NammaDoctor Logo
NammaDoctor
← Back

Privacy Policy

Draft privacy policy. Content will be updated prior to launch; subject to revision.

NammaDoctor Privacy Policy

Effective Date: 15 November 2025

Last Updated: 08 October 2025

IMPORTANT NOTICE

This Privacy Policy explains how NavinaX LLP ("NavinaX," "we," "us," or "our") collects, uses, shares, and safeguards information in connection with the NammaDoctor platform (the "Platform"). Read this carefully alongside our Terms of Use ("Terms"). If you disagree, discontinue use immediately.

1. Scope and Relationship to Terms

1.1 Scope. Applies to all users (patients, facility representatives, practitioners, authorized delegates).

1.2 Incorporated Terms. Capitalized terms not defined here have the meanings in the Terms. The Terms (including definitions of Platform Data, Operational Data, Aggregated Data, Anonymized Data, Confidential Information) govern interpretive precedence.

1.3 Acceptance. By accessing the Platform you are deemed to have read and agreed to this Policy. Discontinue use if you do not agree.

1.4 No Medical Advice. This Policy does not create any doctor‑patient relationship nor modify disclaimers in the Terms.

1.5 Headings. Headings are for convenience only and do not affect interpretation.

1.6 Updates. See Section 15 regarding changes; continued use = acceptance.

1.7 Territorial Scope. The Platform is presently marketed and operationally focused only within the State of Tamil Nadu, India. We do not intentionally target or promote services to persons outside India. Access from other jurisdictions is user‑initiated; laws of other regions (e.g., EU/EEA, UK, US states) are not affirmatively adopted except to the limited extent mandatorily applicable. Hosting / processing infrastructure may be deployed in data centers or cloud regions located inside or outside India for resilience, latency, or cost reasons; geographic infrastructure placement does not expand intended user targeting. If we expand geographic targeting or begin systematic processing of foreign residents, we may update this Policy and implement any required additional disclosures or safeguards.

2. Key Definitions (Supplemental)

In addition to Terms definitions:

"Personal Information" means information that directly identifies a natural person (e.g., name, mobile number, unique government ID if provided) excluding Aggregated or Anonymized Data.

"Derived Data" means data, metrics, inferences, models, scores, or analytical transformations generated from source inputs (including de‑identification, normalization, feature extraction).

"Public Data" means information lawfully obtained from publicly available sources, open directories, public professional listings, or publicly accessible social media content.

"User Generated Public Content" means content you intentionally publish in publicly accessible areas of the Platform (if any).

"Sensitive Discretionary Inputs" means optional information you elect to submit beyond what the Platform requires (uploaded files, free‑form notes, attachments). Submission is entirely at your discretion.

3. Information We Collect

3.1 Directly Provided: Account details, facility profile data, role/authorizations, appointment details, free‑form notes, communications, consent signals, optional uploaded or attached materials, feedback.

3.2 Automatically Collected: Device identifiers, browser/OS metadata, IP address, session identifiers, timestamps, clickstream navigation, feature usage metrics, latency metrics, error codes, queue states, performance telemetry, security event logs.

3.3 Third-Party Sources: Payment processors (status, reference IDs), messaging/communication vendors (delivery confirmations), healthcare providers (scheduling and coordination inputs), Public Data sources, referral or affiliate sources, survey/contest submissions, social media interactions (public handles, mentions, reactions).

3.4 Communication Records: Call recordings, chat transcripts, email/message threads, internal support notes—retained for training, quality, dispute resolution, compliance, and security auditing. By initiating communication you consent to recording and retention.

3.5 Platform Data / Operational Data: As elaborated in the Terms (Section 9.3 for operational scope) including telemetry, usage analytics, and security instrumentation.

3.6 Optional Inputs: If you provide Sensitive Discretionary Inputs, you authorize processing consistent with this Policy; you are solely responsible for not submitting extraneous personal data beyond what is reasonably necessary.

