Privacy Policy
Introduction
Artemis Medicare Services Limited (“The Company”) is committed to protecting the privacy and security of the personal data we collect from patients, employees, suppliers, and vendors and it also includes the personal data provided by The Company to any third party for processing of such information. This Privacy Policy (“The Policy”) outlines how we collect, use, disclose, and protect your personal information in accordance with the Digital Personal Data Protection Act, 2023 as amended or modified from time to time. By engaging with our services, you consent to the practices described in this Policy.
1. Scope
This Policy applies to all personal data collected, processed, stored, disclosed, and transferred by the Company from patients, employees, suppliers, and vendors as per the prevailing laws as amended or modified from time to time. It covers data collected through our website https://www.artemishospitals.com/, in-person interactions, electronic communications, and any other means.
The terms ‘You’ or ‘Your’ refer to you as The User (registered or unregistered) of the Website and/or Services and the terms ‘We’, ‘Us” and ‘Our’ refer to The Company.
2. Data Collection
Patients
We may collect the following personal data from patients:
• Demographic details (name, date of birth, gender, etc.)
• Contact information (address, phone number, email, etc.)
• Identity and Address Proof Details (Pan, Aadhar Card etc.)
• Medical history and health information
• Insurance information
• Billing and payment details
Employees
We may collect the following personal data from employees:
• Demographic details (name, date of birth, gender, etc.)
• Contact information (address, phone number, email, etc.)
• Identity and Address Proof Details (Pan, Aadhar Card etc)
• Login ID and Passwords
• Biometric Data
• At the time of recruitment, a consent form from the candidate for the third-party data verification
• Genetic Data
• Transgender Status
• Caste or Tribe
• Employment details (position, , work experience, etc.)
• Health records
• Performance evaluations and disciplinary records
• Educational/Academic Data of the Candidate.
• Human Resource Information System/Modules.
• Any other information that is willingly shared by You (collectively referred to as “Personal Information”)
Suppliers and Vendors
We may collect or ask for the personal data of suppliers, vendors or their employees, who are serving or posted in Artemis. The said collected data may be shared with third party to conduct audits not limited to statutory audit and for data verification including background verification or as per the notification and guidelines issued by the government or administrative bodies from time to time.
• Demographic details of the Supplier/Vendor or its respective employees depending upon the type of arrangement both the parties have entered into. (Example: name, Company, position, etc.)
• Contact information (address, phone number, email, etc.)
• Identity and Address Proof Details (PAN, Aadhar Card etc)
• Chartered document of the Company including but not limited to Certificate of Incorporation, MSME Certificate, Partnership Deed, Memorandum and Articles of Association etc
• Financial information (bank details, payment methods NEFT/RTGS/IMPS, etc.)
• Contractual details and performance records
• Relevant Regulatory Licenses as may be required from time to time.
• Ownership Details
3. Access
We may collect Your Personal Information directly from You, from third parties or automatically through the Our Website. This Personal Information, for instance, would relate to the type of device You are using, the time that You have logged on to Our Website, Your IP address, and other Personal Information as outlined in this Policy.
You may access the Personal Information shared by You with Us, in the manner given below. You can further choose to share additional Personal Information with Us and you can modify your personal data, by writing to Us on Our below-mentioned email id specified in clause.
We keep in mind that the Personal Information shared by You is accessible to You. You can write to Us at the email id specified in clause 18 of this Policy.
4. Consent
By choosing the Opt-In option on the Website and thereafter, by providing Us Your personal information or availing services of the Company or by making use of the facilities provided by the Website, it is agreed by You that You have, freely consented to the collection, storage, processing, disclosure and transfer of Your Personal Information in accordance with the provisions of this Privacy Policy and & in accordance with the provisions of section 6 of Digital Personal Data Protection Act, 2023 including any amendments thereof.
You acknowledge that You have provided Your Personal Information out of your free will and after understanding how it will be used. You also consent that the collection, storage, processing, disclosure, and transfer of any Personal and Privacy Information shall not cause any wrongful loss to You, if it is done in accordance with the provisions of this Privacy Policy.
If the patient is a minor, the consent for the collection, use, and processing of personal data must be provided by the parent and in the absence of the parents, by the lawful legal guardian of the minor. We will take reasonable steps to verify that the consent is verified by the minor’s parent or legal guardian of the minor. The consent provided by the parent or legal guardian will cover the collection, use, disclosure, storage and any other processing of the minor’s personal data as detailed in the Privacy Policy. The Purpose for which the personal data of the minor is being processed will be clearly communicated to the parent or legal guardian at the time of seeking consent. However, we shall not be liable for any loss that may happen to you owing to the provision of wrongful Personal Information by You. We will share personal information outside of The Company only when we have your consent. We will ask for your explicit consent to share any sensitive personal information.
