logo +

Medbuzzy Privacy Policy

Last updated: August 1, 2025. Learn how we collect, use, and protect your personal information.

Contents

Privacy Overview

Our commitment to protecting your privacy

This Privacy Policy outlines how GAURIRAM MEDBUZZY (OPC) PRIVATE LIMITED, a business duly incorporated under the Companies Act, 2013, with its registered office at Gurudwara Road, Bhatta Bazar, Purnia-854301 Bihar, India (collectively, "GM(O)Pvt. Ltd", "Medbuzzy", "Company", "we," "us", or "our"), gathers, uses, shares, and processes the information you give us when using the Medbuzzy app and website to access our services.

Regarding data collection, processing, and transfer, GM(O)Pvt. Ltd, the owner of the Medbuzzy website and app, honors your privacy and works to adhere to all relevant legal requirements, such as the Information Technology Act of 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the "SPDI Rules"), as amended from time to time.

Important: Please carefully read our privacy statement. By visiting or using this website or app, you accept the conditions stated above and all other terms included by reference. Do not use this website or app if you disagree with any of these terms.

1. What is Personal Information

Definition and types of information we collect

A) Personal Information Definition

Any information that may be used to directly or indirectly identify you is considered personal information. It contains de-identified information that would allow us to identify you when combined with other data we have. Even when combined with additional information, data that has been irrevocably anonymized or aggregated so that we are unable to identify you is not considered personal data.

B) Sensitive Personal Data

"Sensitive Personal Data or Information" refers to any personal information about an individual that is provided to or received by us for processing or storage, including:

  • Health information like medical records and history
  • Biometric information
  • Financial information like bank account, credit card, debit card, or other payment instrument details
  • Sexual orientation
  • Physical, physiological, and mental health conditions
  • Passwords

Note: Sensitive personal data does not include any information that is publicly available or accessible or provided in accordance with the Right to Information Act of 2005 or any other law.

C) Your Consent

By registering on the App, visiting the Website, and/or using our services, you attest that you willingly give us personal information, including financial and medical data, and that you agree to its collection, use, and dissemination in line with this privacy statement. Additionally, you affirm that any third person (such as a child or an employee) whose information you provide to us has given you the proper authorization. We will operate in accordance with your representation of authority and won't do any independent research to confirm the authenticity of your consent.

2. What Types of Data Do We Collect

Information we gather when you use our services

Cookies Notice

Like many other websites, our website/app makes use of "cookies." Cookies are little data files that are stored in your browser by websites. These are used to monitor and profile your behavior on our website, store your preferences, and store your past browsing activity. You fully consent to the installation of cookies on your web browser by using the app or website. We advise you to periodically delete the cookies that are stored in your browser.

We will gather the following kinds of information when you register or sign up on the App or Website to use our services, as well as when you actually use our services:

Contact Information

  • Name
  • Address
  • Contact details
  • Email ID
  • Phone Number

Demographic Information

  • Gender
  • Date of Birth
  • Nationality

Technical Information

  • Browsing history
  • URL of visited sites
  • IP address
  • Operating system
  • Web browser type
  • ISP information

3. Where Do We Collect Your Data From

Sources of your information

For End Users:

  • Any information you voluntarily decide to give us via the website, app, email, chat, phone, or other means of communication
  • Data that we get from healthcare service providers ("HSPs") in the Medbuzzy Group, including physicians, hospitals, diagnostic facilities, chemists, etc., to whom you have given permission to share your personal data
  • Information that you have supplied to any of the company's group companies, affiliates, associates, subsidiaries, holding companies, and associates and subsidiaries of holding companies, to whom you have granted permission to share such information

For Doctors:

  • We may ask for details about your credentials, experience, public profile, and statements you have made to us before onboarding you
  • We could gather data about how you utilize the services when using the app or website
  • We might also gather additional information that you voluntarily choose to give us via the App, Website, email, phone conversations, chat, and other channels of communication
  • We might gather information from any group company, affiliates, associates, subsidiary, holding company, or holding company of the company to which you have granted permission to share information in order to receive value-added services

4. How Do We Use Your Data

Purposes for processing your information

We use your personal information except information received from Google APIs for purposes that include the following:

