Last updated on: 25th April, 2024
Privacy Commitment
medXX asks for only the least amount of information necessary, gathering only what we believe is essential for doing business, or for the specific transaction at hand. We let customers know the information we have on them and allow them to opt out of specific engagements. This means we avoid the fundamental conflict of interest between gathering customer information and fueling advertising revenue, and the unavoidable compromises in customer privacy that it brings.
Scope of this Privacy Policy
This Privacy Policy applies to the medXX website. It applies to the services provided by medXX through the website, our methods, tools and applications used by medXX on medXX’s online portal and in other third-party online marketplaces.
This Privacy Policy is divided into three parts:
Part I – Information medXX collects and controls
This part deals with how medXX collects and uses information about website visitors, potential customers, users of medXX's services, and others who contact medXX through forms or email addresses published on or linked to our website.
Part II – Information that medXX processes on your behalf
This part deals with how medXX handles data that you entrust to medXX when you use our services, or when you share any personal or confidential information with us while requesting customer support.
Part III – General
This part deals with topics that are relevant to both Parts I and II, and other general topics such as medXX's security commitments and how we will inform you when we change this Privacy Policy.
Part I – Information medXX collects and controls
What information medXX collects
We collect information about you only if we need the information for some legitimate purpose. medXX will have information about you only if (a) you have provided the information yourself, (b) medXX has automatically collected the information, or (c) medXX has obtained the information from a third party. Below we describe the various scenarios that fall under each of those three categories and the information collected in each one.
Information that you provide us
i. Enquiry signup: When you sign up to access one or more of our services, we ask for information like your name, contact number, email address, health brand name and city to complete the account signup process.
ii. Registrations and other form submissions: We record information that you submit when you (i) register for any service or call back, (ii) subscribe to our newsletter or any other mailing list, (iii) submit a form in order to download any product, whitepaper, or other materials, (iv) participate in contests or respond to surveys, or (v) submit a form to request customer support, get a quote or to contact medXX for any other purpose.
iii. Payment processing: When you buy something from us, we ask you to provide your name, contact information, and credit card information or other payment account information. When you submit your card information, we store the name and address of the cardholder, the expiry date and the last four digits of the credit card number. We do not store the actual credit card number. For quick processing of future payments, if you have given us your approval, we may store your credit card information or other payment information in an encrypted format in the secured servers of our Payment Gateway Service Providers.
iv. Testimonials: When you authorize us to post testimonials about our services on websites, we may include your name and other personal information in the testimonial. You will be given an opportunity to review and approve the testimonial before we post it. If you wish to update or delete your testimonial, you can contact us at privacy@medxx.in
v. Interactions with medXX: We may record, analyze and use your interactions with us, including email, telephone, and chat conversations with our sales and customer support professionals, for improving our interactions with you and other customers.
Information that we collect automatically
i. Information from browsers, devices and servers: When you visit our websites, we collect information that web browsers, mobile devices and servers make available, such as the internet protocol address, browser type, language preference, time zone, referring URL, date and time of access, operating system, mobile device manufacturer and mobile network information. We include these in our log files to understand more about visitors to our websites.
ii. Information from cookies and tracking technologies: We use temporary and permanent cookies to identify users of our services and to enhance user experience. We embed unique identifiers in our downloadable products to track usage of the products. We also use cookies, beacons, tags, scripts, and other similar technologies to identify visitors, track website navigation, gather demographic information about visitors and users, understand email campaign effectiveness and for targeted visitor and user engagement by tracking your activities on our websites. We mostly use first-party cookies and do not use third-party cookies or other third-party tracking technologies on our websites for non-essential or intrusive tracking. You can learn more about the cookies used on our websites here. You can also learn more about medXX's stance against non-essential and intrusive third-party cookies and tracking technology here. We also use first-party Local Storage Objects (LSOs) such as HTML5 to store content information and preferences to provide certain features.
