I.Preface
Roojh India Private Limited and its affiliates understand that your privacy is of utmost importance, and we care about safeguarding your personal information that has been entrusted with us.
This Privacy Policy sets out how your personal information is collected, handled, used, held, and shared on the Roojh platform and website. It also contains information about how you can access the information we hold.
II.Terms and Definitions
“Applicable Laws” shall mean all applicable laws, regulations and standards pertaining to privacy as required, including, but not limited to, the Aadhaar Act, 2016, the Information Technology Act, 2000, the Right to Information Act, 2005, and the Digital Personal Data Protection Act, 2023, and the rules and regulations made
“Anonymization” is the irreversible process of transforming or converting Personal Data to a form in which a Data Principal cannot be
“Biometric Information” means facial image, fingerprint scans, iris scans, or any other similar Personal Data resulting from measurements or technical processing operations carried out on physical, physiological, or behavioural characteristics of a Data Principal, which allow or confirm his/her unique
“Consent” means expressed informed consent, whether in written or electronic form, given by the Data Principal to the Health Facilities after understanding the nature, purpose and consequences of the Processing of his/her Personal
“Data Principal(s)” means the natural person to whom the Personal Data belongs.
“Data” means and includes a representation of information, facts, concepts, opinions, or instructions in a manner suitable for communication, interpretation, or processing by humans or by automated means.
“De-Identification” is the process of removing, obscuring, redacting or delinking all PII from the Personal Data in a manner that eliminates the risk of unintended disclosure of the identity of the Data Principal and if necessary, the Personal Data may be linked to the Data Principal
“Ecosystem Partner(s)” refers to (i) the Health Facilities which have been enrolled with the Roojh Connect; (ii) the service providers who executes a Master Services Agreement with Roojh; and (iii) the vendors who executes Vendor Agreement with Roojh.
“Electronic Health Records (EHRs)” is a longitudinal record of a particular Data Principal’s Personal Data across several Health Facilities and is maintained as a collection of links to the EHRs contain Personal Data from all Health Facilities involved in a Data Principal’s health care and all the Health Facilities involved in such Data Principal’s health care can access the EHRs to provide health care to that Data Principal. EHRs also share the Personal Data with other Health Facilities, subject to the Consent of the Data Principal.
“Electronic Medical Records (EMRs)” relating to an episode or a set of episodes relating to a Data Principal, is maintained at the Health Facility, and shall be used for diagnosis andEMRs enable Health Facilities to track Data over time, identify and monitor Data Principals for preventive visits and screenings, and improve health care quality.
“Health Data” means Data related to the state of physical or mental health of the Data Principal and includes records regarding the past, present or future state of the health of such Data Principal, Data collected in the course of registration for, or provision of health services, Data associating the Data Principal to the provision of specific health
“Health Facility(ies)” means (i) a hospital, outpatient clinic, nursing center, assisted or independent living community, long-term care facility or any other facility that is used or useful in the provision of healthcare or custodial care services; (ii) any healthcare business affiliated or associated with a facility defined in clause (i); or (iii) any business related or ancillary to the provision of healthcare services or the operation of such facility as defined in clause (i), including, but not limited to, pharmacy supply and services, contract therapy services, as well as hospice and home care
“Health Information Provider (HIP)” is an entity which acts as a provider by generating, storing and distributing Personal Data of Data Principals in the EHRs.
Health Information User (HIU)” is an entity which accesses the Health Data from HIPs, in order to enable Health Facilities to provide health care services to whom the Personal Data
“Health Locker Provider (HLP)” is an entity which offers software services to Health Facilities for long-term storage of Personal Data of Data
“Personal Data” means the Data or information that relates to a Data Principal, which, either directly or indirectly, in combination with other Data or information available or likely to be available or likely to be available with a body corporate, is capable of identifying such Data Principal, and includes Health Data and Sensitive Personal
“Personal Health Records (PHRs)” contain the same type of Data as EHRs regarding a Data Principal, but are designed to be set up, accessed, and managed by the Data Principal himself/herself. The Data Principal can use PHRs to maintain and manage his/her Personal
“Personally Identifiable Information (PII)” is the Data that could potentially identify a specific Data Principal, and can be used to distinguish one Data Principal from another and for de- Anonymizing anonymous Data.
