MyClinicPartner
Start free trial

Privacy Policy

We handle personal data and patient information with care. This policy explains what we collect, why, and the choices you have.

Last updated: 21 April 2026

1. Who we are

This website (myclinicpartner.com) and the MyClinicPartner software-as-a-service are operated by Vasanth Chandrasekar, trading as MyClinicPartner, with registered address at 18/153-A, Ramaiah Street, Ponmeni Main Road, Madurai, Tamil Nadu – 625016, India. For the purposes of the Digital Personal Data Protection Act, 2023 (DPDP Act), MyClinicPartner is a Data Fiduciary in respect of personal data of website visitors and clinic account holders, and a Data Processor (on behalf of our clinic customers) in respect of patient data entered into the Service.

2. Information we collect

a. Information you provide to us

  • Account information: name, clinic name, email address, phone number, password (stored in hashed form).
  • Billing information: billing address, invoicing details. Full card numbers and CVV are never stored by us; they are processed directly by our payment gateway partners.
  • Clinic operational data: appointments, inventory, invoices, staff users.
  • Patient data entered by you: patient name, age, sex, contact details, clinical notes, prescriptions, diagnoses, visit history. You enter this data as the Data Fiduciary for your patients; we process it on your instructions.
  • Support communications: emails and messages you send to us.

b. Information we collect automatically

  • IP address, device type, browser and operating system.
  • Pages viewed, actions performed in the Service, timestamps and diagnostic logs.
  • Cookies and similar technologies required for login sessions, security, and anonymised analytics.

3. How we use personal information

We use personal information only for the purposes listed below:

  • To create and manage your account and provide the Service.
  • To process payments and issue invoices.
  • To provide customer support and respond to your requests.
  • To send essential service communications (billing notices, security alerts, policy updates).
  • To send product updates or marketing emails — only where you have opted in, with an unsubscribe link in every message.
  • To detect, prevent and investigate fraud, abuse and security incidents.
  • To comply with legal obligations, enforce our terms and establish, exercise or defend legal claims.

4. Legal basis for processing

We process personal data on the following bases under the DPDP Act and other applicable law:

  • Your consent, when you sign up or opt in to communications.
  • Performance of our contract with you (providing the Service you subscribed to).
  • Compliance with legal obligations (tax records, responding to legal process).
  • Our legitimate interests in running, securing and improving the Service.

5. Sharing of information

We do not sell or rent personal information. We share it only with trusted service providers who help us run the Service, under written agreements that require them to protect the data and use it only on our instructions. These include:

  • Cloud hosting and database infrastructure providers.
  • Email delivery providers (for transactional and marketing emails).
  • SMS / WhatsApp providers (if you enable the messaging features).
  • Payment gateways, including PayU, for processing payments.
  • Analytics and error-monitoring tools (used in anonymised or pseudonymised form where possible).
  • Legal, tax and professional advisers, and government authorities where we are legally required to disclose.

6. Patient data (clinic customers)

Patient data entered by a clinic into the Service is processed by us strictly on the instructions of that clinic. Clinics are responsible for:

  • Obtaining lawful consent from patients before recording their data in the Service.
  • Managing access to patient data within their own staff accounts.
  • Responding to patient rights requests that relate to clinical records.

We provide technical and organisational safeguards (access controls, encryption in transit, audit logs) to protect patient data, and we do not use patient records for advertising or resale.

7. Data retention

Account data and clinic data are retained for as long as your subscription is active. If you cancel your account, we retain your data for up to 90 days to allow reactivation or data export, after which it is deleted or irreversibly anonymised, except where we are required by law to retain specific records (for example, tax invoices for the statutory retention period).

8. Security

We use industry-standard measures to protect personal data, including HTTPS encryption of data in transit, hashed passwords, role-based access controls, tenant-scoped data isolation, and access logs. No system can be made perfectly secure; if we become aware of a personal data breach that is likely to affect you, we will notify you and the Data Protection Board of India as required by law.

9. Your rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Ask us to correct or update inaccurate information.
  • Ask us to erase your personal data where there is no legal basis to retain it.
  • Withdraw consent where our processing is based on consent.
  • Nominate another individual to exercise your rights in the event of your death or incapacity.
  • Lodge a grievance with us (see section 11) or with the Data Protection Board of India.

To exercise these rights, email us at support@myclinicpartner.com. We will respond within the statutory timeframe (typically 30 days).

10. Cookies

We use a small number of cookies and similar technologies:

  • Essential cookies for login sessions and security. The Service does not work without them.
  • Analytics cookies (e.g. Vercel Analytics, Speed Insights) to understand usage patterns and improve performance. These are used in an anonymised or aggregated form.

You can control cookies through your browser settings.

11. Grievance officer

In accordance with the Information Technology Act, 2000 and the DPDP Act, 2023, any grievance about this policy or the processing of your personal data may be addressed to:

Grievance Officer: Vasanth Chandrasekar
Email: support@myclinicpartner.com
Address: 18/153-A, Ramaiah Street, Ponmeni Main Road, Madurai, Tamil Nadu – 625016, India

We will acknowledge grievances within 48 hours and resolve them within 30 days.

12. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be notified by email or through a notice on the website. Please review this page periodically.

13. Related policies