Aster DM Healthcare Limited and its subsidiaries (referred to as “we”, us”, “Aster”) is the author
and publisher of the internet resource www.asterhospitals.in, www.rameshhospitals.com,
www.asterwayanad.com, www.asterlabs.in & www.asterpharmacy.in, its sub domain’s (together referred
to as “Websites”) on the world wide web as well as other software and applications provided by
Aster, including but not limited to the mobile applications (referred to as “App”, and together with
Websites referred to as “Services”). Aster provides the Services in partnership with its agents,
affiliates, associates, representatives or other third parties (together referred to as
“Partners”)
This privacy policy ("Privacy Policy") explains how we collect, use, share and
protect personal information about the Users of the Services (jointly and severally referred to as
“you” or “User” or “Users” in this Privacy
Policy). We created this Privacy Policy to demonstrate our commitment to the protection of your
privacy and your personal information. Your use of and access to the Services is subject to this
Privacy Policy and our Terms of Use. Any capitalized term used but not defined in this Privacy
Policy shall have the meaning attributed to it in our Terms of Use.
BY CONFIRMING THAT YOU ARE BOUND BY THIS PRIVACY POLICY (BY THE MEANS PROVIDED ON THIS WEBSITE OR
APP), BY USING THE SERVICES OR BY OTHERWISE GIVING US YOUR INFORMATION, YOU AGREE TO THE PRACTICES
AND POLICIES OUTLINED IN THIS PRIVACY POLICY AND YOU HEREBY CONSENT TO OUR COLLECTION, USE AND
SHARING OF YOUR INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY. WE RESERVE THE RIGHT TO CHANGE,
MODIFY, ADD OR DELETE PORTIONS OF THE TERMS OF THIS PRIVACY POLICY, AT OUR SOLE DISCRETION, AT ANY
TIME. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY AT ANY TIME, DO NOT USE ANY OF THE SERVICES OR
GIVE US ANY OF YOUR INFORMATION. IF YOU USE THE SERVICES ON BEHALF OF SOMEONE ELSE (SUCH AS YOUR
CHILD) OR AN ENTITY, YOU REPRESENT THAT YOU ARE AUTHORISED BY SUCH INDIVIDUAL OR ENTITY TO ACCEPT
THIS PRIVACY POLICY ON SUCH INDIVIDUAL’S OR ENTITY’S BEHALF.
WHY THIS PRIVACY POLICY?
This Privacy Policy is published in compliance with, inter alia: Section 43A of the Information
Technology Act, 2000;
- Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and
Sensitive Personal Information) Rules, 2011 (the “SPI Rules”); and
- Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011.
This Privacy Policy states the following:
- The type of information collected from the Users, including sensitive personal data or
information;
- The purpose, means and modes of usage of such information; and
- How and to whom we will disclose such information.
COLLECTION OF PERSONAL INFORMATION
Generally, some of the Services require us to know who you are so that we can best meet your needs.
When you access the Services, we may ask you to voluntarily provide us with certain information that
personally identifies you or could be used to personally identify you. Without prejudice to the
generality of the above, information collected by us from you may include (but is not limited to)
the following:
- Contact data (such as your email address and phone number);
- Demographic data (such as your gender, your date of birth and your pin code);
- Data regarding your usage of the services and history of the appointments and other transactions
made by or with you through the use of Services;
- Health or medical data (such as your past medical history and conditions, diagnostic reports,
prescriptions and medication history)
- Insurance data (such as your insurance carrier and insurance plan); and
- Other information that you voluntarily choose to provide to us (such as information shared by
you with us through emails or letters, your work details, your family details)
The information collected from you by Aster may constitute ‘personal information’ or ‘sensitive
personal data or information’ under the SPI Rules. Personal information is defined under the SPI
Rules to mean any information that relates to a natural person, which, either directly or
indirectly, in combination with other information available or likely to be available with a body
corporate, is capable of identifying such person.
