Data Privacy

Data Privacy

We ensure the highest possible standards for secure transactions and customer information privacy. Please read the following statement to learn about our information gathering and dissemination practices. Our privacy policy is subject to change at any time without notice. To make sure you are aware of any changes, please review this policy periodically.

By visiting this Website or our Product Websites you agree to be bound by the terms and conditions of this privacy policy (“Privacy Policy”). By using the Website and/ or by providing your information, you consent to the collection and use of the information you disclose on the Website in accordance with this Privacy Policy, including but not limited to your consent for sharing your information as per this privacy policy.

For the sake of clarity, please note that the mere use of the Website constitutes an express consent to use and disclose any information provided by you in accordance with this Privacy Policy. This Privacy Policy is incorporated into and subject to the Terms.

Any change in our privacy policy will be posted on this page in order to enable users to be aware of what information we collect, how we use it and under what circumstances we disclose it.

Elaborates Patient Health Data Protection-Protocol applicable to duties performed under Section A-1*, A-2*, A-3*, A-4* and D-1* of BIPL Data Protection Guidelines, and protection of Patient Health Data and Personal Information while performing other business related duties or duties of any nature associated and/or relevant to BIPL and its functionality.

This Patient Data Protection Agreement (“PDPA”) forms part of the master agreement between the company, in this case Brainpan Innovation Private Limited, herein referred to as BIPL, and workforce* associated with it, to reflect the parties’ agreement with regard to the Processing of Personal Data of Patients/Customers, in accordance with the requirements of Data Protection Laws.

Scope of Personal Information and Health Data under the purview of PDPA

  1. Any basic personal information of the patient or customer of BIPL, inclusive of, but not limited to name, address, contact details, race, religion, gender, profession, personal images, bank information, health card credentials.
  2. Any type of health data of the patient or customer of BIPL, inclusive of, but not limited to prescription data, treatment information, information regarding existing health status and/or ailments, patient history, course of treatment, diagnostic test reports, radiology test reports and other report(s) of any kind that contains medical or personal data of the patient.
  3. Details of doctors, medical staffs, health facilities, partners or affiliated agencies, hospitals, clinics, camps, diagnostic centers, radiology labs or any facility of any kind with which the patient/customer is associated or undergoing any treatment, examination or test.
  4. Credentials that allows Patients/customers to access their health information provided to them by BIPL. It is inclusive of, but not limited to login ID or user ID and password used to access BIPL proprietary platform of any type.
  5. Any personal information that may affect or harm the patient/customer in qualitative or quantitative aspects of life.

BIPL Guideline: Regarding Breach of PDPA

The company, in general, holds a very strict policy of data privacy for all the patients/customers, attendants or any third party that is associated with the patient’s involvement with BIPL. As a general issuance of protocol, it is to be clearly understood that under no circumstances BIPL approves unauthorized access, alteration, transference, extraction* or, sharing of any form of patient’s or customer’s Personal Information or, Health Data that belongs to BIPL, its collaborator, partner-organization or to any of its affiliated partners. Any member from the workforce*, if attempts or, indulges, in violating the privacy norms under PDPA, shall be put liable to extreme punitive actions (inclusive of, but not limited to Legal Proceedings, Cash Penalty commensurate to the loss incurred due to liability, Character Assessment and Reporting) post-termination, effective immediately from the time of attempt/indulgence.

Categories and Clauses: Workforce
  • Any member of the workforce* currently serving BIPL falls under the obligation of safeguarding personal information and health data of BIPL subscribers (patient/customer) until he/she remains as a member of the workforce*. It is imperative that any such information (material, hard copy, soft copy and digital data) shall be transferred back to BIPL at the time of voluntary release from active duty or during termination.
  • Any member of the workforce* that has served in the past and is not serving BIPL currently, falls under the obligation of preventing leakage of personal information and health data of BIPL patient/customer, that the ex-employee indirectly may have access to, or, he/she may have obtained during the tenure after the release from the company under whatsoever reason/pretext. They are obligated to immediately report the possession of any such information to BIPL without failure.
  • Any new member inducted into the workforce* has to mandatorily agree and sign the PDPA under the oath and legal obligation to safeguard personal information and health data of BIPL subscribers (patient/customer).

* Terminologies:

Section A-1: This refers to protection of data obtained while conducting business operations over the internet based/standalone platform Doctor’s Diary platform owned by BIPL.

Section A-2: This refers to protection of data obtained while conducting business operations over the internet based/standalone platform Doctor’s Diary of Kids owned by BIPL.

Section A-3: This refers to protection of data obtained while conducting business operations over the internet based/standalone platform Doctor’s Diary for HES owned by BIPL.

Section A-4: This refers to protection of data obtained while conducting business operations over the internet based/standalone platform Disease Atlas owned by BIPL.

Section D-1: This refers to protection of data obtained while conducting business operations related to rendering associated services, meetings, visits, debates, discussions, written/verbal or any other form of information exchange with stakeholders (inclusive of, but not limited to doctors, patients, partners, potential leads, competitors) for any intellectual property or business related enquiries. It also refers to protection of data yet to be obtained under the addendums (inclusive of, but not limited to software, service, collaborator’s data, product on any intellectual property of BIPL), that are soon to be introduced, or may be introduced in future, for any business purpose that involves any form of patient data or their personal information.

Extraction: Inclusive of, but not limited to copying, downloading, photographing, scanning, video recording, audio recording, electronic mailing, electronic or manual posting.

Workforce: This refers to anyone associated with the business operation, execution, maintenance and supervision. It is inclusive of, but not limited to Managing Partners, Investors, Employees (both part time and full time), Interns, Trainees, Staff Members, Mentors or Advisors operating from any geographical location.

When you use our Websites, we collect and store your personal information which is provided by you from time to time. Our primary goal in doing so is to provide you a safe, efficient, smooth and customized experience. This allows us to provide services and features that most likely meet your needs, and to customize our Websites to make your experience safer and easier. More importantly, while doing so we collect personal information from you that we consider necessary for achieving this purpose.

In general, you can browse the Websites without telling us who you are or revealing any personal information about yourself. Once you give us your personal information, you are not anonymous to us. Where possible, we indicate which fields are required and which fields are optional. You always have the option to not provide information by choosing not to use a particular service or feature on the Websites.

A “cookie” is a small piece of information stored by a web server on a web browser so it can be later read back from that browser. Cookies are useful for enabling the browser to remember information specific to a given user. We place both permanent and temporary cookies in your computer’s hard drive. The cookies do not contain any of your personally identifiable information.

We use data collection devices such as “cookies” on certain pages of the Website to help analyse our web page flow, measure promotional effectiveness, and promote trust and safety. “Cookies” are small files placed on your hard drive that assist us in providing our services. We offer certain features that are only available through the use of a “cookie”.

We also use cookies to allow you to enter your password less frequently during a session. Cookies can also help us provide information that is targeted to your interests. Most cookies are “session cookies,” meaning that they are automatically deleted from your hard drive at the end of a session. You are always free to decline our cookies if your browser permits, although in that case you may not be able to use certain features on the Website and you may be required to re-enter your password more frequently during a session.

Additionally, you may encounter “cookies” or other similar devices on certain pages of the Website that are placed by third parties. We do not control the use of cookies by third parties.

We may share personal information with our other corporate entities and affiliates to help detect and prevent identity theft, fraud and other potentially illegal acts; and to correlate related or multiple accounts to prevent abuse of our services. Those entities and affiliates may not market to you as a result of such sharing unless you explicitly opt-in.

We may disclose personal information if required to do so by law or in the good faith belief that such disclosure is reasonably necessary to respond to subpoenas, court orders, or other legal process. We may disclose personal information to law enforcement offices, third party rights owners, or others in the good faith belief that such disclosure is reasonably necessary to: enforce our Terms or Privacy Policy; respond to claims that an advertisement, posting or other content violates the rights of a third party; or protect the rights, property or personal safety of our users or the general public.

Our Websites links to other websites that may collect personally identifiable information about you. Brainpan Innovations and its product lines are not responsible for the privacy practices or the content of those linked websites.

Our Websites have stringent security measures in place to protect the loss, misuse, and alteration of the information under our control. Once your information is in our possession we adhere to strict security guidelines, protecting it against unauthorized access.

In accordance with Information Technology Act 2000 and rules made there under, the name and contact details of the Grievance Officer are provided below:

Name: Mr. Amrit Ravi

Address: Brainpan Innovations Private Limited, B-51, Mandir Marg Mahanagar Ext,

City: Lucknow – 226006

Phone: +91 99 90 825238

Email: amrit.ravi@brainpan.co