MEDISENSE PRIVACY POLICY

Medisense is committed to providing you notice about how Medisense and its affiliates and third-party service providers (together, “we”, or “us”, or “our”) handle your information. Medisense and all our affiliates that provide Services through our platform care about the confidentiality and security of your information. Reference to "you" and “Service Providers” in this Policy refers to the institutions, service providers providing their medical services on the Medisense Website and App (collectively referred to as “Platform(s)”) (as defined below) (“Services”). Any Personal Information (as defined below) and/or Personal Data (as defined below) collected from you will be used by us in accordance with and as described in this Privacy Policy (“Privacy Policy”).

The Policy sets out: (a) the types of information that we may collect from you when you provide the Services through the online medium and (b) our practices for collecting, using, maintaining, protecting and disclosing that information. By accessing the Platform(s) and providing Personal Information and/or Personal Data, you agree to the provisions of this Privacy Policy.

You are responsible for ensuring the accuracy of the Personal Data you submit to Medisense. Inaccurate information may affect your ability to use the Platforms, the information you receive when using the Platform, and our ability to contact you. For example, your email address and phone number should be kept active because that is one of the primary manners in which we communicate with you.

You also expressly consent to our use and disclosure of your Personal Information and/or Personal Data in any manner as described in this Privacy Policy and further signify your agreement to this Privacy Policy and the Terms & Conditions of our Platform(s) available at [•] (being incorporated by reference herein) ("Terms”). If you do not agree with the terms and conditions of this Policy, please do not proceed further, browse, or register for any of our Services or provide us with any information. To adjust your email and data preferences or opt out of further communications, please email us at medical@medisense.health

1. DEFINITIONS

“Affiliates” shall mean Medisense or any other entity that, directly or indirectly, through one or more intermediaries, controls, is controlled by, or is under common control with, Medisense .

“App” shall mean the mobile application of Medisense through which the Service Providers can provide the Services.

“Company” or “Companies” shall mean any corporation(s), limited liability company or companies, partnership(s) or other similar entities.

“Applicable Law(s)" shall mean all applicable laws, rules, regulations, guidelines, statutory or government notifications of Delaware.

“Data Protection Legislation” shall mean any data protection legislation applicable in the State of Delaware; and (b) General Data Protection Regulation and any other legislation in force from time to time relating to privacy and/or the processing of personal data and applicable to the provision and receipt of Services under these Terms and Conditions.

“Non-personal Identification Information” shall mean any non-personal information collected from Service Providers pursuant to their interaction on the Platform, including but not limited to the browser name, the type of computer and technical information about Service Providers means of connection to the Platform such as the operating system, the Internet service providers utilized and other similar information.

“Personal Identification Information” shall mean any information that identifies or can be used to identify, contact or locate the person, to whom such information pertains including, but not limited to, when Service Providers visit the Platform, register, conclude a transaction, fill out a form, and anything else in connection with other activities, services, features or resources we make available on the Platform. Service Providers may be asked for personal information including, but not limited to name, email address, phone number and residential address disclosed by you in relation to the services provided by us. Medisense will collect Personal Identification Information from Service Providers only if they voluntarily submit such information to us. For the purposes of this Policy, Personal Identification Information and Non-personal Identification Information shall together be referred to as "Personal Information"..

“Privacy Policy” shall mean this Privacy Policy.

“Services” shall mean the services provided by you on the Medisense Platforms as mentioned in our Terms.

"Third Party" shall mean any person or entity other than you or us which may include payment facilitators and other such entities which are not associated with us or any of our affiliates.

“Service Providers” or “You” shall mean entities or individuals providing medical services which shall be listed for use by Users on the Medisense Platforms.

“Users” shall mean users, visitors, customers, prospective customers who avail or will avail the services provided by Medisense.

“Website” means the platform on which we provide our customers the access to our Services which is available via www.medisense.me www.medisense.health www.medisensehealth.com www.medisense.ai.

2. SCOPE AND NATURE OF POLICY

This Privacy Policy covers Personal Information and/or Personal Data collected from and about you – individuals who are customers and prospective customers of our business. This Privacy Policy includes examples of the types of information we may collect and the kinds of companies to which we may disclose information. These examples are illustrative and should not be considered a complete inventory of our information collection or sharing practices. Accordingly, the words “include” and “including” mean inclusion without limitation.