iii. Information from social media sites and other publicly available sources: When you provide feedback or reviews about our services, interact, or engage with us on marketplaces, review sites or social media sites such as Facebook, Twitter, LinkedIn and Instagram through posts, comments, questions and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our products, better understand user reactions and issues, or to reproduce and publish your feedback on our websites. We must tell you that once collected, this information may remain with us even if you delete it from these sites. medXX may also add and update information about you, from
Purposes for using information
In addition to the purposes mentioned above, we may use your information for the following purposes:
To communicate with you (such as through email) about our services that you have enquired about, changes to this Privacy Policy, changes to the Terms of Service, or important notices;
To keep you posted on new services, upcoming events, offers, promotions and other information that we think will be of interest to you;
To ask you to participate in surveys, or to solicit feedback on our products and services;
To set up and maintain your account, and to do all other things required for providing our services, such as enabling collaboration, providing website and email hosting, and backing up and restoring your data;
To understand how users use our services, to monitor and prevent problems, and to improve our products and services;
To provide customer support, and to analyze and improve our interactions with customers;
To detect and prevent fraudulent transactions and other illegal activities, to report spam, and to protect the rights and interests of medXX, medXX’s users, third parties and the public;
To update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you;
To analyze trends, administer our websites, and track visitor navigations on our websites to understand what visitors are looking for and to better help them;
To monitor and improve marketing campaigns and make suggestions relevant to the user.
Your choice in information use
Opt out of non-essential electronic communications: You may opt out of receiving newsletters and other non-essential messages by using the ‘unsubscribe’ function included in all such messages. However, you will continue to receive essential notices and emails such as notification emails, security incident alerts, security and privacy update notifications, and essential transactional and payment related emails.
Disable cookies: You can disable browser cookies before visiting our websites. However, if you do so, you may not be able to use certain features of the websites properly.
Who we share your information with
Our Employees: We require all employees and independent freelancers of medXX to follow this Privacy Policy for personal information that we share with them.
Third-party service providers: We may need to share your personal information and aggregated or de-identified information with third-party service providers that we engage, such as marketing and advertising partners, event organizers, web analytics providers and payment processors. These service providers are authorized to use your personal information only as necessary to provide these services to us.
Domain registrars: When you register a domain through medXX from domain name registrars, we share your name and contact information such as your physical address, email address and phone number with them as per the ICANN domain registration rules.
Other cases: Other scenarios in which we may share the same information covered under Parts I and II are described in Part III.
Your rights with respect to information we hold about you as a controller
Right to access: You have the right to access (and obtain a copy of, if required) the categories of personal information that we hold about you, including the information's source, purpose and period of processing, and the persons to whom the information is shared.
Right to rectification: You have the right to update the information we hold about you or to rectify any inaccuracies. Based on the purpose for which we use your information, you can instruct us to add supplemental information about you in our database.
Right to erasure: You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected.
Right to restriction of processing: You may also have the right to request to restrict the use of your information in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Right to data portability: You have the right to transfer your information to a third party in a structured, commonly used and machine-readable format, in circumstances where the information is processed with your consent or by automated means.
Right to object: You have the right to object to the use of your information in certain circumstances, such as the use of your personal information for direct marketing.
Right to complain: You have the right to complain to the appropriate supervisory authority if you have any grievance against the way we collect, use or share your information. This right may not be available to you if there is no supervisory authority dealing with data protection in your country.
Retention of information
We retain your personal information for as long as it is required for the purposes stated in this Privacy Policy. Sometimes, we may retain your information for longer periods as permitted or required by law, such as to maintain suppression lists, prevent abuse, if required in connection with a legal claim or proceeding, to enforce our agreements, for tax, accounting, or to comply with other legal obligations. When we no longer have a legitimate need to process your information, we will delete or anonymize your information from our active databases. We will also securely store the information and isolate it from further processing on backup discs until deletion is possible
Part II – Information that medXX processes on your behalf
Information entrusted to medXX and purpose
Information provided in connection with services : You may entrust information that you or your organization (“you”) control, to medXX in connection with use of our services or for requesting technical support for our services. This includes information regarding your customers and your employees (if you are a controller) or data that you hold and use on behalf of another person for a specific purpose, such as a customer to whom you provide services (if you are a processor). The data may either be stored on our servers when you use our services, or transferred or shared to us as part of a request for technical support or other services.
