Overview
This policy (“Medlyfe Hospital Data Privacy Policy” or “Policy”) outlines what personal data is collected, how it is processed, stored, secured, and used, and the conditions under which it may be disclosed.
Purpose
The purpose of this Policy is to explain what types of personal data we collect, when and why we collect it, how we use and safeguard it, the conditions for disclosure to third parties, and your rights regarding such personal data.
Scope
This Policy applies to all personal data collected, used, stored, or processed by Medlyfe Hospital or any of its branches or subsidiaries. It includes data collected when you visit our website, use our mobile application, or avail any healthcare or diagnostic services offered by Medlyfe Hospital.
“You” refers to any individual (whether a registered or anonymous user, patient, visitor, employee, contractor, intern, or consultant) whose data is collected by us.
“We”, “us”, “our”, or “Medlyfe Hospital” collectively refer to Medlyfe Hospital and its authorized entities.
All Medlyfe Hospital staff and associated personnel are bound by this Policy.
Policy
Personal Information
Personal information refers to details through which an individual can be directly or indirectly identified. The personal information collected, processed, and stored by Medlyfe Hospital includes, but is not limited to:
Name
Gender
Date of Birth / Age
Contact details (mobile number, email ID)
Address (current and permanent)
Sexual orientation
Medical history and records
Health status (physical, physiological, and mental conditions)
Aadhaar / PAN / Driving License / Passport or other identity documents
Financial information (bank details, debit/credit card information, payment instruments)
Biometric information
Cookies and digital data such as IP address, device type, browser details, referring URLs, login credentials, and usage patterns from our website or mobile applications
Collection of Personal Information
Personal and sensitive personal information is collected directly from you through various means, such as:
Registration on the Medlyfe Hospital website or application
Registration at our hospital front desk during visits
Submission of details to our staff
Information provided through online forms, calls, or messages
We may also use cookies and similar technologies to recognize you or your device to improve your service experience. You can choose to opt out of cookie tracking for advertisements or analytics.
By sharing your personal information, or by clicking “I Agree” or any equivalent consent option, you consent to the use of your data for the purposes outlined in this Policy.
Usage and Processing of Personal Information
Your personal data may be used for the following purposes:
To contact you via phone/SMS/email for service updates, payment reminders, reports, or invoices
To inform you about promotional offers or new services
To deliver medical, diagnostic, and healthcare services
To improve our services and internal processes through data analysis
For employment, HR, and administrative purposes
To comply with legal, regulatory, and compliance obligations
To respond to court orders, legal summons, or government requests
Collection and Processing of Aadhaar Information
We may collect Aadhaar details for identification purposes. It is not mandatory to provide Aadhaar unless required by law — you may submit other ID proofs such as PAN, Passport, or Driving License.
We will not share Aadhaar details with third parties without your consent, and such data will be retained only for as long as necessary, following all applicable data protection laws.
Disclosures or Transfers
Your personal information may be disclosed or shared with third parties for specific purposes, such as:
Insurance and claim processing
Specialized medical services, diagnostics, or healthcare collaborations
Business analytics, intelligence, or process optimization
Sending updates and communication through channels like SMS, email, or WhatsApp
Legal or regulatory compliance, or pursuant to government/judicial orders
Business transfers, mergers, or acquisitions involving Medlyfe Hospital
All disclosures are made only to entities that maintain the same level of security and confidentiality standards as Medlyfe Hospital.
Security of Personal Information
Medlyfe Hospital adopts stringent security measures to protect your personal data against unauthorized access or misuse. Our security practices include:
Role-based access control for applications and databases
Multi-layered data security and encryption
Restricted access on a need-to-know basis
Masked display of sensitive information in public or shared systems
Prevention of unauthorized copying or transfer of data outside the hospital network
While we take every precaution, no system is completely immune to breaches. Medlyfe Hospital and its affiliates shall not be liable for unintended disclosures arising from cyber incidents or unauthorized access beyond our control.
Data Retention
Your personal data will be retained only for as long as required under applicable laws or until the purpose for which it was collected has been fulfilled.
Your Rights
Under this Policy and applicable law, you have the following rights:
Right to Access and Correction: You may access, review, or correct your personal information if it is inaccurate or incomplete.
Right to Withdraw Consent: You may withdraw your consent to data processing by contacting our Grievance Officer. However, this may affect the provision of certain services that rely on your data.