Privacy Policy
Your privacy protection is of utmost importance to Us at KIMS Health Care Management Limited and its subsidiaries (collectively referred to as ‘KIMSHEALTH’, ‘We’, ‘Us’, or ‘Our’) and We take due care and protection of the information We receive from users (registered and unregistered) of Our website and/or Our services (i.e., patients and hospital visitors) and third-party contractors engaged by Us (collectively referred to as ‘You’ or ‘Your’).
This privacy policy (‘Privacy Policy’) applies to the collection, use, storage, processing, retention, disclosure, and transfer of Your personal information or data (as defined under applicable laws) and sensitive personal information or data (as defined under applicable laws to mean personal information that consists of passwords; financial information such as bank account details, credit or debit card details, or other payment instrument details; physical, physiological, and mental health condition; sexual orientation; medical records and history; and biometric information) by KIMSHEALTH for the purposes mentioned in this Privacy Policy.
We only collect personal information when we truly need it to provide better services to You. We collect it by fair and lawful means, with Your knowledge and consent. Through this Privacy Policy, We also let You know why We’re collecting it and how it will be used.
1. Access
We acquire Your personal information directly from You, from third parties, or automatically through Our website or web applications or when You communicate with Us through email or other online media or when You visit any of the KIMSHEALTH hospitals or avail any of the services offered at any of the KIMSHEALTH hospitals.
The information that We typically collect from all of You includes:
- Name
- Contact details including mobile numbers, email address, permanent address
In addition to the above, We may collect the following categories of information from patients / hospital visitors (as applicable):
- Gender
- Date of birth / age
- Marital status
- Sexual orientation
- Medical records and history
- Health status including physical, physiological, and mental health condition
- Aadhaar/driving license / PAN or any other identity document.
- Other details provided at the time of registration or voluntarily such as telephone number, address, etc.
- Financial information such as bank account or credit card or debit card or other payment instrument details
- Insurance data such as insurance carrier data, insurance plan details, and insurance related details received from third-party administrators.
We may also collect the following information from You if You use our website:
- The type of device You’re using, Your IP address, the time You signed on to Our website, login credentials etc. in case You access Our website/application/mobile application.
- We use cookies to collect data to recognize You and Your device(s) for providing You with better and customized, relevant advertisements or to enhance Your website experience. You can opt out from our use of such data from cookies and similar tools.
We may also collect the following additional information from third-party contractors such as PAN, GST, etc.
The data is collected by various methods as set out below:
- Registration on KIMSHEALTH website or web applications or mobile application.
- Registration at any of KIMSHEALTH hospitals while availing in-patient or out-patient services.
- Submitting the details to any staff of KIMSHEALTH hospitals.
- Any information provided to Us by You through any other channels.
2. Consent
We collect your Information when You access our website or communicate with us through email or other digital channels or when You visit Our facilities physically at the time of registration or at the time of availing any of Our services. Personal information of employees, interns, consultants, and contractors is collected and processed during the course of their engagement.
By navigating to Our Website and thereafter, by providing Us Your personal information or availing services of KIMSHEALTH or by making use of the facilities provided by the website/mobile application, it is agreed by You that You have provided Your personal information out of your free will and after understanding how it will be used. You also consent that the collection, storage, processing, disclosure, and transfer of any personal and sensitive personal information shall not cause any wrongful loss to You, if it is done in accordance with the provisions of this Privacy Policy. However, We shall not be liable for any loss that may happen to You owing to the provision of wrongful personal information by You.
You are free to refuse Our request for Your personal information, with the understanding that We may be unable to provide You with some of Your desired services.
By sharing the information, or clicking on “I agree” or accepting any other documentation provided, you consent to the use of the information for the purposes mentioned in this Policy.