(All the information entrusted to medXX is collectively termed “service data”)
Ownership and control of your service data
We recognize that you own your service data. We provide you complete control of your service data by providing you the ability to (i) access your service data, (ii) share your service data through supported third-party integrations, and (iii) request export or deletion of your service data.
How we use service data
We process your service data when you provide us instructions through the various modules of our services. For example, when you get an enquiry from your website or social media visitor (who is your potential patient), information such as the name, mobile number and email of your customer will be used to generate the auto response either via email or sms. ;
Push notifications
If you have enabled notification on our desktop and mobile applications, we will push notifications through a push notification provider such as Apple Push Notification Service, Google Cloud Messaging or Windows Push Notification Services. You can manage your push notification preferences or deactivate these notifications by turning off notifications in the application or device settings.
Part III – General
Children’s personal information
Our services are not directed to individuals under 18. medXX does not knowingly collect personal information from children who are under 18 years of age for its own purposes. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information. If you believe that a child under 18 years has provided personal information to us, please write to privacy@medxx.in with the details, and we will take the necessary steps to delete the information we hold about that child. However, using our services, you can collect information about individuals who may be children. If you process information relating to children, you acknowledge and agree that you will be responsible for complying with the applicable laws and regulations related to protection of such personal information.
How secure is your information
At medXX, we take data security very seriously. That's why we have gotten certified for industry standards mentioned here. We have taken steps to implement appropriate administrative, technical & physical safeguards to prevent unauthorized access, use, modification, disclosure or destruction of the information you entrust to us. If you have any concerns regarding the security of your data, we encourage you to check our Security Policy or write to us at security@medxx.in with any questions.
Automation and Artificial Intelligence
In order to provide enhanced productivity and predictive capabilities to our users, we employ a variety of technologies such as regex parsing, template matching, artificial intelligence and machine learning. In keeping with medXX's promise not to exploit your data in a way that is not respectful of your privacy and confidentiality expectations, we make only the following limited use of service data for these technologies: (i) using anonymized crops of service data to improve accuracy of the algorithms; and (ii) using your organization's data for developing models specific for your organization. Our automation and artificial intelligence technologies are mostly powered by our own organization's data such as internal communications, communications with customers and internal documents as well as free and paid external sources.
Do Not Track (DNT) requests
Some internet browsers have enabled 'Do Not Track' (DNT) features, which send out a signal (called the DNT signal) to the websites that you visit indicating that you don't wish to be tracked. Currently, there is no standard that governs what websites can or should do when they receive these signals. For now, we do not take action in response to these signals.
External links on our websites
Some pages of our websites may contain links to websites that are not linked to this Privacy Policy. If you submit your personal information to any of these third-party sites, your personal information is governed by their privacy policies. As a safety measure, we recommend that you not share any personal information with these third parties unless you've checked their privacy policies and assured yourself of their privacy practices.
Blogs and forums
We offer publicly accessible blogs and forums on our websites. Please be aware that any information you provide on these blogs and forums may be used to contact you with unsolicited messages. Your posts and certain profile information may remain even after you terminate your account with medXX. To request the removal of your information from our blogs and forums, you can contact us at privacy@medxx.in
Social media widgets
Our websites include social media widgets such as Facebook "like" buttons and X (previously Twitter) "tweet" buttons that let you share articles and other information. These widgets may collect information such as your IP address and the pages you navigate in the website, and may set a cookie to enable the widgets to function properly. Your interactions with these widgets are governed by the privacy policies of the companies providing them.
Notification of changes
We may modify the Privacy Policy at any time, upon notifying you through a service announcement or by sending an email to your primary email address. If we make significant changes to the Privacy Policy that affect your rights, you will be provided with at least 30 days' advance notice of the changes by email to your primary email address. However, if you have not verified your email address, you may miss important notifications that we send through email. If you think that the updated Privacy Policy affects your rights with respect to your use of our products or services, you may terminate your use by sending us an email within 30 days. Your continued use after the effective date of changes to the Privacy Policy will be deemed to be your agreement to the modified Privacy Policy.
