• Home
  • Privacy Policy

Effective Date: [21/08/2025]

Entity Name: Ivy Health and Life Sciences Private Limited

Ivy Health and Life Sciences Private Limited (hereinafter referred to as "Livasa", "we", "our", or "us") is the owner, author, and operator of the internet resource www.livasahospitals.com, as well as all associated digital interfaces, including but not limited to mobile applications, patient portals, online booking platforms, teleconsultation systems, and any other online services made available under the Livasa brand (collectively referred to as the "Services").

This Privacy Policy outlines Livasa's practices regarding the collection, usage, storage, processing, disclosure, and protection of personal information and sensitive personal data or information of individuals who access or use the Services, whether as patients, visitors, vendors, or users (hereinafter referred to as "you", "your", or "User(s)").

This Policy is designed in accordance with applicable Indian laws and regulations, including the provisions of:

  • The Information Technology Act, 2000,
  • The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011,
  • The Information Technology (Intermediaries Guidelines and Digital Media Ethics Code) Rules, 2021,

as well as other laws relating to privacy, medical confidentiality, and data protection, as may be amended from time to time.

By accessing, browsing, interacting with, or using any part of our Services, or by voluntarily submitting your personal data or information via our website, applications, forms, or any communication channel, you hereby acknowledge that you have read, understood, and agreed to be legally bound by the terms of this Privacy Policy.

If you do not agree with the terms set out herein, we advise you to discontinue the use of our Services immediately.

Continued access or usage shall be deemed to constitute valid and binding consent to our data practices described herein.

1. APPLICABILITY & LEGAL BASIS

This Privacy Policy is published and made available in compliance with the following applicable laws and regulations in India:

1. Section 43A of the Information Technology Act, 2000
Mandates that body corporates handling sensitive personal data implement reasonable security practices and procedures and provides for liability in cases of negligence resulting in wrongful loss or gain.

2. Rule 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
Governs the collection, storage, handling, processing, and disclosure of personal information and sensitive personal data or information (SPDI), including obligations to obtain consent, provide notice, and ensure data protection measures.

3. Rule 3(1) of the Information Technology (Intermediaries Guidelines and Digital Media Ethics Code) Rules, 2021 (earlier 2011 Guidelines)
Requires intermediaries and digital service providers to publish privacy policies, terms of use, and user rules, and to ensure that users are informed of the type of information collected and its usage.

2. INFORMATION WE COLLECT

When you access, interact with, or use our Services, Livasa may collect, store, and process personal information and Sensitive Personal Data or Information (SPDI) as defined under applicable Indian laws.

The categories of data we may collect include, but are not limited to:

1. Basic Identification and Contact Details

Full name, age, gender, date of birth, address, contact number, and email ID.

2. Medical and Health-Related Information

Medical history, current and past diagnoses, prescriptions, clinical notes, laboratory and diagnostic reports, imaging results, medication history, and any other health data voluntarily submitted by you for consultations, appointments, or treatment.

3. Technical and Device Information

Device type, browser type, IP address, location data, unique device identifiers, and cookie or tracking information to improve website functionality and user experience.

4. Financial and Insurance Information

Payment details (such as card or UPI information processed via secure gateways), billing address, and insurance-related information, collected only when necessary for online transactions or claim processing.

5. Communications and User-Generated Content

Feedback, reviews, complaints, inquiries, or any information voluntarily submitted via forms, emails, calls, chats, or surveys.

Sensitive Personal Data or Information (SPDI) includes:

  • Medical and health records;
  • Biometric information (if any);
  • Financial details such as bank accounts, cards, or payment credentials;
  • Any other information classified as SPDI under the Information Technology Act, 2000 and SPDI Rules, 2011.

By accessing and using our Services, submitting any personal data, or availing any online functionality, you expressly provide your informed consent to Livasa for the collection, storage, and lawful processing of such information in accordance with this Privacy Policy.

3. PURPOSE OF DATA COLLECTION

We use your personal data for the following purposes:

  • To schedule appointments, consultations, diagnostic services, or health check-ups;
  • To process payments and deliver reports or updates;
  • To respond to your queries and communicate health-related information;
  • To conduct internal audits, patient feedback surveys, and service quality assessments;
  • To comply with applicable laws, judicial orders, or regulatory requirements.