3. Usage of Personal Information
We may use personal information to:
- Respond to Your inquiries and fulfil Your requests;
- Provide effective services at KIMSHEALTH;
- Send You important information regarding the website, changes to Our terms, conditions, and policies and/or other administrative information;
- Send You marketing communications that We believe may be of interest to You;
- Operate and improve the website and/or our services;
- Contact You via phone, SMS, WhatsApp, or email for appointments, technical issues, payment reminders, deals and offers, and other announcements;
- Personalize Your experience on the website;
- Respond to subpoenas, court orders, or legal process, or to establish or exercise Our legal rights or defend against legal claims;
- Administer or otherwise carry out Our obligations in relation to any agreement You have with Us;
- Allow You to participate in surveys, contests, and similar promotions and to administer these activities. Some of these activities have additional rules, which could contain additional information about how We use and disclose Your personal information;
- Analyze data for Our business purposes, such as audits, medical records, enhancing the website, improving our services, identifying usage trends, and determining the effectiveness of our promotional campaigns; or control risk, to comply with laws and regulations and to comply with other legal processes and law enforcement requirements.
Collection and processing of Aadhaar information: We may collect Aadhaar information from You for identification purposes. Please note that it is not mandatory for You to provide Your Aadhaar details for identification purposes, and You may provide other identification documents such as PAN card, passport, or driving license. However, We shall inform You in case collection of Aadhaar information is mandatory for the purpose of compliance with applicable law. We will not be sharing Your Aadhaar details further with third parties without Your consent. We do not retain Your Aadhaar details longer than required for the purposes mentioned above and will keep such details secure and confidential in accordance with applicable laws.
4. Sharing and Transferring of Personal Information
The data/personal information may be disclosed or shared with third parties (such as insurance third-party administrators, insurance companies, third-party service providers, business associates) for the following purposes:
- For processing insurance claims;
- For specialized services as part of overall services provided or any schemes;
- For analysis and business intelligence services or as part of monetizing or providing better services;
- For sending marketing communications to You through various channels including but not limited to email, SMS, WhatsApp, etc.
- Fulfilling requirements under applicable laws or pursuant to any judicial or governmental proceeding. If required by law, We may provide any and all information We have about You to law enforcement or other government agencies, pursuant to a subpoena, warrant or other order by a court of competent jurisdiction. Where required by applicable law, We will require written documentation of the request, proof of the identity of the law enforcement official making the request, and We will take steps to authenticate the validity of the request. Any law enforcement or government agency request submitted with less than a court-issued order will be evaluated on a case-by-case basis according to the need and urgency, as well as the particular law enforcement agency making the request.
- In connection with the sale of our business or assets or an acquisition of Our business by a third party or any other merger/amalgamation/acquisition/corporate transaction involving Us.
Once You have consented to share Your personal information with Us, You authorize Us to exchange, transfer, share, part with all or any of Your personal information, across the world with Our affiliates/agents/third-party service providers/partners/banks and financial institutions or any other persons, for the purposes specified under this Privacy Policy or as may be required by applicable law.
Any such sharing or disclosure of personal and sensitive personal information is only to entities/individuals who adhere to the same levels of security standards as maintained by Us, to ensure the security, integrity, and privacy of Your sensitive personal information.
We don’t share any personally identifying information publicly or with non-affiliate third-parties, except as specified in this Privacy Policy or when required to by applicable laws.
Our website may link to external sites that are not operated by Us. Please be aware that We have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.
5. Data Retention and Protection
We only retain collected information including Aadhaar information for as long as necessary to provide You with Your requested service or as is otherwise required under applicable law. What data We store, We’ll protect using commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use, or modification.
To protect Your personal information from unauthorized access and use, we use security measures that comply with Indian law. We have implemented appropriate physical, technical, and administrative measures to safeguard and secure the personal information We collect including computer safeguards, data and database encrypting, and secured files and buildings.
We use Secure Socket Layer (SSL) protocol—an industry standard for encryption over the Internet—to protect the transmission of personal information We collect online. When you type in sensitive information, it will be automatically converted into secure codes before being securely dispatched over the internet. All electronic personal data that we maintain in databases is securely stored and further protected through our use of appropriate access controls.