The SPI Rules further define “sensitive personal data or information” of a person to
mean personal information about that person relating to:
- passwords;
- financial information such as bank accounts, credit and debit card details or other payment
instrument details;
- physical, physiological and mental health condition;
- sexual orientation;
- medical records and history;
- biometric information;
- information received by body corporate under lawful contract or otherwise;
- visitor details as provided at the time of registration or thereafter; and
- Call data records
Information that is freely available in the public domain or accessible under the Right to
Information Act, 2005 or any other law will not be regarded as personal information or sensitive
personal data or information.
PRIVACY STATEMENTS
- A condition of each User’s use of and access to the Services is their acceptance of the Terms of
Use, which also involves acceptance of the terms of this Privacy Policy. Any User that does not
agree with any provisions of the same has the option to discontinue the Services provided by
Aster immediately.
- All the information provided to us by a User, including sensitive personal information, is
voluntary. You understand that Aster, either itself or with its Partners, may use certain
information of yours, which has been designated as ‘sensitive personal data or information’
under the SPI Rules, (a) for the purpose of providing you the Services, (b) for commercial
purposes and in an aggregated or non- personally identifiable form for research, statistical
analysis and business intelligence purposes, for (c) for sale or transfer of such research,
statistical or intelligence data in an aggregated or non-personally identifiable form to our
Partners. Aster also reserves the right to use information provided by or about the User for the
following purposes:
- Contacting Users for offering new products or services.
- Contacting Users for taking product and Service feedback.
Analyzing software usage patterns for improving product design and utility.
- Analyzing anonymized information for commercial use.
You hereby consent to such use of such information by Aster and our Partner
- Collection of information which has been designated as ‘sensitive personal data or information’
under the SPI Rules requires your express consent. By affirming your assent to this Privacy
Policy, you provide your consent to such collection as required under applicable law. Our
Services may be unavailable to you in the event such consent is not given.
- Users’ personally identifiable information, which they choose to provide on the Website or App
is used to help the Users describe/identify themselves. Other information that does not
personally identify the Users as an individual, is collected by Aster or our Partners from Users
(such as, patterns of utilization described above) and is exclusively owned by Aster or its
partners. We or our Partners may also use such information in an aggregated or non-personally
identifiable form for research, statistical analysis and business intelligence purposes, and may
sell or otherwise transfer such research, statistical or intelligence data in an aggregated or
non-personally identifiable form to third parties. In particular, we and our Partners reserve
with us the right to use anonymized User demographics information and anonymized User health
information for the following purposes:
Analyzing software usage patterns for improving product design and utility.
Analyzing such information for research and development of new technologies.
- Using analysis of such information in other commercial product offerings of Aster or our
Partners.
- Sharing analysis of such information with third parties for commercial use.
- You are responsible for maintaining the accuracy of the information you submit to us, such as
your contact information provided as part of account registration. If your personal information
changes, you may correct, delete inaccuracies, or amend information by making the change on your
profile information page on the Websites or App or by contacting us at [email protected] We
will
make good faith efforts to make requested changes in our then active databases as soon as
reasonably practicable. If you provide any information that is untrue, inaccurate, out of date
or incomplete (or becomes untrue, inaccurate, out of date or incomplete), or Aster has
reasonable grounds to suspect that the information provided by you is untrue, inaccurate, out of
date or incomplete, Aster may, at its sole discretion, discontinue the provision of the Services
to you.
- If you wish to cancel your account or request that we no longer use your information to provide
you services, contact us through
[email protected]. We
will retain your
information for as long as your account with the Services is active and as needed to provide you
the Services. We shall not retain such information for longer than is required for the purposes
for which the information may lawfully be used or is otherwise required under any other law for
the time being in force. After a period of time, your data may be anonymized and aggregated, and
then may be held by us or our Partners as long as necessary for us to provide our Services
effectively or improve the Services, but our use of the anonymized data will be solely for
analytic purposes.