4. DATA SHARING & DISCLOSURE

We do not sell, trade, or rent your personal data to any third parties for marketing or commercial purposes. However, in the course of delivering healthcare and administrative services, your information may be disclosed strictly on a need-to-know basis to the following categories of recipients:

1. Authorized Medical and Administrative Personnel

Doctors, nurses, and authorized hospital staff directly involved in your diagnosis, treatment, follow-up, or hospital administration.

2. External Service Providers

Third-party service providers engaged by Livasa to support our operations, including but not limited to:

  • Diagnostic laboratories and imaging centers;
  • Payment processors and payment gateway service providers;
  • IT infrastructure and software support vendors;
  • Communication partners for appointment reminders, reports, or notifications.

All such providers are contractually bound by confidentiality and data protection obligations.

3. Regulatory and Legal Authorities

Government bodies, regulatory agencies, law enforcement officials, courts, or tribunals, when disclosure is required by law, regulation, judicial order, or to comply with statutory reporting obligations.

4. Corporate or Legal Transactions

In the event of a merger, acquisition, restructuring, or transfer of business assets, user data may be transferred to the new entity, subject to the same privacy safeguards.

5. DATA STORAGE, SECURITY & RETENTION

Livasa places the highest importance on safeguarding your personal and sensitive information. Your data is maintained in both electronic and physical formats using industry-standard security practices and is protected against unauthorized access, misuse, alteration, or disclosure.

The security measures implemented by us include, but are not limited to:

  • Encryption Protocols: Data is encrypted during storage and transmission using secure technologies (e.g., SSL/TLS) to prevent interception.
  • Access Controls: Role-based access is enforced to ensure that only authorized personnel can view or handle personal information.
  • Network Security: Firewalls, intrusion detection systems, and anti-malware protections are deployed to secure IT infrastructure.
  • Periodic Audits & Monitoring: Regular system audits, penetration testing, and monitoring of access logs are conducted to identify and prevent vulnerabilities.
  • Physical Security: Patient files, diagnostic records, and physical documents (where applicable) are stored in secure areas with restricted access.

Data Retention

We retain your personal and sensitive information only for as long as necessary to:

  • Deliver healthcare services,
  • Fulfil regulatory, legal, or contractual obligations, or
  • Comply with statutory requirements relating to medical record retention.

Once the retention period has lapsed or the data is no longer required, we may:

  • Securely delete or destroy such data, or
  • Anonymize and aggregate it so that it can no longer identify you personally, but may be used for internal research, statistical analysis, and quality improvement purposes.

Important Note: While we implement stringent security safeguards, no system or method of electronic storage or transmission over the internet can be guaranteed to be 100% secure. Accordingly, while we strive to protect your data, Livasa cannot warrant absolute security beyond reasonable industry standards.

6. COOKIES AND TRACKING TECHNOLOGIES

Our website and associated digital platforms use cookies and similar tracking technologies to improve functionality, enhance user experience, and gather insights for performance and analytics. Cookies are small data files placed on your device or browser that allow us to recognize repeat visits, track usage behaviour, and tailor content or services to your preferences.

The types of cookies and tracking tools we may use include:

1. Essential / Session Cookies

  • Temporary cookies that enable navigation, authentication, and secure access to certain features.
  • These expire automatically once you close your browser.

2. Analytics / Performance Cookies

  • Used to monitor website traffic, measure performance, identify technical issues, and analyze how visitors interact with our Services.
  • Helps us improve usability and optimize the overall user experience.

3. Functional Cookies

  • Store your preferences (such as language selection or form entries) to provide a more personalized browsing experience.

4. Third-Party / Advertising Cookies (if applicable)

  • May be placed by authorized third parties to deliver relevant advertisements, enable remarketing campaigns, or integrate external services such as social media features or embedded content.
  • These cookies do not collect personal health data and are governed by the privacy policies of the respective third-party providers.

Your Choices and Control

  • You can manage or disable cookies at any time through your browser or device settings.
  • Please note that disabling or blocking certain cookies may limit functionality, restrict access to some features, or reduce the overall performance of the Services.

Important Note: By continuing to use our website without disabling cookies, you consent to our use of cookies and similar technologies in accordance with this Privacy Policy.

7. USER RIGHTS

Livasa is committed to ensuring that you retain control over your personal information. In accordance with applicable laws, you have the following rights with respect to your personal and sensitive personal data:

1. Right of Access

You may request confirmation regarding whether we hold your personal information and, if so, obtain a copy of such data along with details of how it is being processed.

