1. Introduction:

MakeFit (LPFS MakeFit Health Pvt Ltd) is committed to protecting the privacy and security of your personal and health information. This Privacy Policy explains how we collect, use, store, share and protect your data. We comply with the Information Technology Act, 2000 and its rules (including the Reasonable Security Practices and Sensitive Personal Data Rules, 2011) as well as other applicable Indian laws. By using MakeFit, you consent to the data practices described here.

2. Information We Collect:

• Personal Information: When you register or consult, we collect identifiers such as your name, phone number, email address, address, age, and government ID if provided.
• Health Information: We collect medical data you voluntarily provide, including your health history, symptoms, diagnoses, prescriptions, blood reports, and any images or documents you upload during consultations. We may record your chat and call transcripts for your ongoing care.
• Usage Data: We collect technical details such as IP address, device information, browser type, and usage logs to improve our service. This information is generally non-identifiable and used in aggregate.

3. Data Storage and Security:

All user data is securely stored on Makefit's servers, which employ industry-standard security measures. Makefit maintains firewalls, intrusion detection, and 24/7 monitoring. They use encryption and secure hashing for databases and implement best practices (e.g. ISO 27001 certification, regular security audits) to protect stored information. We also use SSL/TLS encryption for data in transit. Our systems comply with reasonable security practices under the IT Act. However, no internet system is 100% secure, so please protect your account credentials and notify us immediately of any breach.

4. Data Access and Sharing:

• Authorized Access: Only your treating doctor(s) and MakeFit's authorized personnel (for support/administration) may access your medical records, and only with your consent. No one else at MakeFit or any outside party can view your health data without your permission.
• Third Parties: We do not sell or rent your personal information. We do not share your data with unaffiliated third parties for any purpose. We may disclose your information if required by law (e.g. court order or government request) or to enforce our Terms. If MakeFit is acquired, your data may be transferred to the new entity, subject to this policy.
• Privacy Commitment: We guarantee privacy and confidential record-keeping of your medical information. For example, DocGenie (a similar telemedicine platform) notes that its system “guarantees privacy and confidential record keeping” of consultations. MakeFit likewise ensures that your health records are kept strictly confidential.

5. Data Retention and Deletion:

We retain your health records and related data only as long as necessary to provide services, and in any event for no more than 60 days after each consultation. Upon your request, we will delete your data immediately; otherwise, we automatically delete all health and communication data 60 days after each session. We do not permanently store your medical reports or lab results beyond this period; any records we keep are solely for short-term review by your doctor and then erased. Aggregate, anonymized data may be retained for internal quality and research purposes only (with no personal identifiers).

6. Cookies and Tracking:

We may use cookies and similar technologies on our website/app to enable basic functionality and collect analytics. These cookies do not contain health information. You may disable cookies in your browser, but some features (like keeping you logged in) may not work properly.

7. Third-Party Services:

• Payment Gateway (Razorpay): We use Razorpay for processing all transactions. Razorpay collects your payment information (e.g. credit card or bank details) directly; MakeFit does not access or store complete payment credentials. You agree to Razorpay's handling of your payment data as governed by their Privacy Policy.
• Video Conferencing (Google Meet): Online consultations are conducted via Google Meet. Google Meet encrypts audio and video calls end-to-end and does not store your meeting content on its servers. (Any notes or recordings are only kept if you or your doctor explicitly saves them in your own records.) Data shared in the video call is protected under Google's security standards, but MakeFit has no control over Google's policies. Please refer to Google's Privacy Policy for details.

8. User Rights:

You have the following rights regarding your personal data:

• Access: You can request a copy of the personal data we hold about you (e.g. health records, account details).
• Correction: You may correct or update your information (such as contact details or medical history) by contacting us or through the app.
• Deletion: You may request deletion of your data at any time. Upon such request, we will remove your information as promptly as possible, subject to any legal obligations to retain certain data. (Our routine policy is to delete all non-essential data within 60 days after a consultation.)
• Consent Withdrawal: You may withdraw your consent to data processing (except where processing is required by law). For example, you can opt out of marketing communications at any time. Withdrawal of consent may affect our ability to provide services.

To exercise these rights, please contact our Data Privacy team at [privacy@makefit.in] or write to us at our registered address.

9. Data Security:

MakeFit takes the security of your data seriously. We implement technical and organizational measures (encryption, access controls, secure development practices) to protect against unauthorized access, alteration, or loss of data. For example, our hosting partner encrypts data at rest and requires multi-factor authentication on administrative access. We regularly back up data and update our systems to guard against threats.

10. Changes to the Privacy Policy:

We may update this Privacy Policy from time to time (for example, to reflect changes in laws or services). We will post revised policies on the MakeFit platform and notify you of significant changes (e.g. via emai or Platform alerts). Your continued use of MakeFit after any update constitutes acceptance of the new policy.

11. Governing Law:

This Privacy Policy is governed by Indian law. Any disputes relating to privacy or data protection shall be subject to the exclusive jurisdiction of the courts in New Delhi, India.

12. Contact:

For any questions or grievances regarding privacy, please contact our Grievance Officer:

• Email: grievances@makefit.in
• Address: LPFS MakeFit Health Pvt Ltd, Plot No 24, Second Floor Gtb Nagar , New Delhi 110000

MakeFit is committed to resolving any privacy concerns promptly in accordance with applicable law (including the IT Act, 2000 and future data protection regulations).