“Personnel” means all officers, employees (permanent and temporary), staff and other individuals employed or engaged by Roojh or by the service providers and other Third Parties supporting the Roojh Connect.
“Privacy Policy” refers to this privacy policy adopted and implemented by Roojh in relation to the Roojh Connect and any revisions made to it, from time to time.
“Processing” is the operation performed on Personal Data, whether or not by automated means, including collecting, using, recording, holding, accessing, storing,
“Profiling” means any form of Processing of Personal Data that analyses or predicts aspects concerning the behaviour, attributes or interests of a Data
“Pseudonymization” is a Data management and De-Identification procedure by which PII fields within a Personal Data are replaced by one (1) or more artificial identifiers, or pseudonyms.
“Roojh Connect” shall mean the process by which Roojh connects with any of the following Health Facilities:
Teleconsultation;
Doctors or medical practitioners;
Hospitals or healthcare providers;
Pharmacies;
Medical laboratories;
Insurance companies and service providers;
Micro-service financial institutions; and
Any other person/entity providing health or healthcare-related
25.“Roojh” refers to Roojh India Private Limited, a company incorporated under the Companies Act, 2013 and having its registered office at House No. 953, Sector 12/A, Panchkula, Haryana – 134 109, India, which will determine the purpose and means of Processing the Personal Data under the Roojh Connect.
26.“Sensitive Personal Data” means such Personal Data as may be prescribed by the Central Government in consultation with such professional bodies or associations as it may deem fit, relating but not limited to:
Passwords
Financial information, such as bank accounts, credit cards or debit cards, or other payment instrument
Physical, physiological and mental health conditions.
Sexual orientation
Medical records and history.
Biometric Information.
Provided that, any Data or information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force, shall not be regarded as Sensitive Personal Data for these purposes.
27.“Third Party(ies)” means any person or entity other than the Data Principal, Roojh, their Personnel, or the Health Facilities or other person authorized on their behalf to Process Data for Roojh.
28.“Unique Health ID (UHID)” is a unique identifier for each Data Principal that serves as a key to his/her Health Data.
III.Purpose
Roojh is committed to the protection of the Data Principal’s privacy and will take all reasonable steps to protect his/her Personal Data.
This Privacy Policy outlines how Roojh and its Personnel will Process Personal Data, in compliance with the Applicable Laws. This Privacy Policy shall not be interpreted or construed as giving any individual rights greater than those which such Data Principals would be entitled to under Applicable Laws and other binding agreements.
IV.Applicability
This Privacy Policy applies to all Roojh and all its Personnel, Ecosystem Partners, or any entity involved in the Processing of Personal Data of the Data Principals in the Roojh Connect. The applicability of the Privacy Policy is as follows:
All individuals, teams, entities or partners who Process Personal Data of the Data Principals as part of the Roojh Connect.
All methods of contact, including in person, written, internet, direct mail, telephone, or facsimile, or in any other form or manner.
V.Objectives
Roojh, under Roojh Connect, provides an environment for hosting, sharing and accessing EHRs to its Ecosystem Partners, subject to Applicable Laws. Roojh, as delegated by its Ecosystem Partners, may act:
as a HIP, which will enable Ecosystem Partners to create and generate EHRs of the Data Principals, which can be accessed by Health Facilities.
as a HIU, which will enable Ecosystem Partners to retrieve EHRs of the Data Principals, which have been generated by Health Facilities.
as a HLP, which will provide long-term storage services of Personal Data of the Data Principals to the Ecosystem Partners.
