Privacy Policy

Healway.pro ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our healthcare platform.

This policy is designed to comply with the Digital Personal Data Protection Act (DPDP Act), 2023 of India and other applicable regulations.

Personal Information

• Full name, contact details (phone, email)
• Date of birth, gender
• Medical registration details (for healthcare providers)

Health Information

• Medical history and symptoms
• Consultation notes and transcriptions
• Prescriptions and treatment plans
• Follow-up schedules

Technical Information

• Device information and IP address
• Usage patterns and preferences
• Audio recordings (for transcription purposes)

We use your information for the following purposes:

• Providing healthcare services and facilitating consultations
• Generating AI-assisted clinical notes and summaries
• Managing prescriptions and follow-up appointments
• Improving our services and user experience
• Complying with legal and regulatory requirements
• Communicating important updates and reminders

Note: We do not use your health data for advertising purposes or sell your information to third parties.

We may share your information with:

• Healthcare Providers: Your treating physicians and their authorized staff
• Service Providers: Third-party services that help us operate our platform (e.g., cloud hosting, AI processing)
• Legal Requirements: When required by law or to protect our legal rights

All third-party service providers are bound by confidentiality agreements and data protection requirements.

We retain your data for the following periods:

• Medical Records: 7 years from the last consultation (as per Indian medical record retention requirements)
• Audit Logs: 6 years for compliance purposes
• Account Information: Until account deletion is requested

After the retention period, data is securely deleted or anonymized in accordance with applicable regulations.

Under the Digital Personal Data Protection Act, 2023, you have the right to:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Erasure: Request deletion of your data (subject to legal retention requirements)
• Portability: Receive your data in a structured, commonly used format
• Withdraw Consent: Withdraw your consent at any time
• Grievance Redressal: File complaints regarding data handling

To exercise these rights, please contact us using the details provided below.

We implement robust security measures to protect your data:

• AES-256 encryption for sensitive health information
• Secure HTTPS connections for all data transmission
• Role-based access controls (RBAC)
• Regular security audits and monitoring
• Multi-factor authentication (MFA) support
• Comprehensive audit logging

Our platform uses AI-assisted tools for clinical support, including:

• Transcription of consultation audio
• Generation of clinical note summaries
• Follow-up scheduling recommendations
• Risk assessment assistance

Important: All AI-generated content is for reference only. The treating physician maintains full authority over all clinical decisions.

For any privacy-related queries, concerns, or to exercise your rights, please contact us:

We will respond to your request within 30 days of receipt.