Privacy Policy

At Manal Healthcare ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal and medical information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our medical tourism services and website.

1. Information We Collect

1.1 Personal Information

We collect personal information that you voluntarily provide to us, including:

• Identity Information: Full name, date of birth, gender, passport number, nationality
• Contact Information: Email address, phone number, mailing address, emergency contact details
• Financial Information: Payment card details, bank account information (for payments)
• Travel Information: Passport details, visa information, travel dates, flight details

1.2 Medical Information

To facilitate your medical care, we collect:

• Medical history and current medical conditions
• Diagnostic test results and imaging studies
• Treatment plans and medical reports
• Medications and allergies
• Insurance information
• Previous surgical history
• Family medical history (when relevant)

1.3 Information Collected Automatically

When you visit our website, we automatically collect:

• IP address and device information
• Browser type and version
• Pages visited and time spent on pages
• Referring website addresses
• Geographic location data
• Cookies and similar tracking technologies

2. How We Use Your Information

2.1 Primary Purposes

We use your information to:

• Facilitate Medical Care: Coordinate your treatment with hospitals and doctors
• Arrange Services: Book appointments, arrange travel, secure accommodation
• Communication: Respond to inquiries, provide updates, share medical information
• Process Payments: Handle financial transactions securely
• Visa Assistance: Help with medical visa applications
• Follow-up Care: Coordinate post-treatment support and monitoring

2.2 Secondary Purposes

With your consent, we may use your information to:

• Send marketing communications about our services
• Conduct satisfaction surveys and quality improvement studies
• Provide educational content about medical procedures
• Share anonymized success stories (with explicit permission only)

2.3 Legal Obligations

We may use your information to:

• Comply with applicable laws and regulations
• Respond to legal requests and prevent fraud
• Protect our rights and the safety of our users
• Enforce our terms and conditions

3. How We Share Your Information

3.1 Medical Service Providers

We share your medical information with hospitals, doctors, and healthcare professionals involved in your care. This sharing is essential for providing medical services and occurs under strict confidentiality agreements.

3.2 Service Providers

We may share information with third-party service providers who assist us, including:

• Travel agencies for flight and accommodation bookings
• Visa processing services
• Payment processors for financial transactions
• Cloud storage providers for secure data storage
• Communication platforms for video consultations

All service providers are contractually obligated to maintain confidentiality and security.

3.3 Legal Requirements

We may disclose your information when required by law or when we believe disclosure is necessary to:

• Comply with legal obligations or court orders
• Protect our rights, property, or safety
• Prevent fraud or security threats
• Respond to government requests

3.4 With Your Consent

We will never share your information for marketing purposes or with third parties not involved in your care without your explicit consent.

4. Data Security

4.1 Security Measures

We implement robust security measures to protect your information:

• Encryption: All data transmission uses SSL/TLS encryption
• Access Controls: Strict access limitations based on role and need
• Secure Storage: Data stored on encrypted, secure servers
• Regular Audits: Security assessments and vulnerability testing
• Employee Training: Staff trained on data protection and confidentiality
• Physical Security: Secure facilities with controlled access

4.2 Data Retention

We retain your information for as long as necessary to:

• Provide services and support
• Comply with legal and medical recordkeeping requirements
• Resolve disputes and enforce agreements

Medical records are typically retained for 7-10 years or as required by applicable law. You may request deletion of your personal information, subject to legal and medical requirements.

5. Your Rights and Choices

5.1 Access and Correction

You have the right to:

• Access your personal and medical information
• Request corrections to inaccurate information
• Obtain copies of your medical records
• Receive information in portable format

5.2 Consent Withdrawal

You may withdraw consent for:

• Marketing communications (unsubscribe anytime)
• Non-essential data processing
• Sharing of information beyond what's required for care

Note: Withdrawal of consent may limit our ability to provide services, and some data processing is necessary for legal obligations.

5.3 Data Deletion

You may request deletion of your personal information, subject to legal and medical recordkeeping requirements. We will respond to deletion requests within 30 days.

5.4 Objection and Restriction

You have the right to:

• Object to certain data processing activities
• Request restriction of processing in specific circumstances
• Lodge complaints with data protection authorities

6. International Data Transfers

As a medical tourism facilitator, we may transfer your information internationally to provide services. When we transfer data across borders, we ensure appropriate safeguards are in place:

• Standard contractual clauses approved by regulatory authorities
• Data transfer agreements with adequate protection measures
• Compliance with applicable international data protection laws
• Verification that recipient countries have adequate protection standards

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

• Essential Cookies: Necessary for website functionality
• Analytics Cookies: Help us understand website usage
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used for targeted advertising (with consent)

7.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may limit website functionality.

8. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children. When we provide services to minors, we obtain consent from parents or legal guardians and maintain strict confidentiality of all medical information.

9. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any information.

10. HIPAA Compliance

While Manal Healthcare is not a covered entity under the U.S. Health Insurance Portability and Accountability Act (HIPAA), we adhere to HIPAA standards for protecting health information when serving U.S. patients:

• Maintaining confidentiality of protected health information
• Implementing appropriate safeguards
• Limiting use and disclosure of health information
• Ensuring business associates maintain privacy standards

11. GDPR Compliance

For patients from the European Union, we comply with the General Data Protection Regulation (GDPR):

• Lawful basis for processing personal data
• Transparent privacy notices
• Rights to access, rectification, and erasure
• Data portability and restriction of processing
• Data breach notifications within 72 hours
• Privacy by design and by default

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notifications for significant changes
• Obtaining renewed consent when required by law

Continued use of our services after changes indicates acceptance of the updated policy.

13. Data Protection Officer

We have appointed a Data Protection Officer (DPO) responsible for overseeing data protection strategy and implementation. You may contact the DPO with questions or concerns about data protection:

Email: privacy@manalhealthcare.com
Phone: +91-XXX-XXX-XXXX
Mail: Data Protection Officer, Manal Healthcare, [Address]

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

15. Your Consent

By using our services, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. For medical information specifically, we obtain explicit consent before collecting and sharing your health data.