2. Right to Rectification

You may request correction, completion, or updating of inaccurate, incomplete, or outdated personal information maintained by us.

3. Right to Deletion ("Right to be Forgotten")

You may request deletion or erasure of your personal data where:

  • The data is no longer necessary for the purposes for which it was collected;
  • You withdraw consent (where processing is based on consent); or
  • Processing is unlawful.

However, deletion requests are subject to medical record retention laws and other legal or regulatory obligations.

4. Right to Withdraw Consent

Where processing is based on your consent (e.g., marketing communications), you may withdraw such consent at any time without affecting the lawfulness of prior processing.

5. Right to Data Portability

Subject to applicable laws and technical feasibility, you may request transfer of your personal data to another service provider in a structured, commonly used, and machine-readable format.

6. Right to Restrict or Object to Processing

You may object to or request restrictions on the processing of your personal data in certain circumstances, such as for direct marketing purposes.

How to Exercise Your Rights:

To exercise any of the above rights, please submit a written request to our Privacy Officer at the contact details provided under Section 11 of this Policy. We may require you to verify your identity before fulfilling such requests, in order to prevent unauthorized access or misuse.

Note: Requests will be addressed in accordance with applicable legal timelines and may be denied or limited where permitted under Indian law, especially in cases involving medical record retention, regulatory compliance, or the protection of third-party rights.

8. CHILDREN'S AND MINORS' PRIVACY

At Livasa, we recognize the importance of protecting the privacy of minors. In compliance with applicable laws:

1. Age Limitation

Our Services are not intended for individuals below 18 years of age, unless such access or use is expressly supervised and consented to by a parent or legal guardian.

2. Parental / Guardian Consent

We do not knowingly collect, process, or store personal or sensitive personal data of minors without verifiable parental or guardian consent.

If you are a parent or guardian and believe that your child has provided personal information to us without your consent, please contact us immediately using the details provided in Section 11.

3. Supervision Encouraged

Parents and guardians are strongly encouraged to monitor and guide their children's use of our website, mobile applications, and any online health-related services.

4. Deletion of Minor Data

If we become aware that we have inadvertently collected personal data from a minor without proper consent, we will take immediate steps to delete or anonymize such data from our records, except where retention is legally required for healthcare or compliance purposes.

9. EXTERNAL WEBSITES & THIRD-PARTY LINKS

Our website and digital platforms may, from time to time, contain links to external websites, applications, or online platforms operated by third parties. These links are provided solely for user convenience or informational purposes.

1. No Control Over Third Parties

Livasa does not own, operate, or control such third-party websites or services and, therefore, assumes no responsibility or liability for:

  • The privacy practices followed by such third parties;
  • The accuracy, relevance, or completeness of the information they publish;
  • The safety, security, or integrity of data collected or processed by them.

2. Independent Policies

When you access third-party links, you are subject to the terms, conditions, and privacy policies of the respective external websites. We strongly recommend that you carefully review their privacy and security practices before providing any personal or sensitive information.

3. Disclaimer of Liability

Livasa shall not be held responsible for any loss, damage, or consequences arising out of your use of third-party links, including unauthorized use or disclosure of your personal data by such external platforms.

10. CHANGES TO THIS POLICY

Livasa reserves the right to revise, amend, or update this Privacy Policy from time to time to reflect:

  • Changes in applicable laws, regulations, or governmental requirements;
  • Updates in our internal policies, processes, or technologies;
  • Enhancements in our Services, including introduction of new features, applications, or digital platforms;
  • Evolving industry standards or best practices in data protection and information security.

1. Notification of Changes

Any material changes to this Privacy Policy will be communicated by updating the policy on this page and revising the "Effective Date" mentioned at the top.

Where legally required, we may also notify you by email, SMS, or prominent notices on our website or mobile applications.

2. User Responsibility

You are encouraged to periodically review this Privacy Policy to remain informed of how we are protecting your information.

3. Deemed Consent

Your continued access to or use of the Services after such modifications shall be deemed as your acceptance and consent to the updated terms of the Privacy Policy.

11. CONTACT US

For any questions, concerns, or grievances regarding your personal information, this Privacy Policy, or our data protection practices, you may contact our designated officer below:

Privacy Officer/ Grievance Officer
Livasa
📧 Email: cs@livasahospitals.in
📞 Phone: 8078880788
🏥 Address: Administration Block, Livasa Hospital, Sector –71, SAS Nagar Mohali, Punjab, India