VI.Mechanisms for Collection of Personal Data
The following mechanisms are adopted for collection of Personal Data in the course of the implementation of the Roojh Connect:
Directly, where the Data Principal is aware: Where the Data Principal voluntarily provides his/her Personal Data to the Ecosystem Partners for the purpose of Processing and hosting.
Indirectly, where the Data Principal may not be aware: Where the Personal Data is collected by the Ecosystem Partners for the purpose of Processing and hosting, without the Data Principal being aware of such collection from various sources central or state databases.
VII.Types of Personal Data Collected
The Personal Data collected by the Ecosystem Partners and Processed by Roojh may include, but is not limited to, the following:
Identity:
1.1. Name;
2.1. Name of family members, relatives or legal guardians.
3.1. Date of birth;
4.1. Gender;
5.1. Residential address;
6.1. Mobile number; and
7.1. Email address.
Proof of address:
1.1. Aadhaar card;
2.1. Ration card;
3.1. Driving license;
4.1. Voter ID;
5.1. Birth certificate;
6.1. Passport;
7.1. PAN card; or
8.1. Any other valid government-issued photo ID (to be specified by the state).
3.Proof of relationship:
1.1. Health information;
2.1. Insurance number;
3.1. Medical records/ Health Data;
4.1. EMR;
5.1. EHR;
6.1. PHR; or
7.1. UHID.
4.Financial details:
1.1. Bank account number;
2.1. Account holder name;
3.1. Name of the bank; and
4.1. IFSC of the bank.
VIII.Privacy Policy Statements
Governance
Roojh shall be responsible for ensuring the compliance of this Privacy Policy in relation to the Personal Data under its control and shall appoint a Data Privacy Officer (“DPO”).
The DPO shall be responsible for representing Roojh in respect of the Roojh Connect and for reviewing its compliance with respect to Data protection under this Privacy Policy and Applicable Laws, during the day-to-day operations involving Processing of Personal Data.
Accountability
Roojh shall be accountable for complying with measures which give effect to the privacy principles while Processing the Personal Data. This includes the protection and responsible handling of Personal Data, maintaining confidentiality, integrity, and availability. In addition, the Data Principals shall, at all times, be provided with control and decision-making power over the manner in which their Personal Data is collected and further Processed.
Openness
Roojh shall make readily available, to its Personnel and Ecosystem Partners, specific information about its policies and practices relating to the management of Personal Data. All necessary steps shall be taken to implement such policies and practices in a manner proportional to the scale, scope, and sensitivity to the Personal Data being Processes, to ensure compliance with privacy principles, information regarding which shall be made in an intelligible form, using clear and plain language, and available to all individuals.
Privacy notice
Roojh shall make available the following privacy notices within the Roojh Connect for the Processing of the Data Principal’s Personal Data (“Privacy Notices”).
As a HIU, Data Privacy Notice accessible at [];
As a HIP, Data Privacy Notice accessible at []; and
As a HLP, Data Privacy Notice accessible at [].
The Privacy Notices shall notify that Personal Data may be transferred to Roojh’s Personnel for the purpose of Processing the Personal Data, consistent with the identified purposes of collection and/or other purposes authorized by law.
Privacy by design
Roojh shall establish a process to proactively embed privacy as the default state of all products, technologies and services under the Roojh Connect. The “Privacy by Design” principle shall ensure that privacy is considered at the initial planning/design stages and throughout the complete development process of the Roojh Connect, as well as for the Processing of Personal Data of the Data Principals.
Considerations shall be given for technical and organizational measures to enhance privacy (e.g. Pseudonymization, Anonymization, Data minimization, etc.). In addition, appropriate technical and organizational measures shall be considered to ensure that Personal Data Processed is minimal, relevant and limited to what is necessary in relation to the purposes for which it is collected.
Choice and Consent
Roojh shall intimate, in its Data Privacy Notices, the mandatory and non-mandatory information to be provided by the Data Principal, prior to the collection of his/her Personal Data.
The Consent of the Data Principals shall be obtained by the Ecosystem Partners, and an undertaking to this effect shall be given by the Ecosystem Partners to Roojh prior to the Processing of Personal Data by Roojh.
