Privacy Policy
1. Personal Data Collector
Your personal data processing is handled by:
Company Name: Cordia® Healthcare Private Limited
CVR Number: 42700673
Email: kv@vcareit.dk
2. Introduction
This Privacy Policy explains how Cordia® collects, uses, and protects personal data in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable laws.
3. Information We Collect
3.1 Personal Data
To provide the Services to you, we process personal and other types of data you give us upon registration, such as:
3.2 Health Data
Cordia® is a platform for managing chronic disease management designed to monitor and record your various measurements and symptoms. This may include data about your blood pressure, blood sugar, HbA1c, symptoms, and other health-related information that you may have logged into the 'App' as well as your health goals. Furthermore, we also collect your health data from Apple Health data and Google Health Fit, but only with your permission, which you can withdraw at any moment.
3.3 Usage Data
Usage data is collected automatically when using our Service. Usage Data may include, but is not limited to, information such as your mobile operating system, the type of mobile device you are using, its unique identity (ID), its IP address, and your location, unless you deactivate location services in the relevant section of the app, and other diagnostic data.
4. Purpose of Data Collection
We collect and process your data for the following purposes:
4.1 To Provide and Maintain the Services
By using the data we collect, we can provide the Services to you and maintain our contractual obligations as outlined in our Terms of Service. For example, we require your data to provide you with a comprehensive overview of your health, including all recorded measurements and symptoms, an insight into your progress, notifications about your personalized care plan and upcoming appointments, and relevant documents that may be crucial for your healthcare providers.
In addition, we use your data to connect you with your healthcare providers, allowing easy communication with them through our Services, ensuring support for your care plan, and enabling your healthcare providers to stay updated on your health when you record your measurements or symptoms. We also use your data to connect you with family members and caregivers who may provide assistance as necessary to adhere to your care plan.
We may also use your data for other purposes, such as AI and machine learning, and data analysis to review, test, evaluate, and improve the Services and your experience with our product.
4.2 To Contact You
We use your data as necessary to communicate relevant Service notifications according to your care plan and established goals as well as respond to your questions when you contact us. For example, we may send reminders for activities specified in your care plan. By modifying your notification selections in your account settings, you can control communications and the majority of Service notifications.
4.3 To Retain Data
We retain your account information as long as your account is active to ensure its proper functioning. For certain features, like using your contact list to find friends, we delete that data once the feature's purpose is completed.
We retain other data, for instance, your activity data, which is stored until you delete your account. This data helps provide a comprehensive overview of your health, including all recorded measurements and symptoms, an insight into your progress, and other aspects of the Services.
All the data provided by you will be stored in the Amazon cloud. We generally store and process your data as long as you have an active account. Data processing stops when you delete your account or request changes. We conduct periodic reviews, typically after five years of inactivity, to ensure data is not stored longer than necessary. This allows you to return to using your account if needed.
5. Data Sharing and Disclosure
The security of the personal data of our users is always a top priority. We may share your personal information as described below, but we never sell this information.
5.1 Healthcare Providers and Support Network
Please note that by using our Services, you have accepted that we may share your personal data with doctors, caregivers, and family members to monitor and provide necessary support throughout your care plan.
5.2 Third-Party Service Providers
We collaborate with various partners, including service providers and affiliates, to enhance your experience. These partners assist us in areas such as customer support, technology, payments, marketing, and data analysis. Your personal data may be disclosed to these third parties who perform services for Cordia® based on our instructions and in accordance with this Privacy Policy to ensure the security and confidentiality of your data during all processes. Your privacy is important to us, and we take measures to protect your information in every aspect of our operations.
5.3 Business Transfers
In the course of our business operations, we may engage in asset transactions, such as buying or selling assets. It is important to note that customer information, including personal data, is often considered a valuable business asset and may be transferred as a business asset in the event of asset transactions, company acquisition, bankruptcy, or business closure. We will take steps to protect your privacy in accordance with the applicable laws.
5.4 Law Enforcement
Under particular circumstances, the Company may need to reveal your personal data in response to legal obligations or valid requests from public authorities, such as a court or government agency.
6. User Rights
Under the DPDP Act, 2023, you have the right to:
To exercise these rights, contact us at kv@vcareit.dk.
Users of our services have the right to access the personal data we have on them. You can check the accuracy of your data and make any necessary adjustments. Please follow these instructions to make any modifications:
Open the Cordia® application on your device.
This guide will assist you in accessing and updating your personal data within our application. If you have any questions or require further assistance, please don't hesitate to contact your contact person.
7. Data Retention and Security Practices
We retain your personal data for as long as necessary to provide our services or as required by law. Upon your request or account termination, your data will be deleted or anonymized.
We are committed to protecting your data. In order to achieve that, we use a variety of measures that include technical, administrative, and physical protections. This includes the use of Transport Layer Security ("TLS") to encrypt various aspects of our Services. We also use AWS Cognito-provided (HIPAA Compliance) JWT tokens for authentication, and our RBAC modules ensure role-based access to data and operations. Additionally, we encrypt all the data at rest using AWS KMS services.