You consent to the use of your personal data for advertisement, marketing, and promotional activities by the Us and you hereby acknowledge that that your data may be used in various formats including but not limited to printed materials, digital media, social media, social media platforms, website, and other marketing channels. The consent shall remain valid until such time that consent is revoked by You in writing.
You consent that the personal information provided by You to the Us is accurate, complete, and correct to the best of Your knowledge including but not limited to Your name, address, contact details, and any other relevant information. You agree to promptly notify Us of any changes or corrections to the personal information You have provided. This includes updating any details that may change over time to ensure that the records held by Us remain accurate and up to date.
You further consent that providing false, misleading, or inaccurate information may result in disciplinary action, including but not limited to termination of employment in case of employees, and may also have legal consequences under applicable law.
5. Use of Data
We use personal data for the following purposes:
• To provide and manage healthcare services.
• To communicate with patients about medical appointments, laboratory and radiology investigation reports, processing insurance claims and other related purposes.
• To manage employee records, process payroll, provide benefits, facilitate communication, data auditing, data verification as required by government, or administrative bodies and other employee related data for employment related purposes.
• To process payments and manage billing.
• To comply with legal and regulatory requirements.
• To manage employment relationships.
• To maintain the records of the employee’s personal information, employment history, performance evaluations, and disciplinary actions.
• To collect data on employee performance, appraisals, and feedback for the purpose of career development.
• To investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of our Terms of Use, breach of Our agreement with you or as otherwise required by law.
• To evaluate and manage supplier and vendor performance, process payments, communicate about business transactions and other Vendor- related purposes
• To improve our services and operations.
• To conduct Clinical audits and improve the quality of patient care and accordingly gather the patient’s feedback for the improvement in the services.
• To contact You via phone, SMS, WhatsApp or email for appointments, technical issues, payment reminders, deals and offers and other announcements.
• To collect the data to ensure compliance requirement with labor laws, tax regulations, and other legal requirements.
• To aggregate Personal Information for research, statistical analysis and business intelligence purposes, and to sell or otherwise transfer such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates, (referred to as “Purpose(s).
• To perform studies, research, and analysis for improving Our information, analysis, services and technologies; and ensure that the content displayed are customized to Your interests and preferences.
• To collect and process the data to handle the invoicing, payments, and meeting the financial reconciliation with the Suppliers and the Vendors.
• To maintain accurate financial records for auditing, tax purposes, and regulatory compliance.
• To collect the data for drafting and execution of contracts with the suppliers and the vendors.
6. Control Over Your Personal Information
You have the right to withdraw Your consent at any point, provided such withdrawal of the consent is intimated to us in writing through an email at Mahesh.bista@artemishospitals.com requesting the same. If You wish to rectify the Personal Information that we may have collected to offer You personalized services and offers, as per clause 18 of this Policy, you may write to the Grievance Officer, as mentioned under Clause 18 of this Policy, citing the reason for such rectification of Personal Information. In the case of a minor, the parent or legal guardian has the right to withdraw consent at any point of time. Upon such withdrawal, we will cease processing the minor’s personal data and will delete or anonymize such data except where retention is required by the law.
Once You withdraw Your Consent to share the Personal Information collected by Us, we shall have the option not to fulfill the purposes for which the said Personal Information was sought and We may restrict you from using our Services or the Website.
7. How We Collect Personal Information?
The methods by which we collect your Personal Information include but are not limited to the following:
a) When You fill out the patient registration form,
b) When You provide details to the Company Health Care Professional or Company representative,
c) When You register on Our Website,
d) When You provide Your Personal Information to Us during the course of receiving services,
e) When You use the features on Our Website,
f) When you provide access to any other website.
g) By the use of cookies (more fully detailed in Clause 11 of this Privacy Policy).
h) When you join the Company at the time of your employment or during the course of any audit or survey by the relevant authorities.
8. Data Sharing
Once you have freely consented to share your Personal Information with us, You authorize us to exchange, transfer, share, or part with all or any of Your Personal Information, across borders and from Your country to any other countries across the world with the Cloud Service Provider and Our affiliates/agents / third party service providers/partners/banks and financial institutions or any other persons, for the purposes specified under this Policy or as may be required by applicable law.