In the following circumstances, Personal Data may be Processed without the knowledge and Consent of the Data Principal.
Children: The parent or legal guardian can give Consent on behalf a child below the age of eighteen (18) years, provided a valid proof of relationship, proof of identity and proof of age of the Data Principal is submitted.
Data Principals who are seriously ill or mentally incapacitated: In the case of Data Principals who are seriously ill or mentally incapacitated, any member of the family or legal guardian can give Consent, based on proof of relationship along with a proof of medical condition of the Data
Duties of the Ecosystem Partners
The Ecosystem Partners shall:
Be compliant with this Privacy Policy and Applicable Laws;
Ensure that Consent is obtained by it for each and every Personal Data of the Data Principal prior to disclosing his/her Personal Data to Roojh;
Be advised to adopt government policies, procedures, frameworks, in relation to the Processing of Personal Data, for enabling Roojh to access the Personal Data of the Data Principals in a compliant manner;
Not retain the Aadhaar numbers or any document or database containing Aadhaar numbers for longer than is necessary for the purpose specified to the Aadhaar number holder at the time of obtaining Consent;
Implement a Consent manager in order to ensure that the Data Principal, is in complete control of what Personal Data is Processed, and how/with whom it is shared and for what purpose, and how it is Processed; and
Use reasonable efforts to limit the use and disclosure of the Data Principals’ Personal Data to the minimum necessary to accomplish his/her medical and health care.
Rights of the Data Principals
The Data Principals shall have the right to:
Request access to copies of his/her Personal Data;
Request information on the Processing activities carried out with his/her Personal Data;
Request that his/her Personal Data is rectified, if it is inaccurate or incomplete;
Request erasure of his/her Personal Data in certain circumstances, as specified by Roojh;
Request that the Processing of his/her Personal Data is restricted in certain circumstances;
Object to Processing of his/her Personal Data in certain circumstances;
Lodge a complaint with the DPO of Roojh in case of any requests or objections to the Processing of his/her Personal Data;
Object to, and not to be subject to a decision based solely on, automated Processing (including Profiling), which produces legal effects or significant effects on the Data Principal; and
Withdraw Consent for Processing of his/her Personal
On a request raised by the Data Principals, Roojh shall:
Notify the Data Principal of the cost incurred, if any, in fulfilling such requests;
Not impose any restriction on the method and channel of raising requests;
Not restrict such request based on any characteristics, including language, disability status, technological knowledge, etc of the Data Principal;
Regularly review the process to ensure all requests are addressed in a timely manner and in compliance with the Applicable Laws;
Oversee the fulfilling of the requests and provide a legal justification in writing (physically or electronically) in case of denial of such requests; and
Maintain records of the requests irrespective of their fulfilling
In case of the death of the Data Principal, his/her legal heir or representative may have access to his/her Personal Data, only upon the application of such legal heir or representative in such form and manner as may be specified by the National Electronic Health Authority of India. Provided that no access shall be given to the legal heir or representative if such access was expressly barred by the Data Principal. Provided further that in case of death of the Data Principal, Roojh, shall use the Personal Data only in Anonymized form.
Limitation of collection, use and disclosure of Personal Data
Roojh shall only collect Personal Data as is necessary for the purposes identified for such collection. Personal Data Processed by Roojh shall be adequate and relevant to the purposesfor which it is collected. If there is a change of purpose, the same shall be notified to the Data Principal by the Ecosystem Partners.
Roojh shall make reasonable efforts to use, disclose, and request only the minimum amount of the Data Principal’s Personal Data needed to accomplish the intended purpose of the use and disclosure.
