Skip to Content

PRIVACY POLICY — Healthion



Data We Collect 

  • Name, mobile number, email, gender, and date of birth. 

  • Identity & verification documents (Aadhaar, PAN, medical license, GST, clinic registration, etc.). 

  • Health and medical records uploaded by the user (reports, prescriptions, discharge summaries). 

  • AI face scan input (image/video) shared only when the user chooses to use the feature. 

  • Consultation history, reports, and appointment details. 

  • Wallet/payment details are necessary for transactions. 

  • Device and usage information for improving app performance.  

Why We Collect Data (Purpose of Processing) 

  • To enable consultation of bookings and appointment confirmations. 

  • To support teleconsultations (chat, audio & video). 

  • To generate digital prescriptions and lab recommendations. 

  • To provide AI-based symptom mapping and doctor recommendations. 

  • To provide wellness screening insights through AI face scan. 

  • To store medical records securely for continuity of care. 

  • To process payments and wallet-to-wallet transactions. 

  • To improve user experience through analytics and service optimization.  

AI Face Scan Screening  

  • Conducted only with explicit user consent. 

  • Used exclusively for wellness insights & early health screening, not for medical diagnosis. 

  • Stored securely and accessible only to the user and authorized doctors. 

  • Cannot be used for identity matching or facial recognition for security purposes.  

Medical Record Privacy  

  • Medical records are encrypted and private. 

  • Access is limited to: 

  • The patient, and 

  • Doctors selected for consultation by the patient. 

  • Records are not shared with any third party without the patient’s consent.  

Data Sharing  

  • Shared only when required for service delivery: 

  • With doctors during consultation. 

  • With labs/pharmacies/hospitals chosen by the user. 

  • With payment partners for transaction processing. 

  • Shared with authorities only when legally mandated. 

  • Never sold, traded, or used for advertising without consent.  

Security & Compliance  

  • Applicable encryption for all stored documents, medical files, and AI face scan data. 

  • Two-factor authentication (PIN + OTP) for sensitive actions. 

  • Role-based access control to prevent unauthorized access. 

  • Fully aligned with HIPAA, GDPR, and National Health Authority (NHA) data protection norms. 

  • Regular audits, backups, and cybersecurity monitoring prevent breaches.  

User Rights  

Users have the right to: 

  • Access the data stored in their profile. 

  • Correct/Update their information anytime. 

  • Delete medical records or request account deletion (subject to regulatory retention norms). 

  • Withdraw consent for marketing/promotional communication. 

  • OTP out of AI screening features anytime.  

Retention Policy  

  • Medical and consultation records are stored for continuity of care until the user deletes them. 

  • Transaction records may be retained as required by financial regulations. 

  • Deleted accounts are permanently removed except where the law requires retention. 

Cookies & Tracking 

  • Cookies may be used to optimize app performance and user experience. 

  • Cookies do not store medical, financial, or personal identity information. 

  • Users can disable cookies through browser/device settings. 

Important Notices  

  • Users are responsible for maintaining account confidentiality. 

  • Data misuse by third-party service providers (outside the platform) remains in their own responsibility. 

  • Children below 16 may use the platform only under guardian supervision.