practitioners for the purposes of
rendering medical services or for the satisfactory completion of any of the services provided by
us including for scheduling and fulfilling appointments.
With trusted service providers and business partners: We may utilize trusted third party service
providers to assist us in delivering our Service including hosting of the Service, sending out email
updates, or processing payments. These service providers may have access to your information,
for the limited purpose of performing the contracted services. They will be required to have a
control of Dori (for instance, on servers or databases co-located with web hosting providers).
If required to do so by law or in order to protect our rights: We will not disclose any of your
personal information that we have collected to governmental authorities or institutions unless
such disclosure is requisitioned under any Indian law or judicial decree. We may also disclose any
of your personal information to our legal counsel or to any governmental authority or agency if
we believe that it is necessary to do so to protect the safety of any person, to address fraud,
security or technical issues or to protect our rights or property.
In an aggregate and non-personally identifiable manner: We may disclose aggregate nonpersonally
identifiable information such as aggregate and anonymous usage data, platform and
device types, etc. publicly or with interested third parties to help them understand, or to help us
improve, the Service.
In connection with a sale or change of control: If the ownership of any or substantially all of
our business changes, we may transfer your information to the new owner so that the Service
can continue to operate. In such case, your information would remain subject to the promises
or amended by the acquiring party after notice to you.
How we protect your information
We use commercially reasonable and industry standard physical, managerial, and technical
safeguards to have a comprehensive information security program and to preserve the integrity
and security of your information. We also continuously and regularly backup your data to prevent
data loss and to aid in data recovery. We also guard against common web vendor attacks, host
data in secure audited data centers and implement firewalls and access restrictions on our servers
to secure our network and better protect your information.
Risks inherent in sharing information
Although we take reasonable steps to maintain the security of the information associated with
your account, please be aware that no security measures are perfect or impenetrable. We will not
be responsible for any misuse of your information by enlisted medical practitioners. We will not
be responsible for third party circumvention of any privacy settings or security measures on the
- Our service is not directed to persons under eighteen years of age and we do not collect any
personal information from any child. However, if you do provide any personal information
relating to a child or children on account of them being your dependent or otherwise, or if you
use the Service on behalf of any child or children, you represent that you are authorized to:
(i) Provide such personal information on behalf on such child or children.
(iii) Consent on behalf of such child or children to our collection, use and disclosure of such
Links to other web sites
We are not responsible for the practices employed by websites linked to from within the Service,
nor for the information or content contained therein. Please remember that when you use a link
activities on that third party website is subject to such third party website’s own rules and policies.
Dori uses “cookies” in conjunction with its Service to obtain information. A cookie is a small data
file that is transferred to your device for record-keeping purposes. For example, a cookie could
allow the Service to recognize your browser, while another could store your preferences and
Your browser may allow you to set how it handles cookies, such as declining all cookies or
prompting you to decide whether to accept each cookie. But please note that some parts of the
Service may not work as intended or may not work at all without cookies.
We may place our cookies on your device in relation to the Service and you agree to the same.
Third-Party cookies: We may also allow our business partners to place cookies on your device.
For example, we use Google Analytics for web analytics, for which purpose Google may also set
cookies on your device. Third Parties may also place cookies on your device for advertising
There are two types of cookies used in conjunction with the Service, namely “persistent cookies”
and “session cookies”. Session cookies will normally expire when you close your browser, while
persistent cookies will remain on your device after you close your browser, and can be used again
the next time you access the Service.
Other technologies: We may also use other technologies with similar functionality to cookies,
such as web beacons and tracking URLs to obtain log data about users. We may also use web
beacons and tracking URLs in our messages to you to determine whether you have opened a
certain message or accessed a certain link.
(i) To enable, facilitate and streamline the functioning of the Service across different
webpages, devices and browser sessions.
(ii) To simplify your access to and use of the Service and make it more seamless.
(iii) To monitor and analyze the performance, operation and effectiveness of the Service, so
that we can improve and optimize it.
(iv) To show you content (which may include advertisements) that is more relevant to you.
(v) For fraud detection and prevention.
Disabling cookies: Most browsers automatically accept cookies, but you can modify your browser
setting to decline cookies by visiting the Help portion of your browser’s toolbar. If you choose to
decline cookies, please note that you may not be able to sign in, customize, or use some of the
features of the Service.
what information we collect, how we use it and under what circumstances we may disclose it.
email, such User shall be bound by the changed terms.
We can be reached, for all questions and grievances with regard to our information collection,
use and disclosure practices, by:
(i) Sending a letter marked to the attention of our Data Protection Officer, Mr. Sarat Kumar,
Dori Health Pvt. Ltd., at P18E, L5, The Hive, VR Mall, Plot No 11B, Survey No 40/9,
Devasandra Industrial Area, 2nd Stage, KR Puram Hobli, Karnataka, India – 560048.
(ii) Sending an e-mail to email@example.com.
We will make all reasonable efforts to respond promptly to any requests, questions or concerns
which you may have regarding our use of your information.