Privacy Policy for medicodirectory.com

Welcome to medicodirectory.com (the “Website”), owned and operated by Charvi Associates, located at [Your Company Address], Ajmer, Rajasthan, India. This Privacy Policy describes how Charvi Associates (“we,” “us,” or “our”) collects, uses, processes, discloses, and protects your personal data when you visit and use our Website.

We are committed to protecting your privacy and handling your personal data in a transparent and secure manner, in compliance with applicable Indian laws, including the Digital Personal Data Protection Act, 2023 (DPDP Act).

1. Acceptance of this Privacy Policy

By accessing or using medicodirectory.com, you signify your acceptance of this Privacy Policy. If you do not agree to this Policy, please do not use our Website. Your continued use of the Website following the posting of changes to this Policy will be deemed your acceptance of those changes.

2. Personal Data We Collect

We collect various types of personal data depending on your interaction with our Website:

a. Information You Provide Directly:
* Contact Information: Name, email address, phone number, physical address (especially for healthcare professionals creating listings).
* Account Information: Username, password (for registered users).
* Healthcare Professional/Facility Information: For those creating listings (free or premium), this may include medical specialization, qualifications, clinic/hospital name, address, services offered, photos, timings, professional registration numbers, etc.
* Communication Data: Information you provide when contacting us through forms, email, or other communication channels (e.g., feedback, inquiries).
* Payment Information: For premium listings or advertising, payment details (e.g., credit card number, billing address). Please note, we generally use third-party payment processors, and we do not directly store your full payment card details.

b. Information Collected Automatically (via Cookies and Tracking Technologies):
* Usage Data: Information about how you access and use the Website, such as your IP address, browser type, operating system, pages viewed, time spent on pages, referral source, and clicks.
* Device Information: Information about the device you use to access the Website, such as device type, unique device identifiers, and mobile network information.
* Location Data: General location derived from your IP address.

3. How We Use Your Personal Data

We use your personal data for the following purposes, based on your consent or other lawful bases as required by the DPDP Act:

* **To Provide and Maintain the Website:** To operate, maintain, and improve the functionality of medicodirectory.com, including displaying directory listings.
* **To Manage User Accounts:** To create and manage your free or premium user accounts, including those for healthcare professionals.
* **To Process Paid Services:** To process payments for premium listings, advertising, and other paid services.
* **To Personalize Your Experience:** To tailor the content and recommendations to your interests (e.g., showing relevant listings based on your search history).
* **To Communicate with You:** To respond to your inquiries, provide customer support, send important notices, and deliver promotional materials (where you have opted-in).
* **For Analytics and Improvement:** To understand how users interact with our Website, analyze trends, and improve our services, content, and user experience.
* **For Security and Fraud Prevention:** To detect, prevent, and address technical issues, security incidents, and fraudulent activities.
* **To Comply with Legal Obligations:** To meet our legal and regulatory obligations, including responding to lawful requests from public authorities.
* **For Advertising and Marketing:** To deliver targeted advertisements to you or measure the effectiveness of our advertising campaigns (where permissible and with your consent).

4. Lawful Basis for Processing (as per DPDP Act, 2023)

We process your personal data based on the following lawful bases:

* **Consent:** We obtain your consent for specific processing activities, particularly for marketing communications and for collecting certain types of personal data (e.g., sensitive personal data, if applicable, though generally not collected by our directory). You have the right to withdraw your consent at any time.
* **Legitimate Uses (Recognized by DPDP Act):** We may process data where it is necessary for the purposes for which you voluntarily provided it (e.g., creating a listing, making a payment).
* **Performance of a Contract:** When processing is necessary for the performance of a contract to which you are a party (e.g., providing paid premium listing services).
* **Compliance with Legal Obligations:** When processing is necessary for compliance with a legal obligation to which we are subject.

5. Disclosure of Your Personal Data

We may share your personal data with the following categories of recipients:

* **Publicly Available Information:** For healthcare professionals, the information submitted for listings (e.g., name, specialization, address, contact numbers, services) will be publicly visible on the Website.
* **Service Providers:** Third-party companies and individuals who perform services on our behalf, such as payment processors, hosting providers, analytics providers, and customer support. These service providers are obligated to protect your data and only use it for the purposes for which we disclose it to them.
* **Legal and Regulatory Authorities:** If required by law, court order, or governmental regulation, or if we believe it's necessary to protect our rights, property, or safety, or the rights, property, or safety of others.
* **Business Transfers:** In connection with a merger, acquisition, sale of assets, or other business transaction, your personal data may be transferred as part of that transaction.
* **With Your Consent:** We may disclose your personal data to other third parties with your explicit consent.

6. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. When your personal data is no longer needed, we will securely delete or anonymize it.

7. Your Rights as a Data Principal (under DPDP Act, 2023)

As a data principal under the DPDP Act, you have the following rights regarding your personal data held by us:

* **Right to Access and Information:** You have the right to obtain confirmation from us as to whether your personal data is being processed, and if so, to access that personal data and receive certain information about its processing.
* **Right to Correction/Grievance Redressal:** You have the right to request the correction or completion of inaccurate or incomplete personal data.
* **Right to Erasure (Right to be Forgotten):** You have the right to request the deletion of your personal data under certain circumstances (e.g., if the data is no longer necessary for the purposes for which it was collected, or if you withdraw consent and no other lawful basis for processing exists).
* **Right to Nominate:** You have the right to nominate another individual to exercise your rights in the event of your death or incapacity.
* **Right to Grievance Redressal:** You have the right to register a grievance with our Data Protection Officer regarding the exercise of your rights or any other matter relating to your personal data.

To exercise any of these rights, please contact us using the details provided in the “Contact Us” section below. We will respond to your request in accordance with applicable laws.

8. Data Security

We implement reasonable technical and organizational security measures to protect your personal data from unauthorized access, use, alteration, or disclosure. However, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

9. Children’s Privacy

Our Website is not intended for use by individuals under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from Children. If you are a parent or guardian and you learn that your Child has provided us with personal data, please contact us. If we become aware that we have collected personal data from a Child without verification of parental consent, we will take steps to remove that information from our servers.

10. Third-Party Websites

Our Website may contain links to other websites that are not operated by us. This Privacy Policy applies only to medicodirectory.com. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party websites you visit.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Effective Date” at the top. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

12. Grievance Redressal and Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, or if you wish to exercise your rights as a Data Principal, please contact our Grievance Officer/Data Protection Officer at:
rjainbwr@gmail.com

We will endeavor to address your concerns and grievances in a timely and effective manner.