4.1. General (End Users and Doctors)

  • Your registration to receive our services, identify you, communicate with you, notify you, and fulfill the terms of use
  • To provide you with tailored health insights and personalized services, including targeted advertisements for different wellness and healthcare plans
  • Responding to your requests, questions, and grievances, if any, regarding our services; collecting feedback; helping you with transactions or other problems with the usage of services; and doing other tasks associated with customer care
  • Making use of Medbuzzy Group firms' services and tailoring recommendations for suitable medical goods and services
  • Developing insights for Medbuzzy Group firms' marketing activities and corporate/business strategy
  • Creating machine learning tools and algorithms to enhance service targeting, treatment and diagnostic procedures, and other goods and services
  • Reaching out to you with information about new services, features, goods, exclusive deals, and promotions from the Medbuzzy Group, its affiliates, and third-party companies that we have partnerships with and that are pertinent to using the Services
  • Website technical management and customization, as well as other general administrative and commercial objectives
  • Research (internal or external), fraud, security, risk management, and analysis for the creation and enhancement of goods and services, such as card networks' and payment aggregators' tokenization services, in accordance with card network regulations
  • Disclosure as mandated by relevant law to government authorities
  • Fulfilling our responsibilities under any agreements we have with affiliate companies, Medbuzzy group companies, our business partners, or contractors, including but not limited to offering tokenization services to Payment Aggregators, Card Networks, and Card Issuers globally as needed to accomplish the tokenization services or to comply with applicable laws, regulations, or investigations
  • Investigating, enforcing, and resolving any disputes or grievances
  • Publishing the data on the medbuzzy Website
  • Any other purpose required by applicable law

4.2. For End Users Only

  • Creating and keeping up-to-date electronic health records in the Personal Health Record (PHR) database so that we and the Apollo group firms, affiliates, etc., may utilize them to offer pertinent services
  • Construct your unified profile using the insights and analytics produced by processing your personal data
  • To share with your selected Apollo Group HSP, including as physicians, hospitals, diagnostic facilities, and pharmacists, who could offer you services through the app or website
  • Fulfilling any requests or orders you might make through our services

4.3. For Doctors Only

  • For verifying your professional credentials and any representations you have made to us
  • For processing any payments made to you
  • For providing recommendations to end users based on your expertise and specializations
  • For providing any other service to you

5. How Long Will We Retain Your Data

Data retention policies and timeframes

We maintain your data for as long as it takes to deliver our services to you or as required by law, maintaining your personal information in compliance with relevant regulations. Your personal information will only be kept for legitimate purposes. For a longer time, we retain de-identified data for statistical and research reasons.

Account Termination

We are under no duty to keep your data after you end your account, and we are free to remove some or all of it without incurring any fees. However, if we think it would be important to stop fraud or potential misuse, if the law requires it, or for other justifiable reasons, we might keep your data. Anonymized or de-identified data may still be kept by us for analysis, research, or other uses for which your information was originally gathered.

6. Disclosure and Transfer of Your Data

When and how we share your information

To the extent allowed by applicable law, we may share, disclose, and in certain situations transfer your personal information—apart from information obtained from Google APIs—with the organizations needed to deliver services to you, enhance our services, and offer value-added services or other third-party goods and services. You hereby agree that these entities may be based outside of India. We demand that these organizations use the same security procedures that we would use to safeguard your information.

Below is an illustrative list of companies to which we may disclose or transfer information, with the exception of information obtained through Google APIs:

Service Providers

Organizations that help us operate our platform and deliver services to you.

Business Affiliates

Our group companies, subsidiaries, and business partners.

Law Enforcement Agencies

When required by law or to protect rights and safety.

Other Third Parties

As necessary for business operations and service delivery.

7. How Do We Protect Your Data

Our security measures and your role

Our Security Commitment

In order to secure the Website and the information you submit or upload, we are dedicated to protecting the privacy of the data you put on it and adhering to industry-standard security measures.

To protect all of the information you give us, we employ appropriate administrative, technical, and physical security measures. Additionally, we have thorough internal measures in place to guard against unwanted access to your information. We take the necessary precautions to guarantee that third parties with which we exchange data implement appropriate security standards and processes to protect the confidentiality and integrity of your data.