3. THE INFORMATION WE COLLECT

3.1 In Relation to The Services

1. For the purposes of enrolling the Services provided by us, Service Providers will be required to disclose information including personal contact details. We collect Personal Data that you provide to us when you register for an account (“Account”) on the App or the Website, update or change information for your Account, sign-up for email updates, send us email messages. We may use the Personal Data that you provide to us to display your Services on the Platforms which may be utilized by the Users while availing the Services provided by you and send you email messages about Website maintenance or updates.
2. We may collect different data from or about you depending on how you provide the Services. The information we collect directly from you are:
   1. Name
   2. Gender
   3. E-mail address
   4. Phone number
   5. Government ID
   6. Years of experience
   7. Consultation address
   8. Specialization
   9. Academic Information including qualifications
   10. Work history including institution name, work type, office address, duration of work experience
   11. Other information such as areas of interest, professional contributions, research details, publications
   12. Registration History such as the Medical Council registered with, registration number etc.
   13. Location information
   14. Cost of In-person consultation
   15. Contact Number
   16. Available timings for tele consultations
   17. Self-video verification
3. We also collect some data automatically, such as information about your device and the time during which you provide the Services. We use tools such as cookies, web beacons, and similar tracking technologies to gather the information listed above. Some of these tools offer you the ability to opt out of data collection.
4. We may be able to determine from an IP address your Internet Service Provider and the geographic location of their point of connectivity. Location data may be used to route your traffic to the nearest regional server to reduce latency and improve your experience.
5. We do not collect, or store financial account numbers or identifications issued by a governmental entity, employer or other authority
6. Your name, email address, and other identifiable profile information is editable through the profile settings in your account.
7. If you want to manage emails and other communications to you, you may update your preferences in your account dashboard or contact our customer care support.

3.2 Information We Collect from Third Party Sources

In some cases, we collect user information from third parties. We also may collect information about you that we may receive from business partners, marketers, analysts and other sources to enable us to verify and update information contained in our records. If required, we may also collect information from credit reporting agencies to determine your creditworthiness, credit score and credit usage, in compliance with and to the extent permitted by applicable laws.

3.3 Legal Bases for Processing Under law of Relevant Country

Without prejudice or clash with any of the provisions of the Law regarding protecting the privacy of Personal Data, we process your Personal Data, as set out in Section 3 below, under the following legal bases:

1. Data / Information collected either from you or through a third party.
2. Our processing is necessary to perform our obligations under a contract with you or to perform steps requested by you prior to entering into a contract with you (e.g., to verify the information you have provided to us and provide the Services to you).
3. Our processing is necessary for our legitimate interests, including to protect the security of our Services; to protect the health and safety of others; to establish, protect and defend our legal rights and interests; to prevent fraud and verify identity and authorization of Service Providers; to personalize User experiences and content; to understand and analyze usage trends; and to improve the Services.
4. Legal Compliance: Where our processing is required to comply with applicable law (for example, to maintain your payment transaction history for tax reporting purposes).

In addition, we may process information to the extent necessary to protect the health, safety or vital interests of any person and to establish, protect and defend our legal rights.

3.4 Data Retention Practice

Our privacy policy document outlines our data retention practices to ensure that we are transparent and accountable in handling user data. If a user decides to delete their account, we want to inform them that all data entered by them during registration will be deleted immediately from our platform. However, any consultations or transactions made by the user will be retained for a period of 3 years for compliance purposes. This retention period is necessary to comply with legal and regulatory requirements, resolve any disputes or claims, and to maintain an accurate record of transactions. By choosing to delete their account, users acknowledge and agree to our data retention practices.