In case of the following purposes, Roojh shall use only De-Identified or Anonymized Data of the Data Principal:
To improve public health activities and facilitate early identification and rapid response to public health threats and emergencies, including bio-terror events and infectious disease outbreaks;
To facilitate health and clinical research and health care quality;
To promote early detection, prevention, and management of chronic diseases;
To carry out public health research and development, review and analysis, and policy formulation;
To undertake academic research and other related purposes; and
For ancillary purposes relating to any of the
Roojh shall ensure:
Appropriate due diligence covering Data privacy and security is carried out prior to onboarding any Ecosystem
Contracts signed with the Ecosystem Partners place adequate security and privacy obligations as well as clear instructions around how Personal Data shall be
A list of liability conditions and other privacy-related conditions in the contracts are created and
Compliance of the Ecosystem Partners to this Privacy Policy and other existing policies and practices of Roojh, is reviewed and monitored
Aadhaar information is not used for any purpose, other than that specified to the Data Principal at the time of submitting the information for authentication, and shall not be disclosed further, except with the prior Consent of the Data Principal to whom such information relates.
Security safeguards
Roojh shall secure Personal Data they have either Processed, or have in their custody, by reasonable security safeguards against reasonably foreseeable risks. Roojh shall implement appropriate technical and organizational safeguards, in line with industry standards to ensure the security of Personal Data, including the prevention of its alteration, loss, damage, unauthorized Processing or access, having regard to the state of the art, the nature of the Data, and the risks to which they are exposed by virtue of human action or the physical or natural environment.
Roojh and all its Personnel forming part of the Roojh Connect shall establish and ensure compliance with its existing policies, procedures and guidelines.
Confidentiality agreements and NDAs covering Data protection and privacy responsibilities shall be signed by all Personnel forming part of the Roojh Connect on or before his/her onboarding. Confidentiality agreements shall be reviewed and/or updated/renewed on a periodic basis. The Personnel in any stage of Processing of Personal Data shall explicitly be made subject to a requirement of secrecy which shall continue for a specified period even after the end of the contractual relationship.
Personnel forming part of the Roojh Connect shall have access only to the Personal Data necessary for the fulfilment of his/her duties based on a “need-to-know” basis.
Secure Processing
Roojh shall not Process Personal Data in the absence of a valid business and legal basis compliant to Applicable Laws.
Personal Data, whether identifiable or Anonymized, shall not be accessed, used or disclosed to any person for a commercial purpose and in no circumstances be accessed, used or disclosed to insurance companies, employers, human resource consultants and pharmaceutical companies, or any other entity as may be specified by the Central Government. Biometric Information of the Data Principal shall not be stored or shared with anyone for any reason whatsoever or used for any purpose other than for authentication of such Data Principal.
Roojh and the Personnel handling Personal Data of the Data Principals shall develop, maintain and update records to document the Processing activities undertaken by it, which shall be reviewed and updated periodically (at minimum semi-annually) or in the event of any significant changes to the Processing activities.
Those documented records shall cover the following:
Details of the Personnel;
Purposes of the Processing of Personal Data;
Description of the categories of Data Principals;
Description of the categories of Personal Data;
Categories of the Third Parties to whom the Personal Data is disclosed or transferred; and
Geographies of the Third Parties.
Audit trail.
Periodic reviews or audits shall be conducted to verify and ensure that Roojh and its Personnel Process Personal Data appropriately in compliance with this Privacy Policy and the Privacy Notices.
A strict audit trail shall be maintained of all activities involving the Processing of the Data Principal’s Personal Data, at all times, and may be reviewed by an appropriate authority as deemed necessary.
Data breach or incident management
Incident report mechanism:
Roojh shall formulate and implement an incident and breach management mechanism to ensure that exceptions in Data privacy compliance are promptly
All Personnel shall be made aware of the mechanism of raising alerts and notifications on Data privacy and security incidents.
Data breach:
The DPO shall work closely with the incident response team, and Roojh to investigate potential Data privacy and Data breach incidents and track to closure.
Roojh shall maintain an inventory of such incidents and shall record the lessons
Roojh shall ensure that timely notification of breaches is provided to the Data Principals. Roojh shall notify the time limits within which incidents of different levels of severity shall be
Documented procedures shall be maintained to identify, track, review and investigate incidents to identify potential Data breaches. As applicable, Roojh shall take actions to notify the Data Principals and its Personnel.