3.7 Health / Clinical Context Data (Current & Near‑Term Roadmap): We process appointment reason descriptors, practitioner workflow notes, follow‑up scheduling indicators, and limited clinical context or administrative clinical annotations that practitioners or their authorized staff enter to support continuity of care ("Clinical Context Data"). We are not an electronic medical records (EMR/EHR) system and instruct users not to upload full diagnostic images or expansive historical medical records unless a future feature explicitly requests them. Clinical Context Data may qualify as sensitive personal data under applicable law; by supplying it you (and practitioners supplying it on behalf of a patient) authorize our processing for the purposes described in Sections 4–6. We may generate Derived Data (e.g., normalization, categorization, de‑identification) from Clinical Context Data for operational improvement and aggregated analytics.

4. How We Use Information

4.1 Service Delivery: Scheduling, workflow orchestration, queue/slot management, messaging, record continuity, payment facilitation.

4.2 Operations & Administration: Auditing, capacity planning, billing accuracy, fraud prevention, abuse/threat detection, credential verification, diagnostic troubleshooting.

4.3 Monitoring & Security: Automated and manual monitoring (see Terms 7.4) for anomaly detection, intrusion signals, credential misuse, throttling, feature gating, rate limiting, and forensic reconstruction.

4.4 Improvements & R&D: Feature development, performance tuning, UI/UX refinement, reliability engineering, internal quality metrics.

4.5 Analytics, Aggregation & Commercial Use: Creation and exploitation of Aggregated, Anonymized, and Derived Data, statistical models, cohort analyses, de‑identified trend reporting, and commercial licensing or other monetization of aggregated insights (for example, benchmarking reports, operational analytics products, or decision‑support tools for healthcare ecosystem participants), provided that such uses do not involve intentionally re‑identifying individual natural persons. We may receive direct or indirect commercial gains from these activities (including fees, subscriptions, or other consideration) without additional notice to you, and you will not be entitled to separate compensation arising from such Derived Data.

4.6 Legal & Compliance: Satisfying statutory retention, responding to lawful requests, enforcing Terms, handling disputes.

4.7 Communications and In‑Product Messaging: Transactional notices, reminders, administrative alerts, service announcements, surveys, and (where legally permitted and subject to opt‑out/Do Not Disturb preferences) promotional or informational messages across channels (email, in‑app, whatsapp). From time to time we may also display sponsored or personalized recommendations, offers, or promotional blocks within the Platform interface (including for our own services or for third parties) based on contextual information or your interactions with the Platform. We honor applicable DND / opt‑out settings for non‑transactional marketing; essential security, service, or legally required messages may still be sent.

4.8 Model / Logic Training: Use of Platform Data, Operational Data, and de‑identified or aggregated elements of Clinical Context Data to refine internal heuristics, routing, prioritization, analytics, or automation. We do not intentionally persist directly identifiable Personal Information within model parameters intended for reuse or external exposure. We are not obligated to disclose internal feature weighting, model artifacts, or Derived Data.

4.9 Safeguards: We avoid commingling Personal Information with Aggregated/Anonymized outputs in a manner intended to re-identify individuals.

5. Legal Bases (Where Applicable)

Contract necessity (core functionality), legitimate interests (improvement, security, fraud prevention), legal obligations, consent (where mandated—revocation may limit functionality), and vital interests/public interest only if legally compelled.

6. Sharing & Disclosure

6.1 Service Providers: Payment, hosting, infrastructure, messaging, analytics, security, CRM, marketing facilitation—access limited to function.

6.2 Affiliates / Group Entities: For consolidated operations consistent with this Policy.

6.3 Healthcare Coordination: Relevant appointment/clinical administrative data to practitioners/facilities selected by you.

6.4 Legal / Protection: As required by law, regulation, legal process, or to protect rights, property, safety, prevent fraud or abuse.

6.5 Business Transitions: Mergers, acquisitions, restructuring, financing, asset transfers (subject to continuity of protections).

6.6 Aggregated / Anonymized Outputs: May be licensed, sold, published, or otherwise commercialized.

6.7 With Consent: Additional disclosures you explicitly authorize.

6.8 No Sale of Direct Identifiers: We do not sell personally identifiable information for independent third-party direct marketing.