- Aster may require the User to pay with a credit card, debit card, net banking or other online
payment mechanisms for Services for which an amount(s) is/are payable. Aster will collect such
User’s credit card number and/or other financial institution information such as bank account
numbers and will use that information for the billing and payment processes, including but not
limited to the use and disclosure of such credit card number and information to third parties as
necessary to complete such billing operation. Verification of credit information, however, is
accomplished solely by the User through the authentication process offered by a third-party
payment gateway. User’s credit-card/debit card details are transacted upon secure sites of
approved payment gateways which are digitally under encryption, thereby providing the highest
possible degree of care as per current technology. User is advised, however, that internet
technology is not full proof safe and User should exercise discretion on using the same.
- Due to the communications standards on the Internet, when a User or anyone who visits the
Website, we automatically receive the URL of the site from which anyone visits. We also receive
the Internet Protocol (IP) address of each User’s computer (or the proxy server a User used to
access the World Wide Web),
User’s computer/ device operating system and type of web browser the User is using, email patterns,
as well as the name of User’s ISP. This information is used to analyze overall trends to help Aster
improve its Service. The linkage between User’s IP address and User’s personally identifiable
information may be available to us or our Partners but is not shared with other third parties.
Notwithstanding the above, we may share some of the aggregate findings (not the specific data) in
anonymized form (i.e., non-personally identifiable) with advertisers, sponsors, investors, strategic
partners, and others in order to help grow our business.
- The Website may use cookies to store certain data (that is not sensitive personal data or
information) that is used by us and our partners for the technical administration of the
Website, App, research and development, and for User administration. In the course of serving
advertisements or optimizing services to its Users, Aster may allow authorized third parties to
place or recognize a unique cookie on the User’s browser. The cookies however, do not store any
personal information of the User.
- In order to have access to all the features and benefits on our Website or App, a User must
first create an account on our Website or App. To create an account, a User is required to
provide the following information, which such User recognizes and expressly acknowledges is
personal information allowing others, including Aster, to identify the User: name, User ID,
email address, address, date of birth, gender, phone number and password chosen by the User.
Other optional information may be requested on the registration page. We may, in future, include
other optional requests for information from the User to help us to customize the Services to
deliver personalized information to the User. However, we assume your consent in relation to
various matters, once you complete the registration process.
- This Privacy Policy applies to Websites, App and Services that are owned and operated by Aster.
We do not exercise control over the sites that may be displayed as search results or links from
within the Services. These other sites may place their own cookies or other files on the Users’
computer, collect data or solicit personal information from the Users, for which Aster is not
responsible or liable. Accordingly, Aster does not make any representations concerning the
privacy practices or policies of such third parties or terms of use of such websites, nor does
Aster guarantee the accuracy, integrity, or quality of the information, data, text, software,
sound, photographs, graphics, videos, messages or other materials available on such websites.
The inclusion or exclusion of such other sites does not imply any endorsement by Aster of the
website, the website's provider, or the information on the website. If you decide to visit a
third-party website linked to the Aster Website, you do this entirely at your own risk. Aster
encourages the User to read the privacy policies of that website.
- The Services may enable a User to communicate with other Users or to post information to be
accessed by others, whereupon other Users may collect such data. Aster hereby expressly
disclaims any liability for any reliance or misuse
of such information that is made available by Users or visitors in such a manner.
- Aster may periodically ask users to complete surveys asking about their experiences with
features of the Websites, App and Services. Our surveys may ask visitors for demographic
information such as age, gender, and education. We use survey information for evaluation and
quality improvement purposes, including helping Aster to improve information and services
offered. In addition, users giving feedback may be individually contacted for follow-up due to
concerns raised during the course of such evaluation. Demographic information and Web log data
may be stored for future evaluation and quality improvement activities.
