Get Started

Privacy Policy

Effective Date: 29 Jan 2026

Medigence Health Private Limited (“Medigence Health,” “Company,” “we,” “us,” or “our”) is committed to protecting the privacy, confidentiality, and security of personal data and sensitive health data entrusted to us.

This Privacy Policy describes how we collect, use, process, store, share, and protect personal data and sensitive personal data (“Data”) of users (“User,” “you,” or “your”) through our mobile applications, web applications, and related services (collectively, the “Platform”).

Medigence Health enables users to track health parameters and securely share real-time data with their chosen doctor or registered healthcare provider, as well as with relatives or caregivers whom the user has explicitly consented to share such data with, so that they may remain informed about the user’s health status, readings, and related concerns. Authorized healthcare providers may monitor this data and take medical actions when required.

1.Eligibility & Age Restriction

The Platform is intended strictly for individuals 18 years of age or older.
We do not knowingly collect or process data of minors. If we become aware that data belonging to a person below 18 years of age has been collected, such data will be promptly deleted from our systems.

By using the Platform, you confirm that you are at least 18 years old.

2. Data We Collect & Legal Basis for Processing

2A. Personal Data (Identity, Contact & Technical)

  • Identity & Contact Data: Name, mobile number, email address, date of birth, age, gender, height, weight
  • Technical Data: IP address, device ID, operating system, application usage logs, crash reports, access timestamps
  • Financial Data: Payment information required to process subscriptions or consultation fees(Handled exclusively by PCI-compliant payment gateways; Medigence Health does not store full card or banking details.)

2B. Sensitive Personal Data (Health & Wellness Data)

Health data voluntarily entered by you for monitoring and doctor consultation purposes, including but not limited to:

  • Blood sugar readings and trends
  • Vitals and symptoms
  • Medicines and insulin dosage
  • Diet logs
  • Medical reports
  • Appointments
  • Emergency location data (used only for healthcare-related intervention)

3. Lawful Basis for Processing

We process Data only on lawful grounds, including:

  • Explicit Consent provided by you.
  • Contractual Necessity to deliver Platform services.
  • Legal Obligation under applicable laws.
  • Protection of Vital Interests, including medical emergencies.
  • Legitimate Interests, limited strictly to security, fraud prevention, and system integrity.

4. How Data Is Used (Purpose Limitation)

Your data is used solely for the following purposes:

1. Service Provision: To provide you with personalized health tracking, data visualization, and to facilitate direct consultation services with the healthcare provider you select.

2. Doctor Consultation: To share your Health Data exclusively with the specific doctor you explicitly consent to, solely for continuous monitoring and timely medical intervention when required.

3. Family/Relative Tracking: To share your Health Data with specific relatives or contacts only when you have provided explicit consent to allow them to monitor your improvement and readings.

4. Security and Functionality: To maintain the security of our application, troubleshoot technical issues, and detect and prevent fraud.

5. Service Improvement & Analytics: To use anonymized or pseudonymized data for internal research, statistical analysis, product improvement, and feature development. We adhere to industry standards to ensure that anonymized data cannot be re-identified.

6. Marketing: To send you promotional communications

  • Promotional communications are sent only with separate, explicit, and revocable consent.
  • Health data is never used for marketing.
  • You may opt out at any time.

5. No Automated Medical Decision-Making

  • Medigence Health does not use Artificial Intelligence or automated decision-making systems for diagnosis, treatment, or prescribing.
  • No profiling or automated decisions producing legal or significant effects are carried out.
  • All medical responses are provided solely by qualified human healthcare professionals.

6. Data Sharing & Disclosure

We share Data only in the following circumstances:

1. Healthcare Providers (The Doctor): Your Health Data is shared only with the specific doctor(s) you consent to consult with. Once the doctor downloads or stores this data outside of our application for their professional records, the doctor becomes an independent Data Controller/Fiduciary responsible for its protection under their professional standards and ethical obligations.

2. Third-Party Service Providers (Data Processors): We utilize trusted third parties (e.g., cloud hosting providers, payment gateways, professional analytics tools). We ensure all such parties are bound by strict Data Processing Agreements (DPAs) that require them to maintain data protection standards equivalent to those specified in this policy. Cloud service partners meeting ISO 27001/HIPAA‑grade security.

3. Legal and Regulatory Requirement: We may disclose your data if required by law, court order, governmental request, or subpoena, or if we believe in good faith that disclosure is necessary to protect our rights or the safety of others.