4. USE, PROCESSING AND DISCLOSURE OF YOUR INFORMATION

We use and disclose the information we collect, in the following ways:

4.1 Providing Support and Services:

1. We generally use the information we collect from and about you to provide and operate the Services, respond to User requests, for customer service and support, to send marketing communications based on your consent (which you may withdraw at any time), to help us personalize user experiences and to improve the Services.
2. We collect information for our legitimate reasons, including (without limitation to):
   1. Operate our Website and App and enable you to provide the Services;
   2. Confirm your reservations of the transaction status
   3. Run, grow and develop our business;
   4. send booking confirmations either via SMS or WhatsApp or any other messaging service;
   5. send any updates or changes to your booking(s);
   6. allow our customer service to contact you, if necessary;
   7. customize the content of our Platform(s);
   8. request for reviews of products or services or any other improvements;
   9. send verification message(s) or email(s);
   10. validate/authenticate your Account and to prevent any misuse or abuse;
   11. facilitate the Services’ technical functioning, including troubleshooting and resolving issues, securing the Services and preventing fraud and abuse;
   12. Carry out research and statistical analysis;
   13. Carry out marketing and business development;
   14. For internal administrative and auditing purposes; and
   15. Improve our Services
3. If we rely on our legitimate interests for using your Personal Information, we will undertake a balancing test to ensure that our legitimate interests are not outweighed by your interests or fundamental rights and freedoms which require protection of the Personal Information.
4. If we rely on your consent for us to use your Personal Information in a particular way, but you later change your mind, you may withdraw your consent by visiting your profile page and clicking the box to remove consent and we will stop doing so.

4.2 Verification

1. To verify the identity of Service Providers, applicants and others with whom we interact; and
2. To confirm authorization of Service Providers that access and provide the Services.

4.3 Affiliates and Subsidiaries:

Amongst our affiliated and subsidiary companies in furtherance of the purposes set out in this Policy; their use of your information is subject to this Privacy Policy.

4.4 Third-Party Service Providers:

We use a variety of third-party service providers that perform functions on our behalf, such as teaching staff, public relations, legal services, billing and payment processing, content management tools, analytics, fraud and abuse prevention, data analysis, marketing and advertising services (including retargeted advertising), email and hosting services, and customer services and support etc. We share the information (you provide us with) with third parties for the purposes of carrying out the Services in a fashion customized according to your needs and preferences. These service providers may access your personal information and are required to use it solely as we direct, to provide our requested service. We require such third parties to

1. abide by this Privacy Policy and applicable law;
2. handle personal information in a professional and confidential manner and adopt adequate security while using such information; and
3. use personal information only as needed to fulfil the relevant purposes.

4.5 Legal Compliance and Protection of Rights:

We may also use or disclose information if required to do so by law or in the good-faith belief that such action is necessary to

1. conform to applicable law or comply with legal process served on us or the Services;
2. establish, protect and defend our rights or property, including to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms & Conditions, other agreements or policies, or as evidence in litigation in which we are involved; and
3. act under emergency circumstances to protect the personal safety of us, our affiliates, agents, or the public. This includes exchanging information with other companies and organizations for fraud protection.

4.6 Aggregate/Anonymous Information:

We may share aggregate/anonymous information about use of the Services with third parties for research, marketing, analytics and other purposes, provided such information does not identify a particular individual. The sharing of such data is unrestricted.

4.7 Business Transfers:

As we continue to develop our business, we may seek to buy, merge, or partner with other companies. In such transactions, (including in contemplation of such transactions) user information may be among the transferred assets. If a portion or all of our assets are sold or transferred to a third party, customer information would likely be one of the transferred business assets. If such transfer is subject to additional mandatory restrictions under applicable laws, we will comply with such restrictions.

4.8 Marketing and Promotions

We may use the information you provide us with to send you information, news, updates and offers about us or our Services (subject to your consent where required by applicable law).

To request more information about the companies to whom we have disclosed your information, please contact us as set out in the “Contact Information” section.

5. ADVERTISING

In order to have more relevant advertising on our Services and to manage our advertising that third parties may engage in, and to measure and improve our ads and marketing efforts, we may work with advertising companies, ad exchanges, channel partners, measurement services and ad networks.

These companies may employ various tools and advances to measure advertising effectiveness. They may also use this technology to serve specialized or relevant advertising content. Any information that these third parties collect is completely anonymous and does not contain any personal contact information.

6. HOW WE PROTECT YOUR INFORMATION

All the personal and non-personal information you provide us with will be secured and safely stored on both our paper and digital records. We shall exercise utmost care and caution with respect to maintaining the confidentiality of all of your information. We use various technical and management practices to help protect the confidentiality, security and integrity of data stored on our system. Once we have received your data we will use strict security procedures, data protection tools and anti-virus/hacking technology to prevent data loss or unauthorised access.