7. Storage, Location & Security

7.1 Safeguards: We implement reasonable technical & organizational controls proportionate to risk; HOWEVER NO SYSTEM, NETWORK, PLATFORM, OR DATA TRANSMISSION OVER THE INTERNET IS 100% SECURE. We do not and cannot guarantee absolute security of information or immunity from unauthorized access, misuse, or disclosure; residual risk remains despite layered controls. Controls include encrypted transport (TLS), role/permission scoping, logging, and segregation of environments; specific implementations may evolve without notice.

7.2 Location & Transfers: We may store or process data in any cloud or physical data center region (inside or outside India) operated by our infrastructure or service providers to achieve availability, redundancy, latency optimization, or cost efficiency. Current commercial focus is on users located in Tamil Nadu, India; infrastructure geography is separate from intended user geography. Where Personal Information is transferred outside India we will implement appropriate contractual or statutory safeguards (e.g., intra-group or provider data protection commitments) and will update this Policy or provide notice where legally required.

7.3 Credential Responsibility: Compromise resulting from weak, reused, or disclosed credentials is your responsibility; notify us promptly of suspected misuse.

7.4 Residual Risk: You acknowledge inherent Internet and infrastructure risk (Section 10.7 of Terms).

7.5 Segmentation & Logging: We may apply logical segregation, encryption at rest/in transit (implementation details discretionary), layered logging & retention tuned to security and diagnostic objectives.

7.6 Edge Caching & Transient Replication: To improve performance and resilience we may use global content delivery networks (CDNs), edge caches, or transient replication services that temporarily store encrypted or de‑identified payload fragments (e.g., static assets, API responses lacking direct identifiers, hashed tokens) in data center regions outside India. Such edge copies are short‑lived, not authoritative, and automatically evicted per provider TTLs or cache invalidations. They do not change the intended Tamil Nadu user targeting nor constitute a sale or separate disclosure of Personal Information; any Personal Information incidentally included in an edge response is handled under the same safeguards and deletion/retention principles described in this Policy.

8. Retention & Deletion

8.1 Duration: Retained while necessary for purposes in Sections 4–6 plus legal, accounting, fraud prevention, or operational continuity.

8.2 Deletion / Anonymization: When no longer required, we delete, de-identify, or aggregate subject to legal holds, dispute preservation, or backup cycles.

8.3 Withdrawal Impact: Withdrawal of consent / deletion request may terminate access; certain records (audit, transactional, legal) may persist.

8.4 Lean Retention Approach: To control infrastructure cost and reduce risk, we apply a lean retention strategy and generally avoid retaining raw operational logs or transient telemetry longer than operationally necessary. We do not publish exhaustive schedules and reserve discretion to adjust retention windows dynamically. Some short‑lived categories (e.g., ephemeral diagnostic traces) may be purged or aggregated rapidly (often within weeks); core transactional and legal records may persist longer where required or justified by fraud prevention, security, or accounting obligations. Statements in this Section are directional and non‑contractual.

8.5 Backups: Removal from active systems may precede purge from backup media (eventual overwriting in normal cycles).

9. Your Rights & Choices

9.1 Access / Correction: Via account tools or request (identity verification required).

9.2 Deletion: Subject to legal / legitimate retention exceptions.

9.3 Restriction / Objection: Where provided by law; may limit functionality.

9.4 Portability: Only where technically feasible and legally mandated—no general export or interoperability commitment.

9.5 Marketing Opt-Out: Non-essential promos can be disabled; transactional and security messages remain.

9.6 Email Verification: Failure to verify may block critical notices—we disclaim consequences of non-receipt.

9.7 Disproportionate Requests: We may decline repetitive, excessive, privacy-risky, or technically impractical requests.

9.8 Authorized Agents: Must present verifiable authority and identity proof where required by law.

10. Cookies & Tracking

10.1 Usage: Session management, authentication, preference retention, analytics, abuse detection.

10.2 Control: Browser or OS-level controls may limit functionality; essential cookies are required for core operations.

10.3 Non-Essential Tools: Introduced only as needed; continued use constitutes consent where opt-in not legally required.

11. Public & Social Information

11.1 Public Data: We may collect, enrich, correlate, and use Public Data without restriction to the extent lawful.

11.2 Social Interactions: Public profile handles, reactions, mentions, and interactions may be stored for engagement analytics and communication.

11.3 User Generated Public Content: Content you make public may be indexed, cached, republished, or aggregated; exercise caution.

