Privacy Policy

Last updated: January 15, 2026

At Swasth Care ("we," "our," or "us"), we prioritize the privacy and security of your personal and medical information. This Privacy Policy outlines how we collect, use, disclosure, and safeguard your data when you visit our website (www.swasthcare.in) and engage with our patient facilitation services.

Our Zero-Sale Promise

We strictly DO NOT sell, trade, rent, or lease your personal or medical data to any third-party marketing agencies, data brokers, or unauthorized entities. Your data is used exclusively for facilitating your treatment journey.

1. Information We Collect

1.1. Personal & Medical Information

We collect information that you voluntarily provide to us via Contact Forms, WhatsApp, Email, or phone consultations. This specifically includes:

  • Identity Data: Name, age, gender.
  • Contact Data: Email address, phone number, location/city.
  • Health Data (Sensitive): Medical history, photographs of hair/skin conditions, previous treatments, and medication history.

1.2. Automated Technology (WordPress & Analytics)

Our website is built on WordPress. When you access our Platform, we and our third-party service providers collect certain technical data automatically to ensure site performance and security:

  • Google Analytics: We use this to understand website traffic patterns. Data is anonymized and does not personally identify you.
  • Microsoft Clarity: We use heatmaps to improve user experience. Sensitive text input fields are masked by default to prevent data capture.
  • Cloudflare Insights: Used for security, DDoS protection, and ensuring our CDN delivers content efficiently.
  • Server Logs: IP addresses and browser types may be logged for security auditing and fraud prevention.

2. How We Use Your Information

Your data is processed for the following specific purposes:

  • To provide free consultations and assess your eligibility for hair or skin treatments.
  • To connect you with verified Partner Clinics relevant to your specific needs.
  • To send you appointment confirmations, treatment guides, and post-care instructions.
  • To improve our website functionality and patient support services.
  • To comply with legal obligations and prevent fraudulent activity.

3. Compliance & Standards (HIPAA / GDPR)

While Swasth Care operates as a patient facilitator and aggregator, and may not strictly fall under the definition of a "Covered Entity" in all jurisdictions, we voluntarily adhere to the highest global standards of data privacy:

  • HIPAA Alignment: We handle all medical data with the encryption and access controls required by the Health Insurance Portability and Accountability Act.
  • GDPR Compliance: We respect your right to be forgotten, right to access, and right to consent.
  • SOC Type II: Our hosting infrastructure and data centers are SOC Type II compliant, ensuring rigorous physical and digital security.
  • SSL Encryption: Our entire website is secured via 256-bit SSL encryption to protect data in transit.

4. Information Sharing & Disclosure

4.1. Sharing with Partner Clinics

To facilitate your treatment, we must share your name, contact details, and relevant medical history/photos with the specific Partner Clinic or Specialist you choose to consult with.

Important Disclaimer

Clinic Privacy Policies: While Swasth Care ensures 100% confidentiality of your data while it is in our possession, once your data is transferred to a Partner Clinic for treatment purposes, it becomes subject to that Clinic's own privacy policy and data retention practices. Swasth Care is not responsible for the data security practices of Partner Clinics, though we vet them for general professionalism.

4.2. Third-Party Service Providers

We may share non-medical data with trusted service providers who assist us in operating our website (e.g., email hosting, server management). These parties are contractually obligated to keep your information confidential.

5. Data Security

We implement robust security measures:

  • Data at Rest: All sensitive patient data is stored in secure, encrypted databases.
  • Access Control: Only authorized Swasth Care patient coordinators have access to your medical inquiries.
  • Regular Audits: We perform regular malware scanning and security audits on our WordPress infrastructure.

6. Your Data Rights

You retain full ownership of your data. You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request corrections to any inaccurate data.
  • Deletion ("Right to be Forgotten"): Request that we permanently delete your data from our systems, subject to any legal retention requirements.
  • Withdraw Consent: Revoke your consent for us to contact you at any time.

To exercise any of these rights, please email our Data Protection Officer at [email protected].

7. Cookies & Tracking

We use cookies to enhance site navigation and analyze usage. You can control cookie preferences through your browser settings. Blocking cookies may impact your experience of the Platform but will not prevent you from contacting us directly.

8. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently received personal information from a minor, we will delete such information from our records.

9. Changes to this Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. The updated date at the top of this page will indicate when the latest changes were made.

10. Contact Us

If you have any questions regarding this Privacy Policy or our data practices, please contact us: