SCAN2KARE
This Privacy Policy explains how Scan2Kare collects, uses, stores, and protects your personal data. Please read it carefully before using our Platform.
1. Introduction and Scope
Scan2Kare (India) Pvt. Ltd. ('Scan2Kare', 'we', 'us', or 'our') is committed to protecting the privacy and personal data of all individuals who use the Scan2Kare digital health facilitation platform, accessible via our website (www.scan2kare.com) and mobile application (collectively, the 'Platform').
This Privacy Policy ('Policy') describes how we collect, use, store, share, and protect personal data in connection with your use of the Platform. By accessing or using the Platform, you acknowledge that you have read and understood this Policy and consent to the collection and use of your personal data as described herein. If you do not agree with this Policy, please do not use the Platform.
This Policy applies to all users of the Platform, including persons who submit booking requests through the Platform, whether or not they have a registered account.
2. Who We Are โ Scan2Kare as Data Fiduciary
Under the DPDP Act, 2023, Scan2Kare (India) Pvt. Ltd. is the 'Data Fiduciary' in respect of the personal data collected from Users through the Platform. This means that we determine the purpose and means of processing your personal data and are legally responsible for its protection.
Registered address: 2/1149/I 100/028, HILITE BUSINESS PARK, Guruvayurappan College, Kozhikode, Kerala, India, 673014
๐ง scan2kare@gmail.com | ๐ +91 96331 71755 | ๐ www.scan2kare.com
3. Personal Data We Collect
3.1 Data You Provide Directly
| Data Field | Nature | Mandatory / Optional |
|---|---|---|
| Full Name | Personal identifier | Mandatory |
| Mobile Number | Contact information | Mandatory |
| Age | Demographic information | Mandatory |
| Email Address | Contact information | Optional |
| Notes | Free-text field โ may include health or medical information voluntarily provided by the User | Optional |
The Notes field is intended for appointment-related information (e.g., reason for visit, specific services). You should not enter emergency, highly confidential, or unnecessary medical information. Any health information you provide is voluntary and will be treated in accordance with this Policy.
3.2 Data Collected Automatically
IP address, device identifiers, browser type, OS, pages visited, time spent, referring URLs, and mobile device information โ used to operate, maintain, and improve the Platform.
3.3 Data We Do Not Collect at This Stage
โ Payment card details, bank info, medical records, prescriptions, reports, biometrics, genetic data. If expanded, we will update this Policy and seek fresh consents.
4. Purpose of Processing and Legal Basis
| Purpose of Processing | Data Used | Legal Basis |
|---|---|---|
| Processing and confirming your booking request | Name, mobile, age, email, notes | Consent (DPDP Act, S.6); performance of service |
| Transmitting booking details to Service Provider | Name, mobile, age, email, notes | Consent; necessary for delivery of requested service |
| Sending transactional communications (SMS, call, WhatsApp, email) | Name, mobile number, email | Consent (ToU ยง4.6); necessary for service delivery |
| Platform analytics and improvement | Technical/device data (anonymised) | Legitimate interest / consent |
| Compliance with legal obligations | As required by Applicable Law | Legal obligation (DPDP Act; IT Act) |
| Grievance redressal & responding to queries | Name, mobile, email | Legal obligation; legitimate interest |
By voluntarily entering health-related or medical information in the Notes field, you acknowledge and consent to that information being transmitted to the selected Service Provider for appointment facilitation, and to Scan2Kare retaining it as part of your booking record. Do not enter emergency or highly confidential medical data. Scan2Kare will not share health information from Notes with any third party except the Service Provider or as required by law.
6. How We Share Your Personal Data
6.1 Service Providers Listed on the Platform: Your Booking Data (name, mobile, age, email, notes) is transmitted to the relevant Service Provider you selected. Each provider is an independent entity and their handling of your data is governed by their own privacy practices.
6.2 Transactional Communications: By submitting a booking, you consent to receiving transactional communications (SMS, call, WhatsApp, email) relating solely to your booking (confirmation, reminders, rescheduling). No marketing messages.
6.3 Technology & Infrastructure Partners: Third-party cloud hosting, analytics, and communication services process data on our behalf under contractual safeguards.
6.4 Legal Disclosures: When required by law, court order, or regulatory authority.
6.5 No Sale of Personal Data: Scan2Kare does NOT sell, rent, trade, or transfer your personal data for commercial/marketing purposes.
7. Data Retention
Booking Data retained for 3 years from the date of booking, unless longer retention is required by law or for dispute resolution. After retention expiry, data is securely deleted or anonymised.
8. Data Security
Scan2Kare implements technical and organisational security measures to protect against unauthorised access, disclosure, or destruction. However, absolute security cannot be guaranteed. In case of a personal data breach affecting your rights, we will notify the Data Protection Board and, where appropriate, inform you.
9. Your Rights as a Data Principal (DPDP Act, 2023)
To exercise your rights, please contact our Grievance Officer (Section 11).
10. Cookies and Tracking Technologies
The Platform uses essential, analytics, and preference cookies. You may disable cookies via browser settings, but some functionality may be affected. No targeted advertising cookies or cross-site tracking.
11. Privacy Grievance Officer and Contact
Privacy / Data Grievance Officer: Kishor
Designation: Grievance Redressal Officer
Email: scan2kare@gmail.com
Postal Address: 2/1149/I 100/028, HILITE BUSINESS PARK, Guruvayurappan College, Kozhikode, Kerala, India, 673014
Response Timeline: Acknowledgement within 48 hours; resolution within 30 days of receipt of complaint.
If not satisfied, you have the right to approach the Data Protection Board of India under DPDP Act, 2023 (once operational).
12. Changes to This Privacy Policy
We may update this Policy. Material changes will be notified via the Platform or mobile app. Continued use after effective date constitutes acceptance.
13. Governing Law
This Privacy Policy is governed by the laws of India, including the DPDP Act, 2023, IT Act, 2000, and SPDI Rules, 2011. Disputes shall be subject to exclusive jurisdiction of courts at Kozhikode, Kerala.
By using the Scan2Kare Platform, you acknowledge that you have read, understood, and agree to this Privacy Policy. For any clarifications, please contact our Grievance Officer.