Privacy Policy

Your privacy is important to us. This policy outlines how we collect, use, and protect your personal information when you use our healthcare services.

Effective Date: October 24, 2025 Last Reviewed: November 15, 2025
1

Introduction

CPR Health Care ("we", "us", or "our") operates the cprhealthcare.in platform in partnership with Healthians (Expedient Healthcare Marketing Private Limited). This Privacy Policy governs the collection, use, and disclosure of your personal information when you use our diagnostic health services.

This policy is published in compliance with the Information Technology Act, 2000 and the Consumer Protection (E-Commerce) Rules, 2020.

By using our platform, you consent to the practices described in this policy. If you have any questions or concerns about our privacy practices, you may contact us at any time.

2

Information We Collect

We collect information necessary to provide you with safe, efficient, and personalised diagnostic services. The personal information we collect may include the following:

Personal Information

  • Full name, email address, phone number
  • Residential address and location data
  • Date of birth and gender
  • Booking history and service preferences

Health & Medical Data

  • Diagnostic test results and reports
  • Medical history shared during consultations
  • Fasting status and preparation information
  • Doctor consultation notes

Payment Information

  • Transaction details and payment method
  • Billing address
  • Payment confirmation records

Technical Data

  • Device information and browser type
  • IP address and access timestamps
  • Platform usage patterns and preferences
3

How We Use Your Information

We use the collected personal information for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations.

Service Delivery

Scheduling appointments, processing test bookings, sample collection coordination, and report delivery.

Communication

Sending booking confirmations, test reminders, report notifications, and important service updates via SMS, email, and WhatsApp.

Quality & Security

Maintaining laboratory quality standards, securing payment transactions, and protecting your health data.

Legal Compliance

Meeting regulatory requirements under Indian law, cooperating with lawful government requests, and protecting our legal rights.

4

Data Sharing & Third Parties

We share your data only when necessary to provide our services. Your personal and health data may be shared with:

  • Healthians' NABL & CAP accredited laboratories for test processing
  • Partner radiology labs for imaging services
  • Certified doctors for report consultation
  • PCI-DSS compliant payment gateways for transaction processing
  • Courier services for supplement delivery

We do not sell your personal data to any third party for marketing purposes. Data sharing is limited strictly to what is necessary for delivering our healthcare services.

5

Data Security

We implement robust security measures to protect your information. While no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, our measures include:

  • Payment processing through PCI-DSS compliant gateways with end-to-end encryption
  • Laboratory partner maintains strict data handling protocols per NABL and CAP guidelines
  • Sample handling follows chain-of-custody procedures with temperature-controlled transport
  • Access to health records is restricted to authorised personnel only

Encryption Protocol: All sensitive data, including health records and payment information, is encrypted in transit using TLS 1.3 and encrypted at rest using AES-256 encryption.

6

Your Rights

You have the following rights regarding your personal information:

  • Access: Access your test reports and booking history through our platform at any time.
  • Correction: Request correction of inaccurate personal information.
  • Withdrawal: Withdraw consent for data processing by sending a written request to book@cprhealthcare.in.
  • Opt-out: Opt out of marketing communications at any time.

Please note: Withdrawing consent may limit our ability to provide certain services. Essential service communications related to active bookings cannot be opted out of.

7

Contact Us

If you have questions or comments about this privacy policy, you may email us at book@cprhealthcare.in or by post to:

CPR Health Care

Data Protection Officer

Plot 9, Sector 32, Industrial Area

Gurugram, Haryana - 122001

India

Phone: +91 98654 32100

Email: book@cprhealthcare.in

This privacy policy may be updated from time to time. We encourage you to review it periodically.