For any privacy breach, following a breach of unsecured protected health information or unauthorized disclosure of the Data Principals’ Personal Data, Roojh shall provide notification of the breach to CERT-IN, to the Data Principals, and in certain circumstances, to the media. In addition, its Personnel must notify that a breach has occurred.
Data retention and disposal
Roojh shall ensure that:
Personal Data is not retained longer than required for the purpose it was Processed for, after considering the regulatory requirements.
Personal Data is blocked and restricted, rather than erased, insofar as the law prohibits erasure, if erasure would impair legitimate interests of the Data Principal, or if the Data Principal disputes that the Personal Data is correct, and it cannot be ascertained whether it is correct or incorrect.
Personal Data is erased if its storage violates any of the Data protection principles or if knowledge of the Data is no longer required by Roojh or for the benefit of the Data
Where erasure is not possible without disproportionate effort due to the specific type of storage, overwriting, Anonymization or other methods of removal of Personal Data is
Disposal of Personal Data is handled with utmost care and is governed by Roojh’s existing
Where Third Parties are disposing of Personal Data on behalf of Roojh, a certificate of the disposal is sent to Roojh within seven (7) days of such disposal.
Training and awareness
Training and awareness materials and programs around Data protection and privacy shall be developed and conducted on a periodic basis (at minimum annually) for all Personnel involved in the Roojh Connect. Roojh shall also develop role-based trainings for its Personnel considering their individual roles and nature of Processing. Training attendance records shall be maintained for documentation and audit purpose.
IX.Grievances and Compliant Redressal
Roojh shall maintain procedures for addressing and responding to all inquiries or complaints from the Data Principals about the handling of his/her Personal Data. Roojh shall inform the Data Principals about the existence of these procedures as well as the availability of complaint procedures.
Roojh and all Personnel accountable for compliance with this Privacy Policy may seek external advice where appropriate before providing a final response to individual complaints.
The Data Principals with inquiries or complaints about the Processing of his/her Personal Data shall first report the matter to the DPO in writing. Roojh shall implement formalized procedures to track and address any inquiries and complaints received from the Data Principals in a timely manner.
If an issue is not resolved through consultation with Roojh, or through other mechanisms under existing agreements, union agreements, or statutory procedures, the Data Principal may, at its option, seek redress through mediation, binding arbitration, litigation, or complaint to the Ministry of Health & Family Welfare with jurisdiction.
This Privacy Policy shall be governed by the laws of India and shall be subject to the exclusive jurisdiction of the courts at Haryana. Any dispute arising out of this Privacy Policy shall be settled through mediation before a mutually appointed mediator within thirty (30) days from such dispute. If the dispute is not settled within the prescribed timeline, it shall be settled through arbitration in accordance with the Arbitration and Conciliation Act, 1996. The arbitration shall be conducted by a sole arbitrator to be appointed by Roojh and the respective Data Principal. The arbitration proceedings shall take place at Haryana, India and shall be conducted in English.
X.Compliance
The DPO shall ensure adherence to this Privacy Policy and shall be responsible for appropriate remedial action. Roojh, its Personnel and Ecosystem Partners who are covered by this Privacy Policy must comply with it, and where requested, demonstrate such compliance. Failure to comply with this Privacy Policy may result in disciplinary action, which may include termination of services or engagement. This is without prejudice to the action that can be initiated under Applicable Laws.
XI.Policy Governance and Rights
Roojh shall be responsible for compliance with Applicable Laws.
This Privacy Policy shall be revised at least once in a year. This Privacy Policy and any significant revisions shall be provided to all the Ecosystem Partners, Personnel and Third Parties involved in the Roojh Connect.
Any rights in and to this Privacy Policy shall be solely and exclusively vested with Roojh and is proprietary to Roojh. No part of this Privacy Policy may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without written permission from Roojh.