We may share personal data with third parties under the following circumstances:
• With healthcare providers and insurance companies as necessary for patient care
• With regulatory bodies as required by law
• With third-party service providers who assist us in our operations
• With law enforcement agencies when required to comply with legal obligations
9. Data Protection
We implement the following measures to protect personal data:
• Secure storage and encryption of electronic data
• Physical security measures for paper records
• Access controls to restrict access to personal data
• Regular training for employees on data protection principles
• Data breach response plans
10. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal and regulatory requirements. Retention periods vary depending on the type of data and the applicable legal obligations.
You acknowledge that some countries where we may transfer Your Personal Information may not have data protection laws that are as stringent as the laws of Your own country. You acknowledge that it is adequate that when the Company transfers Your Personal Information to any other entity within or outside Your country of residence and will place contractual obligations on the transferee which will oblige the transferee to adhere to the provisions of this Privacy Policy.
11. Use of Cookies
We may store temporary or permanent ‘cookies’ on your computer. You can erase or choose to block these cookies from your computer. You can configure your computer’s browser to alert you when we attempt to send you a cookie with an option to accept or refuse the cookie. If you have turned cookies off, you may be prevented from using certain features of the Website. In the course of displaying advertisements regarding its services or optimizing services to its Users, the Company may allow authorized third parties to place or recognize a unique cookie on the User’s browser/device. The Company does not store personally identifiable information in the cookies. Further, the Company does not exercise control over the sites displayed as search results or links from within its Services. These other sites may place their own cookies or other files on Your computer, collect data, or solicit personal information from You, for which the Company is not responsible or liable. The Company encourages You to read the privacy policies of all external sites.
12. Data Subject Right
Individuals have the following rights regarding their personal data:
• The right to access their data
• The right to correct inaccurate or incomplete data
• The right to request the deletion of their data
• The right to restrict the processing of their data
• The right to data portability
• The right to object to the processing of their data
To exercise these rights, individuals can contact us at [contact details].
13. Changes to the Privacy Policy and Rectification/Correction of Personal Information
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The latest version will be available on our website, and we will notify individuals of significant changes. If You need to update or correct your Personal Information, you may send updates and corrections to us at
Mahesh.bista@artemishospitals.com who shall act as a Grievance Officer for and on behalf of the Company. The role of the Grievance Officer is to ensure that in case any query or complaint is received from the User, he shall promptly inform the issues to the responsible person from the relevant department with respect to Patients, Employees, Suppliers/Vendors etc. We will make all reasonable efforts to incorporate the changes within a reasonable period. In the case of a minor, a parent or legal guardian has the right to access the minor’s personal data and can request corrections or deletions subject to the terms and conditions set forth in this Privacy Policy.
14. Security
While we will endeavor to take all reasonable and appropriate steps to keep secure any information that We hold about You and prevent unauthorized access, you acknowledge that the internet is not 100% secure and that We cannot provide any absolute assurance regarding the security of Your Personal Information. We will not be liable in any way in relation to any breach of security or unintended loss or disclosure of information caused by Us in relation to your Personal Information.
15. Third-Party Reference and Links
During Your interactions with Us, it may happen that We provide/include references to third parties or fiduciaries, and/or links and hyperlinks of third-party websites. It may also happen that you include links and hyperlinks of third-party websites. The reference of such third parties or listing of such third party external sites (by You or by Us) does not imply endorsement of such party or site by the Company. Such third parties and third-party sites are governed by their own terms and conditions. We do not make any representations regarding the availability and performance of any of the third parties or third-party sites. We are not responsible for the content, terms of use, privacy policies, and practices of such third party websites.
• Do-not-track requests There is no standard for how online service should respond to “Do Not Track” signals or other mechanisms that may allow you to opt out of the collection of information across networks of websites and online services. Therefore, we do not honor “Do Not Track” signals. As standards develop, we will revisit this issue and update this notice if our practices change.
16. Compliance with Laws
You are not allowed to use the services of the Website if any of the terms of this Privacy Policy are not in accordance with the applicable laws of your country.
17. Term of Storage of Personal Information
The Company shall store Your Personal Information for such period as may be required in the law and subject to the guidelines issued by the government from time to time.
18. Grievance Officer
We have appointed a Grievance Officer to address any concerns or grievances that You may have regarding the processing of Your Personal Information. If you have any such grievances, please write to our Grievance Officer (Mr. Mahesh Bista), AGM- Information Security, Medical Informatics, at
Mahesh.bista@artemishospitals.com and Our officer will attempt to resolve Your issues promptly
by informing the issues to the responsible person from the relevant department with respect to the Patients, Employees, Suppliers/Vendors etc.