11.4 No Expectation of Privacy: Public or intentionally disclosed content is outside confidentiality obligations.

12. Monitoring & Platform Data

12.1 Monitoring Consent: You consent to logging, instrumentation, trace sampling, security scanning, throttling, anomaly detection as per Terms 7.4.

12.2 Platform Data Rights: We retain full rights (subject to law) to Platform Data / Derived Data / Aggregated & Anonymized outputs (see Terms 1.6, 9.3 & 8.6 restrictions on competitive use).

12.3 Training & Improvement: We may use de‑identified or aggregated operational signals to refine heuristics, internal analytic layers, scheduling or optimization logic.

12.4 No Obligation to Disclose: We owe no disclosure of internal metrics, weighting, or decisioning logic.

13. Third-Party Integrations & Links

13.1 External Services: Enabling integrations (payments, messaging, analytics, identity) subjects you to their policies; we do not control third-party handling practices.

13.2 Data Flows: Disabling or revoking may impact previously synchronized data; we are not obligated to reconstruct removed third-party datasets.

13.3 Independent Policies: Review third-party terms before activation; your interactions are solely governed by those terms.

14. Accuracy, Responsibilities & Restrictions

14.1 Accuracy Duty: Provide only accurate, lawful, and relevant information; promptly update material changes.

14.2 Prohibited Data: Do not submit data categories not requested (e.g., government IDs, financial account numbers, highly sensitive personal data) unless specifically required for a feature.

14.3 Enforcement: We may suspend, restrict, or terminate for inaccurate, misleading, excessive, unlawful, or miscategorized submissions.

14.4 Minors / Delegated Data: We do not knowingly permit independent accounts for individuals under 18 years of age. A parent or legal guardian (or duly authorized healthcare facility representative) must supply or supervise any Personal Information relating to a minor. By submitting a minor's Personal Information you represent you have lawful authority and will promptly notify us if that authority changes. Requests for review or removal of inadvertently submitted minor data can be sent to privacy@NavinaX.in; we may retain portions required for legal, security, or fraud prevention purposes.

14.5 No Confidentiality Expectation for Unsolicited Ideas: Suggestions or feedback may be used without obligation (see Terms 8.5).

15. Changes, Precedence & Disputes

15.1 Policy Changes: We may modify this Policy (including expanding uses of data consistent with law) by posting revised text with updated date; material changes may also appear via notice banner or email (if verified).

15.2 Effective Upon Posting: Continued use after effective date constitutes acceptance; discontinue use if you object.

15.3 Precedence: If this Policy conflicts with the Terms regarding liability, dispute resolution, arbitration, class action waiver, intellectual property, confidentiality, or definitions—Terms control.

15.4 Arbitration & Class Waiver: Disputes concerning privacy practices are subject to the arbitration and class / collective action waiver provisions in Terms Sections 13.5–13.7 (unless you validly opted out).

15.5 No Expansion of Rights: Nothing here grants data subject rights beyond those mandated by applicable law or expressly stated.

15.6 Severability: Invalidity of any provision does not affect remaining provisions.

16. Contact & Grievance

NavinaX LLP

(Registered office address available upon request for legal correspondence)

Support: support@navinax.in

Privacy: privacy@NavinaX.in

Grievance Officer: Nandhiny (privacy@NavinaX.in)

Target Response: Acknowledge within 7 business days; aim to resolve within 30 (not a guarantee).

Subject Line Guidance: For rights requests include: "PRIVACY REQUEST - [Right]"; for arbitration opt-out (Terms) follow Terms instructions separately.

Notice Effectiveness: Any notice, request, or grievance you send is effective only upon our express written acknowledgment (automated receipts excluded). Dispatch within statutory or contractual deadlines preserves timeliness where law allows even if acknowledgment follows later. This section is subject to the specific arbitration opt‑out timing mechanics in the Terms.

Consent Summary (Reference)

Use = acceptance of Terms + this Policy; providing information = consent to processing; continued use post-change = acceptance; providing data of others = representation of authority.

Document Version and History

Version: 1.4

Effective Date: 15 November 2025

Last Modified: 08 October 2025

END OF PRIVACY POLICY