The data collected is stored in our servers situated at KIMS Health Care Management Limited at Kumarapuram Poonthi Road, Anamukham P B, Anayara P.O., Trivandrum – 695029
6. Accessing, Correcting or Withdrawing Your Personal Information
At any time, You can request access to Your personal information to review any such information that You have supplied. You may modify or delete any such information that has been found to be inaccurate or incomplete during such review.
KIMSHEALTH will respond to such requests as soon as possible after confirming the authenticity of the requestor and the request.
You may also withdraw Your consent in relation to processing of any sensitive personal information that You have provided to Us, by contacting Our Grievance Officer. Please note, however, that this may affect our ability to provide You with services and may therefore lead to discontinuation of such services for which this information was being used for, at Our sole discretion.
7. Other Information We Collect Online
“Other Information” is any information other than personal information that does not reveal Your specific identity or does not directly relate to an individual.
How We Collect and Use Other Information:
- Through Your browser: Certain information is collected by most browsers, such as Your Media Access Control (MAC) address, device type, screen resolution, operating system version and Internet browser type and version. We use this information to ensure that the website functions properly and for security purposes.
- Use of cookies: Cookies are pieces of information stored directly on the device You are using. Cookies We use do not contain or capture unencrypted personal information. Cookies allow Us to collect information such as browser type, time spent on the website, pages visited, and language preferences. We use the information for security purposes, to facilitate navigation, to display information more effectively, and to personalize Your experience while visiting the website. We also gather statistical information about the usage of the website in order to continually improve the design and functionality, to understand how people use the website, and to assist Us with resolving questions regarding the website. You can refuse to accept these cookies and most devices and browsers offer their own privacy settings for cookies. You will need to manage Your cookie settings for each device and browser You use. However, if You do not accept these cookies, You may experience some inconvenience in Your use of the website.
- Use of an analytics and optimization service: We use this to track and analyze activity on the website for security purposes, to facilitate navigation, to display information more effectively, to continually improve the design and functionality, and to understand how people use the website.
- Use of pixel tags, web beacons, clear GIFs or other technologies: These may be used in connection with some website pages and HTML-formatted email messages to measure the effectiveness of Our communications, the success of Our marketing campaigns, compile statistics about usage and response rates, and to assist us in resolving customers’ questions regarding the use of the website.
- IP Address: Your IP Address is a number that is automatically assigned to the device that You are using by Your Internet Service Provider. An IP Address is identified and logged automatically in Our server log files whenever a user visits the website, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the internet and is done automatically by many websites. We use IP addresses for purposes such as calculating website usage levels, helping diagnose server problems, and administering the website.
- Aggregated and De-identified Data: “Aggregated and De-identified Data” is data We may create or compile from various sources, including mouse clicks and movements, scrolling activity, and text You type into the website. This information is used for business purposes, which may include offering products or services, research, marketing, or analyzing market trends and other purposes consistent with applicable laws.
8. Additional Information
Social Media Sites: KIMSHEALTH provides experiences on social media platforms such as Facebook®, Twitter® and LinkedIn® that enable online sharing and collaboration among users who have registered to use them. Any content You post, such as pictures, information, opinions, or any personal information that You make available to other participants on these social platforms, is subject to the terms of use and privacy policies of those platforms. Please refer to them to better understand Your rights and obligations with regard to such content.
9. Grievance Officer
You may contact Our Grievance Officer if You have any concerns or questions regarding Our Privacy Policy. The name and address of the officer are as below:
Name: Mr. Bejoy V S
Email:grievanceofficer@kimshealth.org
10. Amendments
We may amend the Privacy Policy from time to time. Any such amendment will be posted on Our website and Our internal portal (intranet). We may not be able to separately notify You of the revisions each time that we make them. We encourage You to check this page periodically for amendments to the Privacy Policy to understand how it affects the use of Your personal information. We will not be responsible for Your failure to remain informed about such changes. We will obtain explicit consent from You for changes to this Privacy Policy, where required under applicable data protection laws.