Last Updated: April 7, 2025
We value your privacy and are committed to protecting the personal information we handle while delivering our teleradiology, dental teleradiology, and telecardiology services. This Privacy Policy explains how we collect, use, store, disclose, and safeguard information across all our platforms and services.
By accessing our website or engaging with our services, you agree to the terms of this Privacy Policy.
1. Scope of This Policy
This Privacy Policy applies to:
- Visitors to our corporate website
- Healthcare providers and partner organizations
- Patients whose data is shared with us for reporting
- Radiologists and specialists associated with our network
- Any individual interacting with our digital or communication platforms
This policy covers all service verticals, including:
- Teleradiology
- Dental Teleradiology
- Telecardiology
- Any other diagnostic reporting services we may offer
2. Information We Collect
We may collect the following types of information depending on how you use our services:
2.1 Personal Information
- Names, phone numbers, email addresses
- Clinic or healthcare facility details
- Contact person information
- Identification details provided for professional verification
2.2 Medical & Diagnostic Information
(Provided by hospitals/clinics on behalf of patients)
- Radiology, dental, cardiology, or related diagnostic images and scans
- DICOM files and associated metadata
- Clinical history, referral notes, and case details
- Any information necessary for diagnostic reporting
2.3 Technical Information
- IP address, device details, operating system, browser type
- Website usage data (analytics, cookies, log files)
- Platform usage logs for troubleshooting and security monitoring
2.4 Billing & Transactional Information
- Billing address
- Payment and invoicing details
- Transaction records
We do not collect financial details like card numbers unless explicitly required for payments through secure third-party gateways.
3. How We Use the Information
We use the collected information for the following purposes:
- Delivering radiology, dental radiology, and cardiology reporting services
- Case allocation to qualified specialists
- Communication with healthcare providers and patients (where applicable)
- Improving service quality, accuracy, and turnaround time
- Technical support, problem resolution, and platform optimization
- Internal audits, quality assurance, and compliance
- Legal or regulatory compliance
- Processing invoices, payments, and business transactions
- Enhancing website experience and security monitoring
We do not use patient data for marketing or advertising.
4. Legal Basis for Processing
We process information based on:
- Consent provided by the referring healthcare provider on behalf of patients
- Contractual necessity to deliver diagnostic services
- Legitimate operational interests
- Compliance with applicable Indian laws and emerging data protection norms (including the Digital Personal Data Protection Act)
5. Data Sharing and Disclosure
We may share information only under the following circumstances:
5.1 With Medical Specialists
Information may be shared with accredited radiologists, cardiologists, and other consultants for case reporting.
5.2 With Healthcare Providers
Final reports, clarifications, or case updates are shared with the referring clinic or hospital.
5.3 With Service Providers
- Secure cloud hosting providers
- File transfer or PACS service vendors
- IT support and maintenance vendors
All such providers are bound by confidentiality and data protection obligations.
5.4 Legal or Regulatory Requirements
We may disclose information if required by law, regulatory authorities, or court orders.
We never sell, rent, or commercially trade personal or medical information.
6. Data Security
We follow strict administrative, technical, and physical safeguards to protect information, including:
- Encrypted data transmission and storage
- Access control and authentication
- Role-based access for internal and external specialists
- Secure servers and monitored systems
- Regular cybersecurity assessments
- Ongoing staff training on confidentiality and data protection
Despite best efforts, no system is fully immune to security risks. We take all reasonable steps to mitigate such risks.
7. Data Retention
We retain information only for as long as required for:
- Diagnostic and operational purposes
- Legal and regulatory obligations
- Quality assurance and medico-legal documentation
After the retention period, data is securely deleted or anonymized.
8. Your Rights
Depending on applicable laws and your relationship with us, you may request:
- Access to the information we hold about you
- Correction of inaccurate information
- Deletion of data (subject to legal retention requirements)
- Withdrawal of consent for future processing
- Clarifications regarding data use
Patients must initiate such requests through their referring healthcare provider to ensure proper verification.
9. International Data Transfers
If data is processed or viewed outside India (e.g., cloud hosting or remote reporting), we ensure appropriate safeguards and compliance with applicable regulations.
10. Cookies & Website Tracking
Our website may use cookies or analytics tools to improve user experience and measure website performance.
You can disable cookies through your browser settings.
11. Third-Party Links
Our website may contain links to external websites. We are not responsible for the privacy practices or content of third-party sites.
12. Updates to This Policy
We may update this Privacy Policy periodically.
Updates will be reflected on this page with a revised “Last Updated” date.
13. Contact Us
For privacy-related questions, concerns, or requests, please contact:
Privacy & Compliance Officer
Heidelberg Medical Consultancy and Health Tourism Private Limited
Dotspace Business Center, Kowdiar, Thiruvananthapuram, India – 695003
Email: mubashir@heidelbergmedical.com
Phone: +91 9526263673