Privacy Policy

← Back to BookMyClinic

1. INFORMATION WE COLLECT

1.1 From Patients (for Appointment Booking)

We collect MINIMAL data:

• Name (First name and last name)
• Mobile number (10-digit phone number)
• Preferred appointment date and time
• Clinic selection

We DO NOT collect:

• Email address (unless voluntarily provided)
• Medical history or health information
• Payment information (service is free)
• Aadhaar number or government IDs
• Permanent address

1.2 From Clinics/Doctors (for Profile Listing)

• Clinic name and address
• Doctor name and qualifications
• Medical council registration number (self-declared)
• Contact details (phone, WhatsApp, email)
• Clinic timings and availability
• Specialization/services offered

1.3 Automatically Collected Information

• Device information (browser type, operating system)
• IP address and location data (approximate)
• Usage data (pages visited, features used)
• Cookies (for session management only)

2. HOW WE USE YOUR DATA

2.1 Patient Data Usage

We use patient data ONLY for:

• Processing appointment bookings
• Sending appointment confirmations via WhatsApp/SMS
• Sharing booking details with selected clinic
• Improving our Platform functionality

We DO NOT use patient data for:

• Marketing or promotional purposes
• Selling or sharing with third parties (except clinic for appointment)
• Creating patient profiles or medical records
• Targeted advertising

2.2 Clinic Data Usage

We use clinic data for:

• Creating and displaying clinic profiles
• Facilitating appointment bookings
• Platform analytics and improvement
• Communicating service updates

3. DATA RETENTION

3.1 Patient Data

• Booking data is NOT stored permanently
• Data is deleted within 30 days after appointment date
• Patients can request immediate deletion by contacting us

3.2 Clinic Data

• Stored as long as clinic profile remains active
• Deleted within 90 days of account termination
• Clinics can request data deletion anytime

4. DATA SHARING

4.1 With Whom We Share Data

We share patient data ONLY with:

• The specific clinic where appointment is booked (name, phone, appointment time)
• WhatsApp service provider (for appointment confirmations)
• Google Sheets (for temporary booking storage)

We DO NOT share data with:

• Marketing companies
• Data brokers
• Insurance companies
• Pharmaceutical companies
• Any third party for commercial purposes

4.2 Legal Disclosures

We may disclose data if required by:

• Court orders or legal process
• Government authorities under valid legal requests
• Prevention of fraud or illegal activities

5. DATA SECURITY

5.1 Security Measures

We implement:

• HTTPS encryption for all data transmission
• Secure cloud storage (Google Cloud Platform)
• Access controls and authentication
• Regular security audits
• No permanent storage of sensitive data

5.2 Limitations

While we take reasonable precautions, no system is 100% secure. We cannot guarantee absolute security against unauthorized access or data breaches.

5.3 Breach Notification

In case of a data breach, we will:

• Notify affected users within 72 hours
• Report to Data Protection Board of India (as per DPDP Act)
• Take immediate remedial action

6. YOUR RIGHTS (DPDP ACT 2023)

You have the right to:

Right	What You Can Do
Access Your Data	Request information about what data we hold about you
Correction	Request correction of inaccurate or incomplete data
Deletion	Request deletion of your data at any time (Right to be Forgotten)
Data Portability	Request your data in a portable format
Withdraw Consent	Withdraw consent for data processing (may affect service availability)
Grievance Redressal	File complaints with our Grievance Officer or Data Protection Board

7. CONSENT

7.1 How We Obtain Consent

• For Patients: By clicking "Book Appointment" button
• For Clinics: By clicking "Register Clinic" checkbox during signup

7.2 Consent is Voluntary

• You can choose not to provide data (service will not be available)
• You can withdraw consent anytime (future bookings will not be processed)

7.3 Consent for Minors

If you are booking appointments for minors (under 18), you confirm you have parental/guardian authority.

8. COOKIES AND TRACKING

8.1 What We Use

• Session cookies (for login functionality)
• Analytics cookies (for usage statistics)

8.2 What We Don't Use

• Advertising cookies
• Third-party tracking pixels
• Cross-site tracking

8.3 Cookie Control

You can disable cookies in your browser settings. This may affect Platform functionality.

9. THIRD-PARTY SERVICES

We use the following third-party services:

Service	Purpose	Data Shared
Google Apps Script	Backend processing	Booking data (temporary)
WhatsApp Business API	Appointment confirmations	Phone number, appointment details
GitHub Pages	Website hosting	No personal data
Google Maps API	Clinic location display	Location queries only

10. CHILDREN'S PRIVACY

BMC is not intended for children under 18. We do not knowingly collect data from children without parental consent. If you believe we have collected data from a child, contact us immediately for deletion.

11. INTERNATIONAL DATA TRANSFERS

We do NOT transfer personal data outside India. All data is stored and processed within India only.

12. CHANGES TO PRIVACY POLICY

We may update this Privacy Policy from time to time. Changes will be posted on our Platform with updated "Last Updated" date. Continued use after changes constitutes acceptance.

13. GRIEVANCE OFFICER

As per DPDP Act 2023, our Grievance Officer is:

14. DATA PROTECTION BOARD COMPLAINTS

If you are not satisfied with our response, you can file a complaint with:

Data Protection Board of India
(Contact details to be updated once Board is constituted)

15. CONTACT US

For privacy-related questions or to exercise your rights:

16. ACKNOWLEDGMENT