Privacy Policy

Last Updated: December 6, 2025

At MediConsult, we are committed to protecting your privacy and ensuring the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

1. Information We Collect

1.1 Personal Information

  • Full name and date of birth
  • Contact information (email, phone number, address)
  • Government-issued identification numbers
  • Payment and billing information
  • Emergency contact details

1.2 Health Information

  • Medical history and conditions
  • Medications and allergies
  • Consultation notes and diagnoses
  • Prescriptions and treatment plans
  • Lab results and medical reports
  • Vital signs and health metrics

1.3 Technical Information

  • Device information and identifiers
  • IP address and location data
  • Browser type and operating system
  • Usage patterns and preferences
  • Session recordings for quality assurance

2. How We Use Your Information

We use your information to:

  • Provide telemedicine consultation services
  • Process appointments and payments
  • Send prescriptions to pharmacies
  • Communicate about your care and appointments
  • Improve our services and user experience
  • Comply with legal and regulatory requirements
  • Prevent fraud and ensure platform security
  • Conduct research and analytics (with anonymized data)

3. Information Sharing

We may share your information with:

3.1 Healthcare Providers

Your health information is shared with the healthcare providers you consult with on our platform to facilitate your medical care.

3.2 Service Providers

  • Payment processors for transaction processing
  • Pharmacies for prescription fulfillment
  • Cloud service providers for data storage
  • Communication service providers
  • Analytics providers (with anonymized data)

3.3 Legal Requirements

We may disclose information when required by law, court order, or government regulation, or to protect the rights, property, or safety of our users.

4. Data Security

We implement robust security measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access with multi-factor authentication
  • Audit Logs: Comprehensive logging of all data access
  • Regular Audits: Third-party security assessments and penetration testing
  • Secure Infrastructure: ISO 27001 certified cloud infrastructure
  • Employee Training: Regular security awareness training for all staff

5. Data Retention

We retain your information as follows:

  • Medical Records: 10 years from last consultation (as per regulations)
  • Account Information: Until account deletion plus 30 days
  • Payment Records: 7 years for tax compliance
  • Communication Logs: 3 years
  • Analytics Data: 2 years (anonymized)

6. Your Rights

Under applicable data protection laws, you have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data (subject to legal requirements)
  • Portability: Receive your data in a portable format
  • Objection: Object to processing for marketing purposes
  • Restriction: Request restriction of processing
  • Withdrawal: Withdraw consent where processing is based on consent

To exercise these rights, please contact our Data Protection Officer at privacy@mediconsult.com.

7. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for platform functionality
  • Analytics Cookies: To understand how users interact with our platform
  • Preference Cookies: To remember your settings and preferences

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect platform functionality.

8. Children's Privacy

Our services are not intended for children under 18 without parental consent. If we learn that we have collected personal information from a child without parental consent, we will delete that information promptly.

9. International Data Transfers

Your data is primarily stored in India. If we transfer data to other countries, we ensure appropriate safeguards are in place, including standard contractual clauses and adequacy decisions where applicable.

10. Compliance

We comply with:

  • Digital Personal Data Protection Act, 2023 (India)
  • Information Technology Act, 2000
  • Telemedicine Practice Guidelines, 2020
  • Clinical Establishments Act requirements
  • HIPAA (for US users, where applicable)
  • GDPR (for EU users, where applicable)

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or platform notification. The “Last Updated” date at the top indicates when the policy was last revised.

12. Contact Us

For privacy-related inquiries or to exercise your rights, contact us:

Data Protection Officer:

Email: privacy@mediconsult.com

Phone: +91-1800-123-4567

Address: MediConsult Healthcare Pvt. Ltd., 123 Health Tower, Cyber City, Gurugram, Haryana 122002, India

13. Grievance Officer

In accordance with the Information Technology Act, 2000, the Grievance Officer is:

Name: Dr. Priya Sharma

Email: grievance@mediconsult.com

Response Time: Within 24 hours of receipt

Terms of Service|Medical Disclaimer|Back to Home