7. SECURITY

We strive to ensure the security, integrity and privacy of your Personal Information and Personal Data and to protect it against unauthorized access or unauthorized alteration, disclosure or destruction. We implement appropriate physical, electronic and managerial procedures to safeguard and help prevent unauthorized access and for the purposes of maintaining data security. Our payment gateway partners are compliant with the payment card industry standard (PCI standard) and also use SSL secured communication channels, encryption, passwords and physical security measures in order to protect the Personal Information and Personal Data of Service Providers.

However, we cannot guarantee absolute security as no method of protection and transmission of data is completely secure. We are also not responsible for any breach of security or for any actions of any Third Parties that receive your Personal Information. Notwithstanding anything contained in this Policy or elsewhere, we shall not be held responsible for any loss, damage or misuse of your Personal Information or Personal Data, if such loss, damage or misuse is attributable to any event that is beyond our reasonable control.

8. RETENTION OF YOUR INFORMATION

We retain your information for as long as required to satisfy the purpose for which it is collected and used (for example, for the time necessary for us to provide you with customer service, answer queries or resolve technical problems), unless a longer period is necessary for our legal obligations or to establish, protect, or defend legal claims.

9. CHANGES TO THE PRIVACY POLICY

We reserve the right to amend this Privacy Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology. If we make a material change to the Privacy Policy, you will be provided with appropriate notice in accordance with legal requirements. By continuing to use the Services, you are confirming that you have read and understood the latest version of this Privacy Policy.

10. YOUR CHOICES

If you would like to update your preferences on the types of communications you receive from us, or opt out of marketing communications from us, you may do so at any time. Please note that we may continue to send non-promotional communications such as important notices, payment confirmations and transaction-related emails and other information about your use of the Services. If you would like to opt-out of marketing, you may also do so by emailing us your request at medical@medisense.health

11. RIGHTS OF ACCESS OF DATA SUBJECT

Subject to applicable law and as explained in this section, you may have certain rights with respect to the information we collect and process about you.

11.1 Access, Correction, Deletion and Objection Rights: You may have the right to access, request correction and deletion of, and object to our use of your information. To exercise your rights, please contact us as set forth in the “Contact Information” section below. You may also access and modify much of the information that you have submitted either by telephone or email. In addition, we may retain certain information about you as required by law or as permitted by law for legitimate business purposes. For example, if you request that we delete your information, but we believe that you have violated our Terms of Use, we may retain information about you in order to attempt to resolve the issue before deleting it.

11.2 Complaints:

If applicable, you may make a complaint to the privacy regulator or supervisory authority where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.

The Applicable Law entitles you the following rights:

1. To obtain access to and/or a copy of certain information we hold about you;
2. To obtain, in certain circumstances, a copy of certain information of yours in a structured, commonly used and machine-readable format, and to ask us to transfer this to a third party of your choice;
3. To request that we update your information we hold that is out of date;
4. To request that we delete certain information we hold about you;
5. To request that we restrict the way we process and disclose certain of your information;
6. To revoke your consent for the processing of your information, to the extent our processing of your information is not based on another legal basis; and
7. To object to certain processing of your information as follows:
   1. Right to object to direct marketing: you may object to our processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling).
   2. Right to object to processing (including profiling) based on legitimate interest grounds. In addition, where we are relying upon our legitimate interests to process information, you may object to that processing. If you object, we must stop that processing unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or we need to process the information for the establishment, exercise or defense of legal claims. We will consider each case on an individual basis.

12. CONTACT INFORMATION

You may exercise your rights or make a request regarding your information held by us, request further information about your legal rights under applicable law, or submit a complaint about our privacy practices by contacting us at any time, using the contact details set forth below.

We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, if we need to keep processing your information to provide services to you or to comply with a legal obligation. Moreover, you will not be permitted to examine the information of any other person or entity. We also may request you to provide us with information necessary to confirm your identity before responding to your request

If you have any questions about this Privacy Policy or would like to exercise your rights regarding your information that we hold or would like to raise a complaint with us related to your information, you should contact us as at medical@medisense.health.