Data Protection Policy
We protect your data with care and responsibility.
Effective Date : April 09, 2025
INHLTH is committed to safeguarding the personal and health-related information of its users, including patients, hospitals, blood banks, and healthcare providers. This Data Protection Policy outlines how we collect, store, use, disclose, and protect data in accordance with applicable laws and best practices.
1. Purpose
This policy ensures:
- Personal and sensitive data is handled responsibly.
- Users are informed about how their data is processed
INHLTH complies with regulations such as the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA) (where applicable), and other local data protection laws.
2. Scope
This policy applies to:
- All personal and health-related data processed through INHLTH’s web and mobile applications.
All employees, contractors, partners, and third-party service providers who handle data on our behalf.
3. Types of Data Collected
We collect the following categories of data:
- Personal Identifiable Information (PII): Name, email, phone number, organization/hospital affiliation.
- Health-Related Information: Blood group, patient condition (if provided), transfusion needs, hospital records (where shared).
- Technical Data: Device ID, IP address, browser type, usage logs.
Transaction Data: Payment details and service usage history.
4. Data Principles
We uphold the following data protection principles:
- Lawfulness, Fairness & Transparency: Data is processed legally and users are informed.
- Purpose Limitation: Data is collected for specific, legitimate purposes only.
- Data Minimization: Only data necessary for operations is collected.
- Accuracy: Data is kept accurate and up-to-date.
- Storage Limitation: Data is retained only as long as needed.
Integrity & Confidentiality: Data is protected against unauthorized access, loss, or damage.
5. Legal Basis for Processing
We process data based on:
- User consent
- Performance of a contract (e.g., blood request fulfillment)
- Legal or regulatory obligations
Legitimate interests to improve user experience and prevent fraud
6. Data Storage & Security
We implement strong security measures to protect data:
- Encryption of data in transit and at rest
- Firewalls, secure access controls, and user authentication
- Role-based access for internal teams
Regular security audits and vulnerability assessments
7. Data Sharing
We may share data with:
- Authorized medical institutions (e.g., hospitals, blood banks) to fulfill user requests.
- Third-party service providers (e.g., payment gateways, analytics tools) under strict confidentiality agreements.
Regulatory bodies when legally required.
We do not sell or rent personal data to any third party.
8. User Rights
You have the right to:
Request correction or deletion of data
- Access your personal data
Withdraw consent at any time
File a complaint with a data protection authority
Request can be made via:
Email: support@inhlth.com
9. Data Breach Response
In the event of a data breach:
Affected users will be notified promptly (as required by law)
Incident will be documented and investigated
Corrective action will be taken to prevent future breaches
10. Policy Review and Updates
This policy is reviewed annually and updated as necessary. Users will be notified of significant changes via email or app notification.