- Comments or questions sent to us using email or secure messaging forms will be shared with our
employees and health care professionals who are most able to address the comment or question. We
will archive your messages once we have made our best effort to provide you with a complete and
satisfactory response. Some of our services such as our automated appointment selection and
prescription refill for Aster generated prescriptions interact directly with other Aster data
systems. Data about your transaction may be stored in these systems, and available to people who
test and support these systems. When you use a service on the Websites or the App to interact
directly with Aster health care professionals, some information you provide may be documented in
your medical record, and available for use to guide your treatment as a patient.
- Our Websites and the App may include social media Features, such as the Facebook button. These
Features may collect your IP address, which page you are visiting on our site, and may set a
cookie to enable the Feature to function properly. Your interactions with these Features are
governed by the privacy statement of the company providing them.
- If you are using the Websites or App, with your permission, we will use the geo-location feature
of your mobile device or same or similar feature of the device you are using to access the
Websites. When you download and use the App, we automatically collect information on the type of
device you use, operating system version, and the device identifier. Aster and our Partners do
not share your location information with other any third party. You may opt out of
location-based services on your mobile phone by changing the relevant/ applicable setting at
your device level.
- Aster does not collect information about the visitors of the Website from other sources, such as
public records or bodies, or private organisations, save and except for the purposes of
registration of the Users (the collection, storage and disclosure of which each User must agree
to under the terms of use in order for Aster to effectively render the Services).
- Aster has implemented best standard industry practices and security policies, rules and
technical measures to protect the personal data that it has under its control from unauthorised
access, improper use or disclosure, unauthorised modification and unlawful destruction or
accidental loss. However, for any data loss or theft due to unauthorized access to the User’s
electronic devices
through which the User avails the Services, Aster or its Partners shall not be held liable for any
loss whatsoever incurred by the User.
- Aster ensures it and its partners implement reasonable security practices and procedures that
are commensurate with respect to the information being collected and the nature of Aster’s
business. The reasonable security practices and procedures implemented by us include but are not
limited to: encrypting data when it is on the move using industry standard practices, regularly
changing production keys and password, secure access to all production servers, performing
regular security updates on our servers and more.
- Aster takes your right to privacy very seriously and other than as specifically stated in this
privacy Policy, will only disclose your personal information in the event it is required to do
so by law, rule, regulation, law enforcement agency, governmental official, legal authority or
similar requirements or when Aster, in its sole discretion, deems it necessary in order to
protect its rights or the rights of others, to prevent harm to persons or property, to fight
fraud and credit risk, or to enforce or apply the Terms of Use.
- Aster may also disclose or transfer End-Users’ personal and other information a User provides,
to a third party as part of reorganization or a sale of the assets of a Aster division or
company. Any third party to which Aster transfers or sells its assets to will have the right to
continue to use the personal and other information that Users provide to us, in accordance with
the Terms of Use.
- To the extent necessary to provide Users with the Services, Aster may provide their personal
information to third party contractors who work on behalf of or with Aster to provide Users with
such Services, to help Aster communicate with Users or to maintain the Website or App. Generally
these contractors do not have any independent right to share this information, however certain
contractors who provide services on the Website, including the providers of online
communications services, will have rights to use and disclose the personal information collected
in connection with the provision of these Services in accordance with their own privacy
policies.
CASUAL VISITORS NOTE:
- No sensitive personal data or information is automatically collected by Aster from any casual
visitors of this website, who are merely perusing the site.
- Nevertheless, certain provisions of this Privacy Policy are applicable to even such casual
visitors, and such casual visitors are also required to read and understand the privacy
statements set out herein, failing which they are required to leave the Website immediately.
- If you, as a casual visitor, have browsed any page of this Website prior to reading the privacy
statements set out herein, and you do not agree with them, normally quitting the browser should
ordinarily clear any temporary cookies installed by Aster. We, however, encourage you to use the
“clear cookies” functionality of your browsers to ensure such clearing / deletion, as Aster
cannot guarantee, predict or provide for the behaviour of the equipment of all the visitors of
the Website.