We never sell your personal or health data.

7. Cookies & Web Tracking

Our website and web-based services may use cookies and similar technologies to:

  • Ensure platform functionality and security
  • Improve user experience
  • Analyze website performance


Cookies may collect browser and device metadata but never collect health data.You may disable cookies through browser settings, though some features may be affected.

8. Data Security & Access Controls

8A. Encryption & Access Restriction

  • Personal and health data is protected using strong encryption during transmission and storage.
  • Access to decrypted health data is technically restricted and limited to:
    • The user
    • Authorized healthcare providers or contacts explicitly approved by the user

 

Medigence Health implements strict access controls, audit logging, and role-based permissions to prevent unauthorized access.

8B. Security Safeguards

We implement industry-standard safeguards, including:

  • Encryption
  • Secure key management
  • Network security controls
  • Regular vulnerability assessments
  • Incident monitoring and logging


Our practices are aligned with HIPAA-grade security standards where applicable.

9. Data Retention & Storage Location

Retention:

  • Personal and health data is retained until you request deletion, subject to legal and clinical retention obligations.
  • Security and audit logs are retained for up to 200 days or as required by law.


Storage Location:

  • Primary data storage is located in Mumbai, India.
  • Backups may be stored in secure, access-controlled environments.

10. Cross-Border Data Transfers

  • If data is transferred outside India or the EU/EEA, we ensure appropriate safeguards.
  • For GDPR-governed users, transfers occur only via approved mechanisms such as Standard Contractual Clauses or adequacy decisions.

11. Data Breach & Incident Response

In the event of a data breach or security incident:

  • We will promptly investigate and mitigate the incident
  • Notify applicable authorities (including CERT-In, where required)
  • Inform affected users when legally mandated or where there is a significant risk to rights or safety.

12. Your Data Rights & Consent Management

You have the following rights regarding your Personal Data and Sensitive Personal Data:

1. Right to Access: The right to request a copy of the personal data we hold about you.

2. Right to Rectification: The right to request the correction of any incomplete or inaccurate data we hold about you.

3. Right to Erasure (“Right to be Forgotten”): The right to request the deletion of your data, subject to legal retention obligations.

4. Data Portability: The right to receive your health data in a structured, commonly used, and machine-readable format.

5. Right to Withdraw Consent: The absolute right to withdraw consent for the processing of your Sensitive Health Data at any time.

13.Process for Revocation of Consent:

You may withdraw your consent for processing Sensitive Health Data at any time through the following methods:

  • In-App Control: Use the clearly marked option available within the application’s Privacy Settings module.
  • Written Request: Submit a written request via email to our designated Data Protection Officer at the contact details provided below.

 

Note on Withdrawal:
Upon withdrawal of consent, we will immediately cease processing your Sensitive Health Data for active services. As a result, core features including health tracking, data visualizations, real-time monitoring, and doctor consultations will no longer be available, as these services are entirely dependent on such data.


Data Deletion Timeline:
Following successful verification of your request, your personal and sensitive health data will be permanently deleted from our active systems within seven (7) business days, subject to applicable legal, regulatory, and clinical data retention obligations.

14. Grievance Redressal Mechanism

In accordance with applicable law, you may raise privacy-related grievances with:

Grievance Officer / Data Protection Officer

Medigence Solutions Pvt Ltd
Fortune Business Hub, 223, Ahmedabad, Gujarat 380060

Email: medigencehealth25@gmail.com

Grievances will be addressed within 15 days.

15.Legal Framework & Compliance Reference

This Policy is drafted in compliance with, and guided by, the following laws and standards, as applicable:

  • Digital Personal Data Protection Act, 2023 (India)
  • Information Technology Act, 2000 & SPDI Rules, 2011
  • CERT-In cybersecurity directives
  • Telemedicine Practice Guidelines (India)
  • General Data Protection Regulation (GDPR – EU/EEA), where applicable
  • HIPAA-aligned administrative, technical, and physical safeguards (where relevant)

16. Amendments to this Policy

We may make amendments to this Policy at any time. Any changes will be announced on the Company’s website ([Insert Website URL]), emailed to you directly, or notified through the mobile application. Your continued use of the service after public announcement or direct notification shall be deemed consent to those amendments.

17. Contact Us

For questions or concerns regarding this Policy or your Data, please contact us at the details provided above.

Request a Demo