Limitation of Liability

Nevertheless, unless it is a direct and predictable result of our own carelessness and noncompliance, we disclaim all liability for any loss, illegal access, safety concern, or injury brought on by any abuse of your personal information. By signing this, you agree that we are not liable for any actions taken by third parties or by you that result in hurt, loss, or damage to you or anyone else.

Your Responsibility

The company will not be responsible for any losses you may sustain if your electronic equipment, via which you use our services, are accessed without authorization and cause data loss or theft. In accordance with the Terms of Use, you are also responsible for compensating the company.

8. What Are Your Rights

Your rights regarding personal information

We take appropriate measures to guarantee the accuracy, completeness, and timeliness of your personal data. However, it is entirely your duty to check the authenticity of the information you have supplied and get in touch with us if there are any inconsistencies or if you want to stop using our services. When it comes to your personal data, you have the following rights:

a) Access, Update and Correction Rights

You have the right to access your personal information, request updation, correction, and deletion. If your personal information changes, you may correct, delete inaccuracies, or amend information by making the change on our member information page or by contacting us through [email protected].

We will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable. If you provide any information that is untrue, inaccurate, out of date, or incomplete (or subsequently becomes untrue, inaccurate, out of date or incomplete), or we have reasonable grounds to suspect that the information provided by you is untrue, inaccurate, out of date or incomplete, we may, at our sole discretion, discontinue the provision of the Services to you.

b) Consent Withdrawal

You are free not to share any medical or other information that you consider confidential and withdraw consent for us to use data that you have already provided. In the event that you refuse to share any information or withdraw consent to process information that you have previously given to us, we reserve the right to restrict or deny the provision of our Services for which we consider such information to be necessary.

c) Account Deletion

Users have the right to delete their Medbuzzy account and personal information at any time, in line with Medbuzzy commitment to data privacy and applicable laws. Medbuzzy will delete the user's data, and no further communications will be sent. Deletion an account is permanent action and cannot be reversed. In case you want to use our Services again, you will need to create a new account which will have no previous order history.

Steps to delete your account:

"Go to My Account > Help/Need Help > Account & Health Records > I want to delete my account > My Issue is still not resolved > type "Delete my account" > raise an enquiry"

d) Grievance Resolution

In case of grievance is in relation to Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, we shall acknowledge your complaint within twenty-four hours and dispose of such the complaint within a period of fifteen days from the date of its receipt. Disposal of complaint shall include all actions as considered necessary by the Company.

9. Third-Party Websites and Services

External links and services

Our Website and App may contain links to third-party services, and give you the ability to access such third-party websites, products, and services. Please note that you may proceed to the use of such third-party websites or services at your own risk and the Company will not be held liable for any outcome or harm arising as a result of your use of such third-party websites or services. Please read the privacy policies of any third party before proceeding to use their websites, products, or services.

10. Compliance with Google User Data Policy

Our commitment to Google API policies

GM(O)Pvt. Ltd use of information received from Google APIs will adhere to Google API Services User Data Policy including the Limited Use requirements and Limited Use Requirements shall apply to both raw data obtained from Restricted and Sensitive Scopes and data aggregated, anonymized, or otherwise derived from that raw data. Google API Services User Data Policy is available at Google API Services User Data Policy | Google for Developers

11. Changes to This Privacy Policy

How we handle policy updates

Any changes to our Privacy Policy will be posted on the Website/App and will become effective as of the date of posting. Please review the Privacy Policy from time to time to make sure you are aware of any changes. If you do not agree with any such revised terms, please refrain from using our Services and contact us to close any account you may have created.

Contact Us About Privacy

Questions about our privacy practices

Privacy Contact Information

GAURIRAM MEDBUZZY (OPC) PRIVATE LIMITED

Registered Office

[email protected]

+91 9430808079

Gurudwara Road, Bhatta Bazar, Purnia-854301, Bihar, India

Privacy Support

  • Privacy inquiries: 24 hours
  • Data access requests: 5-10 days
  • Account deletion: 15 days
  • Grievance resolution: 15 days

For urgent matters, please call our support line directly

Legal Compliance

We comply with the Information Technology Act of 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011, as amended from time to time.