It is important to note that, in spite of our best efforts, no method of transmitting or storing data is completely secure from security threats.
While we make every attempt to protect your data, we cannot give 100% assurance of its security. Do not hesitate to contact our Customer Support employees if you have any questions about security.
8. Third-Party Links and Services
Our app may link to external websites or services. We are not responsible for the privacy practices of these third parties.
9. Children's Privacy
Our Service is not intended for individuals under the age of 18, and we do not knowingly collect personally identifiable information from anyone in this group. If you are a parent or guardian and become aware that your child has provided us with their personal data, please get in touch with us. We will take immediate action to delete any personal data from our servers if we learn that we accidentally collected it from a person under the age of 18 without verifiable parental consent.
In the event that a healthcare professional recommends our Service for a child's specific medical needs, and if the child is under the age of 18, we may request and require parental consent before allowing their use of our Services in accordance with the applicable laws and regulations. Your child's safety and privacy are important to us.
Furthermore, in cases where we need to rely on consent as a legal basis for processing your information, and if your country's regulations require parental consent, we may also request and require the consent of your parent or guardian before processing the collection and use of that information. Your privacy and compliance with relevant laws and regulations are of utmost importance to us.
10. Updates to the Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated to users through the app. Any modifications to this privacy statement take effect when they are published on this page.
11. Grievance Redressal Mechanism
If you have any complaints or concerns regarding your data, please contact our Grievance Officer:
Grievance Officer: Aman Jha
Contact: aj@vcareit.dk
12. Contact Information
For questions about this policy, please contact: kv@vcareit.dk.
Data Protection Agreement
1. Introduction
This Data Protection Agreement ("Agreement") is entered into by and between ("Patient") and vCare to outline the terms and conditions governing the protection and processing of the Patient's personal health information.
2. Definitions
In this Agreement, "Patient's Personal Health Information" refers to any information or data provided by the Patient to the Provider through the medical app, including but not limited to medical history, test results, and treatment records.
"Provider's Services"refers to the medical app provided by the Provider to the Patient for managing health-related information and services.
3. Scope
This Agreement applies to all personal health information provided by the Patient to the Provider through the use of the Provider's Services.
4. Data Protection Obligations of the Provider
4.1 The Provider agrees to implement appropriate technical and organizational measures to ensure the security and confidentiality of the Patient's Personal Health Information.
4.2 The Provider shall comply with all applicable data protection laws and regulations, including but not limited to [Specify Relevant Laws or Regulations].
4.3 In the event of a data breach involving the Patient's Personal Health Information, the Provider shall promptly notify the Patient and take appropriate remedial actions.
5. Patient Rights
5.1 The Patient has the right to access, rectify, and delete the Personal Health Information held by the Provider.
5.2 The Provider shall provide mechanisms for the Patient to exercise their rights under this Agreement.
6. Data Processing Activities
6.1 The Provider shall only process the Patient's Personal Health Information for the purposes specified in this Agreement and with the Patient's explicit consent.
6.2 The Provider may disclose the Patient's Personal Health Information to third parties only with the Patient's consent or as required by law.
7. Data Retention and Deletion
7.1 The Provider shall retain the Patient's Personal Health Information only for as long as necessary to fulfill the purposes outlined in this Agreement.
7.2 Upon the Patient's request, the Provider shall securely delete or anonymize the Patient's Personal Health Information.
8. Confidentiality
Both parties agree to keep confidential all information exchanged under this Agreement, including but not limited to the Patient's Personal Health Information and any other proprietary or sensitive information.
9. Security Measures
The Provider shall implement appropriate technical and organizational measures to protect the Patient's Personal Health Information from unauthorized access, disclosure, alteration, or destruction.
10. Compliance with Laws and Regulations
The Provider shall comply with all applicable laws and regulations related to data protection and privacy in the provision of the Services.
11. Dispute Resolution
Any disputes arising out of or in connection with this Agreement shall be resolved through [Specify Dispute Resolution Mechanism], as detailed in the governing law section below.
12. Term and Termination
This Agreement shall remain in effect until terminated by either party in accordance with its terms. Either party may terminate this Agreement upon [Specify Termination Conditions] by providing written notice to the other party.
13. Governing Law and Jurisdiction
This Agreement shall be governed by and construed in accordance with the laws of [Specify Governing Jurisdiction]. Any disputes arising under or in connection with this Agreement shall be subject to the exclusive jurisdiction of the courts of [Specify Jurisdiction].
14. Miscellaneous Provisions
The right to withdraw consent.
If you choose to withdraw your consent, it does not affect the lawfulness of our processing of the personal data that we have started processing up to the time of the withdrawal. If you withdraw your consent, it therefore only takes effect in the future from this point.
Contact Details
CVR: 42187194
Copyright © Alle rettigheder forbeholdes
