Privacy Policy of Gomeds 24/7

1. DEFINITIONS

"Personal Data" means any information that relates to an identified or identifiable natural person, including but not limited to name, contact number, email ID, residential address, gender, date of birth, health records, prescription data, diagnostic records, payment data, and other similar information.

1.2 "Sensitive Personal Data or Information" shall have the meaning ascribed under the IT Rules and includes password, financial information (such as bank account or card details), physical or mental health condition, medical records and history, biometric information, and any detail relating to the above as provided to or received by AEON HEALTHCARE for processing.

1.3 "Processing" means any operation or set of operations performed on Personal Data, whether or not by automated means, such as collection, recording, organization, storage, adaptation, retrieval, consultation, use, disclosure by transmission, dissemination, or erasure.

2. TYPES OF INFORMATION COLLECTED

2.1 Information You Provide Voluntarily

• Full name, mobile number, email address, gender, date of birth, and address;
• Details uploaded by you including medical prescriptions, diagnostic orders, lab tests, etc.;
• Payment information including credit/debit card details, UPI ID, and billing address;
• KYC information if required under applicable law for purchase of Schedule H/H1/X drugs;
• Any correspondence or feedback submitted to customer service.

2.2 Information Collected Automatically

• IP address, device type, unique device identifiers, operating system, browser type, network information, time zone, and location data;
• Logs and usage data, including your interactions with the Platform;
• Cookies, web beacons, SDKs, and similar tracking technologies.

2.3 Health & Medical Information

• Uploaded prescriptions analyzed only by licensed pharmacists;
• Orders placed for medicines, lab tests, and health packages;
• Diagnostic health data, patient preparation, and clinical information.

3. LEGAL BASIS FOR PROCESSING

We process your Personal Data on the following legal bases:

• Consent: Where you have expressly provided your informed and unambiguous consent;
• Contractual Necessity: Where processing is necessary to perform a contract with you;
• Legal Obligation: Where we are required under applicable laws to process your information;
• Legitimate Interests: For internal operations, fraud prevention, analytics, customer service, and improvement of our services.

4. USE OF INFORMATION

We use your information for the following purposes:

• To authenticate and register your account on the Platform;
• To facilitate ordering, delivery, and pickup of medicines, lab tests, or healthcare services;
• To analyze and interpret uploaded prescriptions by our licensed pharmacists whose decision shall be considered valid and final;
• To share relevant information with partner pharmacies and diagnostic labs to fulfill your orders;
• To process payments and manage billing and invoicing;
• To enable customer support, grievance redressal, and transactional communication;
• To conduct analytics, improve services, enhance user experience, and develop new features;
• To comply with applicable legal obligations and enforce our legal rights.

5. DISCLOSURE AND SHARING OF INFORMATION

5.1 With Partner Pharmacies and Diagnostic Labs:

We may share your name, contact details, delivery address, order information, and uploaded prescriptions with multiple registered and verified pharmacy partners and diagnostic laboratories in order to fulfill, dispatch, deliver, or arrange pickup for your selected services.

5.2 With Service Providers:

We may disclose your Personal Data to third-party vendors providing services such as cloud storage, payment gateways, customer service, delivery agents, analytics, advertising, and IT support.

5.3 With Government Authorities:

We may disclose your information to governmental, regulatory, or judicial authorities if required by applicable law or legal process, or in connection with detecting and preventing fraud or other illegal activity.

5.4 With Affiliates and Group Entities:

We may share Personal Data within our group of companies, affiliates, or business associates for legitimate business purposes.

5.5 Business Transfers:

In the event of a merger, acquisition, reorganization, or sale of assets, your data may be transferred as part of that transaction.

6. DATA STORAGE AND RETENTION

6.1 All Personal Data is securely stored on cloud servers (including AWS) located in India or abroad.

6.2 We retain prescription data, health data, transaction records, and account information for as long as necessary to fulfil the purposes outlined in this Policy, which in our business model is indefinite, unless deletion is requested by you or required by applicable law.

6.3 This retention approach ensures that customers can access historical prescriptions, health records, and transaction details at any time for their convenience and continuity of care.

7. SECURITY PRACTICES AND PROCEDURES

We implement appropriate technical and organizational security measures, including:

• Data encryption in transit and at rest;
• Role-based access controls and multi-factor authentication;
• Regular vulnerability assessments and penetration testing;
• Internal data handling policies and breach response protocols.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use industry best practices, we cannot guarantee absolute security.

8. YOUR RIGHTS

Subject to applicable laws, you may exercise the following rights:

• Right to access and review your data;
• Right to rectification of incorrect or outdated data;
• Right to data portability;
• Right to withdraw consent (note: withdrawal will not affect prior lawful processing);
• Right to request erasure, subject to legal obligations.

You may exercise these rights by writing to us at : help@gomeds247.com

9. THIRD-PARTY LINKS AND SERVICES

The Platform may contain links to third-party websites or services, including payment gateways, diagnostic partners, or health portals. We are not responsible for the privacy practices or content of such third parties. We encourage you to review their privacy policies separately.

10. CHILDREN’S PRIVACY

We do not knowingly collect or solicit Personal Data from individuals under the age of 18 years. If we discover that we have collected such data without verifiable parental consent, we will delete the information at the earliest.

11. CROSS-BORDER DATA TRANSFERS

Your data may be transferred to and stored in servers located in jurisdictions outside India. In such cases, we ensure that appropriate safeguards and contractual clauses are in place to protect your data in accordance with Indian laws.

12. GRIEVANCE REDRESSAL MECHANISM

In accordance with Rule 5(9) of the IT Rules, the name and contact details of the designated Grievance Officer are as follows:

Name: Deep Hariyani

Designation: C.E.O

Email: d.hariyani@gomeds247.com

Contact Number: 7575848500

Address: ‘GIRIRAJ’ 162/A,Opp. Panna Terrace Flats,Beside Swara Blossom Falts,Atabhai Chowk,Bhavnagar, Gujarat, 364002.

The Grievance Officer shall redress the grievances within the timelines prescribed under applicable laws.

13. GOVERNING LAW AND JURISDICTION

his Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising out of or in relation to this Policy shall be subject to the exclusive jurisdiction of the courts situated at [Insert Jurisdiction, e.g., Ahmedabad, Gujarat].

14. CONTACT US