Privacy Policy

1. Information We Collect

We collect information to provide you with high-quality and confidential medical care and support. This information falls into two categories:

1.1. Personal Information You Provide:

This is information you give us directly when you interact with our clinic. It may include:

• Contact Information: Your name, email address and phone number.
• Appointment Information: Your availability and scheduling preferences.
• Payment Information: Billing details, which are processed securely by our third-party payment gateways.
• Any other information you voluntarily provide to us, excluding medical history.

Please note: The Skin Sex and AIDS Awareness Centre does not collect or store your medical information online or through our digital platforms. All details regarding your health, medical history, symptoms, diagnoses, and treatment plans are discussed and handled directly and confidentially with our doctors or medical providers. This information is not entered into our online systems or third-party APIs.

1.2. Information Collected Automatically:

When you use our digital services, we may automatically collect certain technical information, such as:

• Usage Data: Information about how you use our platform.
• Device Information: Your IP address, browser type, and operating system and google tag data.

2. How We Use Your Information

We use the information we collect solely for the purpose of providing and improving our clinical services, including:

• Providing and managing your medical care and treatment.
• Processing and managing appointments.
• Processing transactions and managing billing.
• Communicating with you about your appointments, test results, and other essential service-related messages.
• Generating medical documents, reports, and barcodes.
• Improving our services and ensuring their security.

3. Disclosure of Your Information

Your privacy is paramount. We do not and will not sell, rent, or trade your personal or medical information. We only share your data with trusted third-party service providers who are essential for us to operate and provide our services.

3.1. Third-Party Service Providers:

To operate our services efficiently, we utilize various third-party APIs and gateways. These services are contractually obligated to process your data in compliance with their own privacy policies.

• Payment Gateways: For processing payments, your payment information is shared with and handled by secure payment gateways such as Jio Payment Gateway, EnKash, and others as needed.
• Messaging APIs: To facilitate secure, transactional communications, we use APIs from providers like WhatsApp, Message Central, meraotp.in, and Fast2SMS.
• PDF Generation APIs: For creating and delivering secure documents like invoices and lab reports, we use APIs, which may include Nutrient.io and PDFium.
• Barcode Generation: We use the bwip-js library to generate barcodes for internal tracking and identification.
• Appointment and Scheduling APIs: We use APIs from Cal.com to allow you to book and manage appointments.

4. Data Security

The protection of personal and sensitive information entrusted to us constitutes a matter of significant importance, and we remain committed to adopting and maintaining reasonable, appropriate, and industry-recognized safeguards designed to reduce the likelihood of unauthorized access, misuse, disclosure, alteration, or destruction of such information. To this end, we have instituted a combination of technical, administrative, and organizational measures that, in our professional judgment, are sufficient and proportionate to the nature of the data processed and the risks reasonably foreseeable in connection with such processing.

Notwithstanding the foregoing, it must be expressly acknowledged and understood that no system of data transmission over public networks, nor any method of electronic storage or retention, can be regarded as absolutely secure or entirely immune from compromise. While we endeavor to maintain security measures that are prudent, adequate, and consistent with generally accepted standards within our industry, we do not represent, warrant, or guarantee that unauthorized access, disclosure, loss, or alteration will never occur. By utilizing our services, you accept and acknowledge these inherent limitations as part of the risks associated with electronic communications and data handling.

5. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new policy on our website. We encourage you to review this policy periodically.