- You are not a casual visitor if you have willingly submitted any personal data or information to
Aster through any means, including email, post or through the registration process on the
Website or App. All such visitors will be deemed to be, and will be treated as, Users for the
purposes of this Privacy Policy, and in which case, all the statements in this Privacy Policy
apply to such persons.
CONFIDENTIALITY AND SECURITY
- Your Personal Information is maintained by Aster in electronic form on its or its employees and
Partners equipment. Such information may also be converted to physical form from time to time.
We take necessary precautions to protect your personal information both online and off-line and
implements reasonable security practices and measures including certain managerial, technical,
operational and physical security control measures that are commensurate with respect to the
information being collected and the nature of Aster’s business.
- No administrator at Aster will have knowledge of your password. It is important for you to
protect against unauthorized access to your password, your computer and your mobile phone or
device. Be sure to log off from the Website when finished. Aster and its Partners do not
undertake any liability for any unauthorized use of your account and password. If you suspect
any unauthorized use of your account, you must immediately notify Aster by sending an email
to [email protected].
You shall
be liable to indemnify Aster, its employees and Partners due to any loss suffered by them due to
such unauthorized use of your account and password.
- Aster makes all User information accessible to its employees only on a need-to- know basis.
- Part of the functionality of the Services is assisting the patients, customers and other
stakeholders (like doctors, labs, pharmacies, customer care executives and others) to access
information relating to them. Aster may, therefore, retain and submit all such records to the
relevant patients, their doctors or other stakeholders.
- Notwithstanding the above, Aster is not responsible for the confidentiality, security or
distribution of your personal information by our Partners and third parties outside the scope of
our agreement with such Partners and third parties. Further, Aster and its Partners shall not be
responsible for any breach of security or for any actions of any third parties or events that
are beyond the reasonable control of Aster and its Partners including, acts of government,
computer / website hacking, unauthorised access to computer data and storage device,
computer crashes, breach of security and encryption, poor quality of Internet service or
telephone service of the User etc.
CHANGE TO PRIVACY POLICY
Aster may update this Privacy Policy at any time, with or without advance notice. In the event there
are significant changes in the way Aster treats User’s personally
identifiable information, or in the Privacy Policy itself, Aster will display a notice on the Website
or send Users an email, as provided for above, so that you may review the changed terms prior to
continuing to use the Services. If you object to any of the changes to our terms, and you no longer
wish to use the Services, you may contact
[email protected] to
deactivate your account. Unless stated otherwise, Aster’s current Privacy Policy applies to all
information that Aster has about You and Your account.
If a User uses the Services or accesses the Website or uses the App after a notice of changes has
been sent to such User or published on the Website, such User hereby provides his/her/its consent to
the changed terms.
CHILDREN'S AND MINOR'S PRIVACY
Aster strongly encourages parents and guardians to supervise the online activities of their minor
children and consider using parental control tools available from online services and software
manufacturers to help provide a child-friendly online environment. These tools also can prevent
minors from disclosing their name, address, and other personally identifiable information online
without parental permission. Although the Aster Website, App and Services are not intended for use
by minors, Aster respects the privacy of minors who may inadvertently use the internet or the mobile
application.
CONSENT TO THIS POLICY
You acknowledge that this Privacy Policy is a part of the Terms of Use of the Website and the other
Services, and you unconditionally agree that becoming a User of the Website, the App and its
Services signifies your assent to this Privacy Policy. Your visit to the Website, use of the App and
use of the Services is subject to this Privacy Policy and the Terms of Use.
ADDRESS FOR PRIVACY QUESTIONS
Should you have questions about this Privacy Policy or Aster's information collection, use and
disclosure practices, you may contact us at
[email protected]. We
will use reasonable
efforts to respond promptly to any requests, questions or concerns, which you may have regarding our
use of your personal information.
If you have any grievance with respect to our use of your information, you may communicate such
grievance to:
The Grievance Officer,
Aster DM Healthcare Limited
No 1785, 1st Floor, 19th Main Road, Sector 1, Agara Extension, HSR Layout, Bengaluru, 56010 [email protected]