EIVF Platform - Book IVF Lab Services

Last updated: October 14, 2025

Legal Compliance Statement: This Privacy Policy complies with the Digital Personal Data Protection Act, 2023, Information Technology (SPDI) Rules, 2011, and incorporates GDPR principles for international users.

1. Introduction and Data Controller

EIVF Platform Private Limited ("we," "us," or "our") is committed to protecting your privacy and personal data. As a healthcare technology platform handling sensitive personal data or information (SPDI), we adhere to the highest standards of data protection.

Data Controller Details:

Company: EIVF Platform Private Limited
Registration: [CIN Number]
Address: [Registered Office Address]
Data Protection Officer: dpo@eivfplatform.com

2. Personal Data We Collect

2.1 Sensitive Personal Data or Information (SPDI)

Special Category Data: Under Indian data protection laws, the following is classified as SPDI and requires explicit consent:

Health Information: Medical history, fertility treatment details, diagnostic reports
Biometric Data: Digital health records, medical imaging (with consent)
Financial Information: Payment details, insurance information
Physical/Mental Health: Treatment preferences, medication history

2.2 Personal Information

Identity Information: Name, age, gender, photograph
Contact Information: Phone number, email address, postal address
Identity Verification: Aadhaar, PAN, passport details (as required)
Technical Information: IP address, device information, browser details
Usage Data: Platform interaction, search queries, preferences

2.3 Data Collection Methods

Direct Collection: Account registration, forms, appointments
Automatic Collection: Cookies, analytics, technical logs
Third-Party Sources: Healthcare providers (with consent)
Public Sources: Verification through authorized databases

3. Legal Basis and Purpose of Processing

3.1 Primary Purposes (with Explicit Consent)

Healthcare Services: Facilitating medical appointments and treatments
Account Management: User registration, authentication, profile management
Communication: Appointment reminders, medical updates, support
Payment Processing: Secure transaction processing and billing
Care Coordination: Sharing data with healthcare providers for treatment

3.2 Secondary Purposes (Optional Consent)

Service Improvement: Analytics for platform enhancement (anonymized)
Research: Medical research with anonymized data (opt-in)
Marketing: Relevant healthcare information (opt-in)
Quality Assurance: Service quality monitoring and feedback

3.3 Legal Obligations

Regulatory Compliance: Healthcare and data protection regulations
Legal Proceedings: Court orders, law enforcement requests
Safety and Security: Fraud prevention, platform security
Audit Requirements: Financial and operational audits

Consent Management: You can modify your consent preferences at any time through your account settings or by contacting our Data Protection Officer.

Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties, except in the following circumstances:

With healthcare providers to facilitate your appointments
With service providers who assist in operating our platform
When required by law or to protect our rights
With your explicit consent

Data Security

We implement appropriate security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes encryption of sensitive data and secure data transmission protocols.

4. Your Data Protection Rights

4.1 Rights Under DPDP Act, 2023

Right to Information

Know what data we collect and how we use it

Right to Access

Request copies of your personal data

Right to Correction

Update or correct inaccurate information

Right to Erasure

Request deletion of your data (subject to legal requirements)

4.2 Additional Rights

Data Portability: Receive your data in machine-readable format
Consent Withdrawal: Withdraw consent for optional processing
Grievance Redressal: File complaints regarding data misuse
Nomination: Nominate a person to exercise rights on your behalf

4.3 How to Exercise Your Rights

Online: Through your account settings dashboard
Email: dpo@eivfplatform.com with identity verification
Phone: +91-11-XXXX-XXXX during business hours
Response Time: Within 30 days of verified request

5. Data Security and Protection Measures

5.1 Technical Safeguards

Encryption: AES-256 encryption for data at rest and TLS 1.3 for data in transit
Access Controls: Multi-factor authentication and role-based access
Network Security: Firewalls, intrusion detection, and DDoS protection
Data Backup: Encrypted, geographically distributed backups
Vulnerability Management: Regular security assessments and patching

5.2 Organizational Measures

Staff Training: Regular data protection and security training
Background Verification: Comprehensive employee screening
Access Monitoring: 24/7 monitoring of data access and usage
Incident Response: Dedicated security incident response team
Third-Party Audits: Regular independent security audits

5.3 Compliance Certifications

Security Standards: ISO 27001, SOC 2 Type II compliance
Healthcare Standards: HIPAA-equivalent security measures
Indian Compliance: CERT-In guidelines and IT Act requirements

Cookies and Tracking

We use cookies and similar technologies to improve your browsing experience, analyze site traffic, and personalize content. You can control cookie settings through your browser preferences.

Contact Us

If you have questions about this Privacy Policy or how we handle your information, please contact us at:

Email: privacy@eivfplatform.com
Phone: 1-800-EIVF-LAB
Address: 123 Healthcare Drive, Medical District, New York, NY 10001

This Privacy Policy may be updated from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date above.