Privacy Policy

 “We,” “Us,” and “Our” refer to MuthuMeenakshi Hospitals (MMH). We are committed to safeguarding the privacy and security of your personal and health data. This Privacy Policy outlines how we collect, use, process, store, and protect your personal information in compliance with applicable Indian laws, including:

  • The Digital Personal Data Protection Act, 2023 (DPDPA),
  • The Information Technology Act, 2000 – Section 43A, and
  • The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011.

This policy applies to all personal information collected and processed during the course of providing our services, both online (via https://www.muthumeenakshihospitals.com) and offline. The terms “You” or “Your” refer to patients, caregivers, or visitors, and “We,” “Us,” and “Our” refer to MuthuMeenakshi Hospitals. MuthuMeenakshi Hospitals acts as a “Data Fiduciary” under the Digital Personal Data Protection Act, 2023.

1. Scope and Applicability

This Privacy Policy applies to:

    • Personal information collected when you visit MMH, access our services, or interact with us through our website.
    • Data shared during consultations, registrations, appointment bookings, health package enrolments, or career applications.
    • Data collected through digital marketing and minimal cookie-based analytics tools.

2. Personal Information We Collect

We may collect the following categories of personal information:

    • Identity Information: Name, gender, date of birth, and contact details.
    • Health Information: Medical history, diagnostic details, prescriptions, and treatment records, where applicable.
    • Financial Information: Billing details, transaction amount, and limited payment-related information collected when you make payments through our website. MMH does not store debit/credit card numbers, UPI credentials, CVV, PIN, or net banking passwords.
    • Website and Technical Data: IP address, device information, browser type, and usage patterns collected through cookies/analytics.
    • Voluntary Information: Data shared by you during appointment booking, package booking, feedback, or career applications.

3. Legal Basis for Processing

We process your personal information in compliance with:

    • DPDPA 2023 – processing personal data only for lawful purposes and in accordance with consent and statutory obligations.
    • IT Act 2000, Section 43A – maintaining reasonable security practices.
    • 2011 Rules – processing sensitive personal data (including medical information) strictly with consent and appropriate safeguards.

4. Purpose of Data Collection

Your personal information may be used for: 

    • Delivering healthcare services, including diagnosis, treatment, and related care.
    • Facilitating appointment booking, health package enrolments, and hospital administration.
    • Legal and regulatory compliance, including record maintenance.
    • Improving patient care and hospital operations through internal analysis.
    • Communicating appointment confirmations, reminders, health updates, or service-related notifications via SMS, WhatsApp, email, or other digital modes.
    • Digital marketing, limited to the extent permitted by law.

5. Consent

By accessing our services or providing your personal information, you consent to:

    • The collection, storage, and processing of your data as per this policy.
    • Use of your data for healthcare and administrative purposes. 
    • Receiving communications from MMH regarding appointments, services, or updates.
    • You acknowledge that payment transactions made through the website are subject to the terms and privacy practices of the respective payment gateway provider.
    • In case of personal data relating to minors, consent shall be obtained from the parent or lawful guardian in accordance with applicable law.

You may withdraw consent at any time (see Clause 8).

6. Data Sharing

We do not sell or rent your personal data. Information may be shared only:

    • With healthcare professionals within MMH for patient care.
    • With service providers under confidentiality obligations (e.g., diagnostic or support services).
    • When required by law, regulation, or court order.
    • For digital marketing or analytics, only aggregated and anonymized data may be used.

Currently, all data is stored within India. If cross-border transfers are required in the future, such transfers will comply with the provisions of DPDPA and applicable regulations.

7. Online Payment Processing

MMH provides online payment facilities through a secure third-party payment gateway, PayU India. When you make a payment through our website, certain information such as your name, contact details, billing information, and transaction amount may be shared with the payment gateway solely for the purpose of processing the transaction.

Payment credentials including card numbers, CVV, UPI PIN, or net banking passwords are processed directly by the payment gateway and are not stored on MMH servers.

MMH shall not be liable for any loss or damage arising directly from payment gateway system errors, banking network failures, or technical issues beyond its reasonable control.

8. Data Security

We have adopted reasonable security practices, including:

    • Encryption of sensitive personal data during storage and transmission.
    • Role-based access controls to restrict access to authorized personnel.
    • Regular monitoring, audits, and vulnerability assessments.
    • Secure backups and disaster recovery protocols.
    • Online payment transactions are processed over secure encrypted connections (SSL) to ensure data confidentiality and integrity.

While we strive to protect your data, no system is completely secure. You are advised to protect your credentials and promptly report any suspicious activity.

9. Your Rights

You have the right to:

  • Access your personal data.
  • Correction of inaccuracies in your records.
  • Erasure of your personal data, subject to regulatory obligations.
  • Data Portability – request a copy of your data in structured format. 
  • Withdrawal of Consent and the right to grievance redressal in accordance with the Digital Personal Data Protection Act, 2023.

10. Data Retention

    • Medical Records: Retained as per Indian medical record-keeping laws.
    • Administrative and Financial Data: Retained for statutory compliance and audit purposes.
    • After the retention period, data will be securely deleted or anonymized.

11. Cookies and Analytics

Our website uses cookies and minimal analytics tools to:

    • Enhance user experience and functionality.
    • Monitor usage patterns for service improvements.
    • Support lawful digital marketing activities.

You may disable cookies in your browser; however, some features may not function properly.

12. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be available on our website. In case of significant changes, we will notify users through appropriate channels.

13. Contact and Grievance Redressal

In accordance with Rule 5(9) of the IT Rules, 2011 and applicable provisions of DPDPA. For questions, complaints, or to exercise your rights under this policy, please contact:

Chief Executive Officer (Grievance Officer)

MuthuMeenakshi Hospitals (MMH) No.5542, South 4th Street, Pudukkottai – 622001, Tamil Nadu, India

Email: info@muthumeenakshihospitals.com

All grievances will be acknowledged within 48 hours and resolved within 7–10 working days from the date of receipt.